OutageMON Monitoring
Alerts
Unified stream of vulnerabilities, outages, Microsoft updates, and strategic technology advisories.
VulnerabilityALERT Critical
CVE-2026-35273: Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated attacker to obtain takeover of PeopleSoft Enterprise PeopleTools.
OutageSCAN Investigating
Incident with Webhooks
Jun 11, 22:19 UTC Resolved - This incident has been resolved. Thank you for your patience and understanding as we addressed this issue. A detailed root cause analysis will be shared as soon as it is available. Jun 11, 20:00 UTC Monitoring - The degradation aff...
VulnerabilityALERT Critical
CVE-2026-10520: Ivanti Sentry OS Command Injection Vulnerability
Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the...
OutageSCAN Investigating
Authentication issues related to API requests
Jun 10, 16:39 UTC Resolved - This incident has been resolved. Thank you for your patience and understanding as we addressed this issue. A detailed root cause analysis will be shared as soon as it is available. Jun 10, 16:37 UTC Monitoring - The degradation has...
Microsoft UpdateALERT Medium
Turn specs into evals for any agent with ASSERT
Adaptive Spec-driven Scoring for Evaluation and Regression Testing (ASSERT) is an open-source framework for converting natural language behavior requirements into executable evaluations of AI models and agents. The post Turn specs into evals for any agent with...
Microsoft UpdateALERT Medium
Reconstructing AI activity in investigations
Learn how to investigate AI activity in Microsoft 365 Copilot and Azure AI services using a structured, telemetry-driven approach. This playbook helps security teams reconstruct events, assess data exposure, and detect potential threats faster. The post Recons...
VulnerabilityALERT High
CVE-2026-11645: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not...
VulnerabilityALERT High
CVE-2026-7473: Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch incorrectly decapsulate and forwards other unexpected tunneled packet with a destination IP matching its configured decapsulation IP.
VulnerabilityALERT High
CVE-2026-20245: Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability
Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the af...
Microsoft UpdateALERT Medium
AI brands as bait: How threat actors are using the AI hype in social engineering
As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. The post AI brands as bait: How threat actors are using the AI hype in social engineering appeared first...
OutageOK Resolved
Degraded availability for GitHub.com, GraphQL API, and Webhooks UI/API
Jun 8, 15:00 UTC Resolved - On June 8, 2026, between 14:49 and 14:54 UTC, a subset of requests to GitHub.com, the REST API, GraphQL API, and Webhooks UI/API experienced elevated error rates due to a transient infrastructure capacity issue that self-resolved wi...
OutageSCAN Investigating
Disruption with Claude Opus 4.7
Jun 8, 10:03 UTC Resolved - This incident has been resolved. Thank you for your patience and understanding as we addressed this issue. A detailed root cause analysis will be shared as soon as it is available. Jun 8, 09:49 UTC Update - We are experiencing degra...
OutageSCAN Investigating
Pull Requests and Issues unavailable for signed-out users
Jun 8, 08:36 UTC Resolved - This incident has been resolved. Thank you for your patience and understanding as we addressed this issue. A detailed root cause analysis will be shared as soon as it is available. Jun 8, 08:35 UTC Monitoring - The degradation affec...
VulnerabilityALERT Critical
CVE-2026-42271: BerriAI LiteLLM Command Injection Vulnerability
BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host.
VulnerabilityALERT Critical
CVE-2026-50751: Check Point Security Gateway Improper Authentication Vulnerability
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
OutageSCAN Investigating
EU Network Maintenance
Jun 6, 18:49 UTC Resolved - This incident was used to notify for a maintenance event. There is no specific root cause analysis. Maintenance did run longer than expected (we were complete at 18:48 UTC) but the work proceeded as planned. Jun 6, 18:48 UTC Update...
OutageSCAN Investigating
Disruption with some GitHub services in the EU region
Jun 6, 17:07 UTC Resolved - On June 6, 2026 between 16:18 UTC and 17:01 UTC, users experienced elevated error rates when performing Git operations (cloning, fetching, downloading archives) and accessing package registries. The issue affected users whose traffi...
OutageSCAN Investigating
Auth issue resulting in API impacts, including some Slack and Teams channel subscriptions
Jun 5, 22:21 UTC Resolved - On June 5, 2026, between 15:35 UTC and 16:45 UTC, 0.11% of authenticated REST API requests incorrectly returned “not found” responses. Impact was concentrated among - and significantly higher for - users authenticating with user-to-...
