Cisco Identity Services Engine Authenticated Remote Code Execution and Root Privilege Escalation (CVE-2026-20181 / CVE-2026-20190)

cope: Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), All Versions Prior to Fixed Releases

Severity: Red

Read More

Contest Gallery WordPress Plugin Authenticated Privilege Escalation to Administrator (CVE-2026-12165)

Scope: Contest Gallery WordPress Plugin Versions 0 through 30.0.2

Severity: High

Read More

Dell AIOps Collector Hard-Coded Default Credentials Allow Unauthorized Filesystem Access (CVE-2026-32652)

Scope: Dell AIOps Collector Versions Prior to 1.18.3 (Fresh Installations Only)

Severity: High

Read More

Microsoft 365 Copilot "SearchLeak" One-Click Data Exfiltration via Prompt Injection Now Patched (CVE-2026-42824)

Scope: Microsoft 365 Copilot Enterprise Search (All Tenants, Now Patched Server-Side)

Severity: High

Read More

LiteSpeed cPanel Plugin Symlink Escalation to Root Under Active Exploitation (CVE-2026-54420)

Scope: LiteSpeed cPanel Plugin Prior to Version 2.4.8 (Bundled in LiteSpeed WHM Plugin Prior to 5.3.2.0) on CloudLinux/CageFS Shared Hosting

Severity: High

Read More

Cisco Catalyst SD-WAN Manager Arbitrary File Write to Root Escalation Under Active Exploitation (CVE-2026-20262)

Scope: Cisco Catalyst SD-WAN Manager (On-Premises, Cloud-Pro, Cisco Managed Cloud, and FedRAMP Deployments)

Severity: Red

Read More