CVE-2026
No mentions found
This entity hasn't been tracked yet, or Iris is still building its knowledge base.
Related Articles from SNS
Yet another Cisco SD-WAN 0-day under attack, and no patch in sight
Unknown miscreants are exploiting a high-severity, zero-day bug in Cisco’s SD-WAN management software, and the networking giant hasn’t said when it will patch the flaw. Cisco issued an advisory on Thursday for the Catalyst SD-WAN Manager vulnerability, tracked as CVE-2026-20245, and it sounds like attackers have been exploiting this security failure for at least the last week. It’s due to a validation error - the software fails to properly validate user-supplied input - and an authenticated,...
Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year
Google has fixed its fifth actively exploited Chrome zero-day of 2026, and this one earned its finder a $55,000 bounty. The flaw, tracked as CVE-2026-11645, is an out-of-bounds memory access bug in Chrome's V8 JavaScript engine. Google confirmed that the vulnerability is being exploited in the wild, but has disclosed little beyond the bare technical details.
Ransomware crims got a month-long head start on Check Point VPN 0-day that now has a fix
Check Point released an emergency fix on Monday for a critical authentication bypass vulnerability affecting its Remote Access VPN and Mobile Access deployments - but attackers, including ransomware criminals, got a month-long head start. Attacks against the bug, tracked as CVE-2026-50751, began on May 7, according to Check Point VP of research Lotem Finkelstein, and picked up in early June. The security software vendor spotted suspicious activity and began investigating the zero-day on June...
Gleam v1.17.0 Released
Gleam is a type safe and scalable language for the Erlang virtual machine and JavaScript runtimes. Today Gleam v1.17.0 has been published. But first: the first videos from the first ever all-Gleam conference have been released!
Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9
It's patch time for Ivanti customers again after the security shop disclosed another two critical vulnerabilities in one of its products. Both bugs affect Ivanti Sentry, a mobile gateway that forms part of its broader unified endpoint management platform. The first and worst of the two is CVE-2026-10520 (10.0), a max-severity vulnerability that allows a remote, unauthenticated attacker to execute code with root privileges.
High-severity vulnerability in Linux caused by a single errant character
Researchers have analyzed a high-severity vulnerability in Linux that’s able to escalate untrusted users to root by exploiting a bug you don't often see: a single errant character inside the kernel. The vulnerability, tracked as CVE-2026-23111, is located in nf_tables, a subsystem of the Linux kernel that provides packet filtering capabilities. It’s used to manage firewall rules and replaces older subsystems such as iptables, ip6tables, arptables, and ebtables. !!!
Palo Alto VPN bug graduates from advisory to active exploitation
Palo Alto customers are being been told to patch yet another internet-facing security flaw after researchers caught attackers bypassing GlobalProtect authentication and gaining unauthorized VPN access. The flaw, tracked as CVE-2026-0257, affects PAN-OS deployments using GlobalProtect authentication override cookies under specific configurations. Palo Alto disclosed the bug on May 13 and initially assigned it a medium-severity rating, saying it was aware of attempts to exploit it but had not...
'24 hours to fix ...': US cybersecurity agency CISA to several other government agencies
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal government agencies to urgently secure systems affected by a critical security flaw that is being actively exploited by hackers. The vulnerability, tracked as CVE-2026-50751, affects certain Check Point Remote Access VPN and Mobile Access products and can allow attackers to gain unauthorized remote access to targeted systems. CISA has added the flaw to its Known Exploited Vulnerabilities (KEV) catalog and...