Microsoft UpdateALERT Medium
Securing CI/CD in an agentic world: Claude Code Github action case
Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions. This research examines the attack chain, responsible disclosure process, Anthropic's mitigation...
VulnerabilityALERT Critical
CVE-2026-28318: SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability
SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.
OutageSCAN Investigating
Copilot Code Review Failing
Jun 4, 19:59 UTC Resolved - On June 4, 2026, from 17:30 UTC to 18:55 UTC, Copilot Code Review experienced elevated failures for review requests on GitHub.com. Affected users saw “Copilot ran into an error” on pull requests when requesting a code review. During...
Microsoft UpdateALERT Medium
Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us
A surge in real-world attacks against agentic AI systems is reshaping how we think about risk. Based on 12 months of red teaming, this update introduces seven new failure modes, from supply chain compromise to goal hijacking, and the practical mitigations team...
OutageSCAN Investigating
Disruption with some GitHub services
Jun 4, 04:11 UTC Resolved - Between June 1, 2026, 23:00 UTC and June 4, 2026 04:11 UTC, customers experienced delays in Dependabot scheduled version updates. Pull request creation for version updates was delayed, with delays increasing over time and reaching u...
Microsoft UpdateALERT Medium
Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign
A large-scale npm supply chain attack compromised over 90 versions of @redhat-cloud-services packages, silently infecting CI/CD environments and developer systems. The malicious code steals credentials from GitHub, cloud platforms, and local machines, then spr...
VulnerabilityALERT Critical
CVE-2026-45247: Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability
Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie.
Microsoft UpdateALERT Medium
Introducing Microsoft Scout: Your always-on personal agent
Microsoft Scout is integrated across the Microsoft 365 apps you use every day, keeping it grounded in your flow of work. The post Introducing Microsoft Scout: Your always-on personal agent appeared first on Microsoft 365 Blog.
Microsoft UpdateALERT Medium
Microsoft Build 2026: Securing code, agents, and models across the development lifecycle
Discover how Microsoft enables fast, secure AI development with MDASH and new security capabilities. The post Microsoft Build 2026: Securing code, agents, and models across the development lifecycle appeared first on Microsoft Security Blog.
Microsoft UpdateALERT Medium
Announcing the new Work IQ APIs
Work IQ is a new intelligence layer for Microsoft 365, designed to understand how work gets done across your organizations. The post Announcing the new Work IQ APIs appeared first on Microsoft 365 Blog.
OutageSCAN Investigating
Delays with Code Scanning and Billing
Jun 2, 00:17 UTC Resolved - Starting from 13:00 UTC June 1, 2026, to 00:17 UTC June 2, 2026, multiple services experienced delayed job processing due to increased latency in our background job queue service. The root cause was insufficient queue processing cap...
VulnerabilityALERT High
CVE-2022-0492: Linux Kernel Improper Authentication Vulnerability
Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.
VulnerabilityALERT High
CVE-2025-48595: Android Framework Integer Overflow Vulnerability
Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.
VulnerabilityALERT High
CVE-2024-21182: Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical dat...
Microsoft UpdateALERT Medium
Malicious npm packages abuse dependency confusion to profile developer environments
A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and detection opportunities to help organizations identify and...
Microsoft UpdateALERT Medium
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection
Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. The post Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection appeared first on Microsoft Security Blog.
Microsoft UpdateALERT Medium
Typosquatted npm packages used to steal cloud and CI/CD secrets
The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation guidance to help organizations identify and disrupt rela...
VulnerabilityALERT Critical
CVE-2026-0257: Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection.
OutageSCAN Investigating
Disruption with OpenAI Models
May 28, 20:41 UTC Resolved - On May 28th, 2026, between approximately 18:27 and 20:41 UTC, the GitHub Copilot service was degraded due to an issue with the Responses API of an upstream provider affecting the GPT-5.2, GPT-5.3-Codex, GPT-5.4, and GPT-5.5 models....
OutageMON Monitoring
Elevated error rates across multiple services
May 28, 19:07 UTC Resolved - On May 28, 2026, between 19:07 UTC and 19:16 UTC, multiple GitHub services experienced elevated error rates. This was due to a change that was partially deployed to an authentication service, causing errors for dependent services i...
Microsoft UpdateALERT Medium
Introducing Microsoft 365 Business with Copilot: The new standard for small business
On July 1, we're introducing new Microsoft 365 SKUs with Copilot built-in, designed to fit into the way small businesses already work. The post Introducing Microsoft 365 Business with Copilot: The new standard for small business appeared first on Microsoft 365...
