Advisories 17 June 2026

Microsoft 365 Copilot "SearchLeak" One-Click Data Exfiltration via Prompt Injection Now Patched (CVE-2026-42824)

Scope: Microsoft 365 Copilot Enterprise Search (All Tenants, Now Patched Server-Side)

Advisories 17 June 2026
LiteSpeed cPanel Plugin Symlink Escalation to Root Under Active Exploitation (CVE-2026-54420)

Scope: LiteSpeed cPanel Plugin Prior to Version 2.4.8 (Bundled in LiteSpeed WHM Plugin Prior to 5.3.

Advisories 17 June 2026
Cisco Catalyst SD-WAN Manager Arbitrary File Write to Root Escalation Under Active Exploitation (CVE-2026-20262)

Scope: Cisco Catalyst SD-WAN Manager (On-Premises, Cloud-Pro, Cisco Managed Cloud, and FedRAMP Deplo

Advisories 12 June 2026
Fortinet FortiCloud SSO Authentication Bypass Actively Exploited Against FortiGate Firewalls (CVE-2026-24858)

Scope: FortiOS, FortiManager, FortiAnalyzer, FortiWeb, FortiProxy, FortiSwitch Manager (FortiCloud S

Advisories 12 June 2026
Windows HTTP.sys Integer Overflow Enables Unauthenticated RCE, "Exploitation More Likely" (CVE-2026-47291)

Scope: Windows Server (All Supported Versions Running IIS, WinRM, or Other HTTP.sys-Dependent Servic

Advisories 12 June 2026
Windows Kernel Use-After-Free Remote Code Execution Patched in Record June 2026 Patch Tuesday (CVE-2026-45657)

Scope: Windows 11 (Versions 23H2 through 26H1) and Windows Server 2022, 2025 (Including Server Core)

Advisories 10 June 2026
Google Chrome V8 Zero-Day Under Active Exploitation (CVE-2026-11645)

Scope: Google Chrome Prior to 149.0.7827.103 (Windows/macOS) and 149.0.7827.102 (Linux), All Chromiu

Subscribe to Advisories