vulnerability management

CISA added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog on May 20, 2026, including five legacy Microsoft and Adobe flaws from 2008 through 2010 and two 2026 Microsoft Defender vulnerabilities, after determining that all seven have evidence of active exploitation. The...

Siemens and CISA disclosed on May 12 and May 14, 2026, respectively, that Ruggedcom ROX devices before version 2.17.1 contain CVE-2025-40948, an authenticated remote file-read vulnerability in the web server’s JSON-RPC interface affecting multiple MX5000, RX1400, RX1500, RX1510, RX1524, RX1536...

Microsoft’s May 2026 Patch Tuesday, released on May 12, delivered fixes for at least 118 documented vulnerabilities across Windows, Office, Azure, Dynamics, SQL Server, Edge, Teams, SharePoint, and related products, while major vendors including Apple, Google, Mozilla, and Oracle also pushed...

Microsoft has listed CVE-2026-40357 as a Microsoft SharePoint Server remote code execution vulnerability in its Security Update Guide, and the key signal in the advisory is not merely the RCE label but Microsoft’s confirmation metric describing confidence in the flaw’s existence and technical...

Microsoft disclosed CVE-2026-32175, a .NET Core tampering vulnerability, in its Security Update Guide on May 12, 2026, as part of the May Patch Tuesday cycle, identifying the issue as a confirmed flaw in Microsoft’s cross-platform application runtime rather than a speculative third-party report...

Microsoft has disclosed CVE-2026-41100 as a spoofing vulnerability in Microsoft 365 Copilot for Android, with the advisory appearing in the Microsoft Security Response Center update guide on May 12, 2026, and with public detail currently centered on the vulnerability’s existence rather than a...

Microsoft disclosed CVE-2026-40415, a Windows TCP/IP remote code execution vulnerability, in its Security Update Guide on May 12, 2026, framing the issue as a network-stack flaw whose risk depends not only on severity but on how confidently defenders can trust the available technical details...

CVE-2026-40377 is a Microsoft Cryptographic Services elevation-of-privilege vulnerability listed in Microsoft’s Security Update Guide on May 12, 2026, affecting Windows systems where the vulnerable cryptographic service component is present and requiring administrators to treat the vendor entry...

Microsoft published CVE-2026-35428 on May 7, 2026, describing a critical Azure Cloud Shell spoofing vulnerability caused by command-injection weakness, already mitigated by Microsoft, requiring no customer action, and assessed with confirmed report confidence but no public disclosure or...

Google Chrome on Windows prior to version 148.0.7778.96 is affected by CVE-2026-7973, a medium-severity Chromium vulnerability in Dawn that may allow a remote attacker to escape the browser sandbox through a crafted HTML page. The vulnerability arrived in public trackers on May 6, 2026, as part...

Google published CVE-2026-7990 on May 6, 2026 for a Windows-only Chrome Updater flaw fixed in Chrome 148.0.7778.96, and NVD’s initial configuration models it as Google Chrome before that version running on Microsoft Windows. That is probably not a missing CPE so much as an awkward but defensible...

CVE-2026-43101 is a newly published Linux kernel vulnerability, disclosed on May 6, 2026, in the IPv6 IOAM tracing path where __ioam6_fill_trace_data() could hit potential NULL dereferences before stable kernel fixes added safer checks and reads. It is not a blockbuster remote-code-execution...

CVE-2026-43195 is a newly published Linux kernel vulnerability, received by NVD from kernel.org on May 6, 2026, that fixes missing validation in AMDGPU user queue creation by requiring queue sizes to be powers of two and at least one AMDGPU GPU page. The bug is not a headline-grabbing remote...

CVE-2026-43153 is a newly published Linux kernel vulnerability, disclosed on May 6, 2026, in the XFS filesystem code, where a confusing helper function called xfs_attr_leaf_hasname() could hand callers an invalid buffer pointer after certain extended-attribute lookup failures. That is the dry...

A small Linux kernel bounds-check fix has become a useful case study in how modern vulnerability management treats even niche hardware paths as security-relevant. CVE-2026-31627 addresses an SMBus block-read length validation flaw in the Linux kernel’s Samsung s3c24xx I2C host driver, where the...

CVE-2026-31660 is a compact Linux kernel bug with an outsized lesson: small accounting errors in device drivers can still become security advisories when they cross memory-management boundaries. The flaw sits in the NFC PN533/PN532 receive path, where the kernel could consume bytes from a serial...

Microsoft’s Security Update Guide entry for CVE-2026-33819 is the kind of disclosure that immediately puts defenders on alert, even before the full technical story is public. The issue is labeled a Microsoft Bing Remote Code Execution Vulnerability, which by itself implies remote reachability...

CISA’s latest move is a reminder that the Known Exploited Vulnerabilities (KEV) Catalog remains one of the most operationally important signals in federal cybersecurity. On April 20, 2026, the agency added eight more CVEs tied to active exploitation, spanning print management, endpoint...

Microsoft’s guidance for CVE-2026-33825 makes one point especially clear: a vulnerability scanner can flag Microsoft Defender binaries on disk even when Defender is turned off, because the tools are looking for specific files and version numbers rather than whether the antimalware engine is...

Microsoft’s entry for CVE-2026-26155 is the kind of advisory that looks simple at first glance but carries outsized importance for defenders who rely on Windows identity infrastructure. The issue is labeled a Microsoft Local Security Authority Subsystem Service (LSASS) information disclosure...