Microsoft UpdateALERT Medium
Introducing a new design for Microsoft 365 Copilot
We’ve redesigned the Copilot app and how Copilot shows up across Microsoft 365 apps to better move with it: cleaner, faster, and in the flow of your work. The post Introducing a new design for Microsoft 365 Copilot appeared first on Microsoft 365 Blog.
OutageSCAN Investigating
Webhook APIs and UI Degraded
May 28, 01:32 UTC Resolved - On May 28, 2026, between 00:54 UTC and 01:19 UTC, some users experienced errors when interacting with the Webhooks API, including webhook delivery history and configuration endpoints. On average, the error rate was 0.28% and peaked...
OutageSCAN Investigating
Incident with Pull Requests, Issues, Git Operations and API Requests
May 27, 13:16 UTC Resolved - On May 27, 2026, between 12:07 UTC and 13:16 UTC, users experienced degraded performance for Git operations, Pull Requests, Issues, GraphQL API, and related services on github.com. During this time, operations that depended on Git...
VulnerabilityALERT Critical
CVE-2026-48027: Nx Console Embedded Malicious Code Vulnerability
Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfuscated payload that could harvested credentials from multiple sources on disk and in memory.
VulnerabilityALERT Critical
CVE-2026-45321: TanStack Unspecified Vulnerability
TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a trusted identity.
VulnerabilityALERT High
CVE-2026-8398: Daemon Tools Lite Embedded Malicious Code Vulnerability
Daemon Tools contains an unspecified vulnerability that has a high impact on confidentiality, integrity, and availability.
Microsoft UpdateALERT Medium
New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences
Learn what’s new in Copilot Studio, May 2026: computer-using agents are now generally available, plus redesigned workflows and Work IQ extensibility. The post New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences...
OutageSCAN Investigating
Incident with Actions and Pages
May 26, 13:18 UTC Resolved - On May 26, 2026, between 10:40 UTC and 12:56 UTC, GitHub Actions jobs were degraded. From 10:40 to 12:16 UTC, all newly queued Actions runs failed to start. From 12:16 to 12:56 UTC, Actions runs that required downloading actions fo...
VulnerabilityALERT High
CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, which can be abused by any cPanel user account to execute arbitrary scripts with root privileges.
OutageOK Resolved
Elevated rate of Git push errors
May 25, 09:02 UTC Resolved - On May 25, 2026, between 09:02 UTC and 09:11 UTC, Git push operations over HTTPS and SSH experienced elevated failures. During this window, an average of 31% and a peak of 43% of push requests failed. The incident was caused by a r...
OutageSCAN Investigating
Intermittent errors with app installation token authentication
May 23, 19:32 UTC Resolved - On May 23, 2026 between 06:00 UTC and 19:12 UTC, GitHub experienced intermittent errors authenticating GitHub app installation tokens. During this time, between 1-5% of app installation token authentication requests failed, with an...
VulnerabilityALERT Critical
CVE-2026-9082: Drupal Core SQL Injection Vulnerability
Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstraction API.
VulnerabilityALERT High
CVE-2025-34291: Langflow Origin Validation Error Vulnerability
Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials an...
VulnerabilityALERT High
CVE-2026-34926: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations.
OutageSCAN Investigating
Incident with Actions
May 20, 20:14 UTC Resolved - On May 20, 2026, between 16:00 UTC and 17:45 UTC, GitHub Actions customers experienced run start delays exceeding 5 minutes. Approximately 4.5% of all runs were delayed during the impact window, with scale set jobs disproportionate...
VulnerabilityALERT High
CVE-2008-4250: Microsoft Windows Buffer Overflow Vulnerability
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.
VulnerabilityALERT High
CVE-2009-1537: Microsoft DirectX NULL Byte Overwrite Vulnerability
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file.
VulnerabilityALERT High
CVE-2009-3459: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability
Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption.
VulnerabilityALERT High
CVE-2010-0249: Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS...
VulnerabilityALERT High
CVE-2010-0806: Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object. The impacted product could be end-of-life (EoL)...
VulnerabilityALERT High
CVE-2026-41091: Microsoft Defender Link Following Vulnerability
Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.
VulnerabilityALERT High
CVE-2026-45498: Microsoft Defender Denial of Service Vulnerability
Microsoft Defender contains an unspecified vulnerability that allows for denial of service.
OutageMON Monitoring
Incident with Copilot
May 19, 05:30 UTC Resolved - On May 19, 2026, between 05:30 UTC and 14:50 UTC, some Copilot users experienced failures when using code completions, chat sessions, and cloud agent sessions. At peak impact, approximately 13% of Copilot API requests failed, and a...
OutageSCAN Investigating
Actions is experiencing degraded availability
May 15, 08:48 UTC Resolved - On May 15, 2026, from approximately 07:43 UTC to 08:48 UTC, GitHub Actions experienced a degradation that caused workflow runs to fail or experience delayed starts for a subset of customers. The incident was triggered by a planned...
OutageWARN Identified
[Retroactive] Incident with GitHub.com
May 15, 02:30 UTC Resolved - Beginning at 02:49 UTC on May 15 2026 and lasting until 03:04 UTC, GitHub.com was unavailable for a subset of customers. This impact has been mitigated and normal service resumed. The issue was rooted in a sudden spike in traffic...
VulnerabilityALERT High
CVE-2026-42897: Microsoft Exchange Server Cross-Site Scripting Vulnerability
Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.
VulnerabilityALERT Critical
CVE-2026-20182: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
OutageSCAN Investigating
Incident with CodeQL
May 13, 16:03 UTC Resolved - On May 13, 2026, between 14:31 and 16:03 UTC, the Code Scanning service experienced processing delays and 12% of check runs took over 15 minutes to complete. The delays were caused by replication lag due to an internal database mig...
Microsoft UpdateALERT Medium
New and improved: Agent governance, intelligent workflows, and connected app experiences
See what's new in Copilot Studio, April 2026: updates to workflows, increased control over agent operations, and an expanded agent usage estimator. The post New and improved: Agent governance, intelligent workflows, and connected app experiences appeared first...
VulnerabilityALERT High
CVE-2026-42208: BerriAI LiteLLM SQL Injection Vulnerability
BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and the credentials it manages.
VulnerabilityALERT Critical
CVE-2026-6973: Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability
Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
VulnerabilityALERT High
CVE-2026-0300: Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series f...
Microsoft UpdateALERT Medium
Copilot Cowork: From conversation to action across skills, integrations, and devices
Today, we’re announcing additional capabilities in Cowork to expand on what it can make possible for you. The post Copilot Cowork: From conversation to action across skills, integrations, and devices appeared first on Microsoft 365 Blog.
Microsoft UpdateALERT Medium
Microsoft 365 Copilot, human agency, and the opportunity for every organization
As AI and agents take on more of the execution, people have more agency than ever to unlock their ambition, direct what gets done, and own the outcomes. The post Microsoft 365 Copilot, human agency, and the opportunity for every organization appeared first on...
Microsoft UpdateALERT Medium
Microsoft Agent 365, now generally available, expands capabilities and integrations
Microsoft Agent 365 helps you take control of agent sprawl as your control plane to observe, govern, and secure agents and their interactions. The post Microsoft Agent 365, now generally available, expands capabilities and integrations appeared first on Micros...
VulnerabilityALERT Critical
CVE-2026-31431: Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability
Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.
VulnerabilityALERT Critical
CVE-2026-41940: WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability
WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
VulnerabilityALERT Critical
CVE-2024-1708: ConnectWise ScreenConnect Path Traversal Vulnerability
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
VulnerabilityALERT High
CVE-2026-32202: Microsoft Windows Protection Mechanism Failure Vulnerability
Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
VulnerabilityALERT Critical
CVE-2025-29635: D-Link DIR-823X Command Injection Vulnerability
D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. The impacted product could be end...
VulnerabilityALERT High
CVE-2024-7399: Samsung MagicINFO 9 Server Path Traversal Vulnerability
Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.
VulnerabilityALERT Critical
CVE-2024-57728: SimpleHelp Path Traversal Vulnerability
SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the...
VulnerabilityALERT Critical
CVE-2024-57726: SimpleHelp Missing Authorization Vulnerability
SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.
Microsoft UpdateALERT Medium
Copilot’s agentic capabilities in Word, Excel, and PowerPoint are generally available
From first draft to final polish, Copilot acts as a true collaborator, taking action while you stay in control. The post Copilot’s agentic capabilities in Word, Excel, and PowerPoint are generally available appeared first on Microsoft 365 Blog.
VulnerabilityALERT Critical
CVE-2026-39987: Marimo Remote Code Execution Vulnerability
Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.
VulnerabilityALERT High
CVE-2026-33825: Microsoft Defender Insufficient Granularity of Access Control Vulnerability
Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.
VulnerabilityALERT High
CVE-2026-20122: Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file syst...
VulnerabilityALERT High
CVE-2026-20133: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems.
VulnerabilityALERT High
CVE-2025-2749: Kentico Xperience Path Traversal Vulnerability
Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative locations.
VulnerabilityALERT Critical
CVE-2023-27351: PaperCut NG/MF Improper Authentication Vulnerability
PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the SecurityRequestFilter class.
VulnerabilityALERT High
CVE-2025-48700: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information.
VulnerabilityALERT High
CVE-2026-20128: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user...
VulnerabilityALERT High
CVE-2025-32975: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability that could allow attackers to impersonate legitimate users without valid credentials.
VulnerabilityALERT Critical
CVE-2024-27199: JetBrains TeamCity Relative Path Traversal Vulnerability
JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.
VulnerabilityALERT High
CVE-2026-34197: Apache ActiveMQ Improper Input Validation Vulnerability
Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.
VulnerabilityALERT Critical
CVE-2009-0238: Microsoft Office Remote Code Execution
Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.
VulnerabilityALERT High
CVE-2026-32201: Microsoft SharePoint Server Improper Input Validation Vulnerability
Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.
VulnerabilityALERT Critical
CVE-2012-1854: Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.
VulnerabilityALERT High
CVE-2025-60710: Microsoft Windows Link Following Vulnerability
Microsoft Windows contains a link following vulnerability that allows for privilege escalation
VulnerabilityALERT Critical
CVE-2023-21529: Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability
Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.
VulnerabilityALERT High
CVE-2023-36424: Microsoft Windows Out-of-Bounds Read Vulnerability
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation
VulnerabilityALERT High
CVE-2020-9715: Adobe Acrobat Use-After-Free Vulnerability
Adobe Acrobat contains a use-after-free vulnerability that allows for code execution
VulnerabilityALERT High
CVE-2026-21643: Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
VulnerabilityALERT High
CVE-2026-34621: Adobe Acrobat and Reader Prototype Pollution Vulnerability
Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.
Microsoft UpdateALERT High
Windows Update Causing VPN Failures in Enterprise Networks
Reports indicate KB507001 can interrupt split-tunnel VPN connectivity for domain-joined endpoints.
OutageALERT HighMON Monitoring
Google Cloud Services Partial Outage
Google Cloud experiencing intermittent connectivity issues affecting GCP services in US-Central region. Performance degradation reported.
VulnerabilityALERT Critical
CVE-2026-1340: Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
VulnerabilityALERT High
CVE-2026-35616: Fortinet FortiClient EMS Improper Access Control Vulnerability
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
VulnerabilityALERT High
CVE-2026-3502: TrueConf Client Download of Code Without Integrity Check Vulnerability
TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result i...
VulnerabilityALERT High
CVE-2026-5281: Google Dawn Use-After-Free Vulnerability
Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but...
VulnerabilityALERT High
CVE-2026-3055: Citrix NetScaler Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread.
VulnerabilityALERT Critical
CVE-2025-53521: F5 BIG-IP Stack-Based Buffer Overflow Vulnerability
F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.
VulnerabilityALERT High
CVE-2026-33634: Aquasecurity Trivy Embedded Malicious Code Vulnerability
Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in the CI/CD environment, including all tokens, SSH keys, cloud credentials, database passwords, and any sensitive configuration in m...
VulnerabilityALERT High
CVE-2026-33017: Langflow Code Injection Vulnerability
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.
VulnerabilityALERT High
CVE-2025-32432: Craft CMS Code Injection Vulnerability
Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.
VulnerabilityALERT High
CVE-2025-54068: Laravel Livewire Code Injection Vulnerability
Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.
VulnerabilityALERT High
CVE-2025-43510: Apple Multiple Products Improper Locking Vulnerability
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes.
VulnerabilityALERT High
CVE-2025-43520: Apple Multiple Products Classic Buffer Overflow Vulnerability
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system termination or write kernel memory.
VulnerabilityALERT High
CVE-2025-31277: Apple Multiple Products Buffer Overflow Vulnerability
Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web content which may lead to memory corruption.
VulnerabilityALERT Critical
CVE-2026-20131: Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attack...
VulnerabilityALERT High
CVE-2025-66376: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability in the Classic UI where attackers could abuse Cascading Style Sheets (CSS) @import directives in email HTML.
VulnerabilityALERT Critical
CVE-2026-20963: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
VulnerabilityALERT High
CVE-2025-47813: Wing FTP Server Information Disclosure Vulnerability
Wing FTP Server contains a generation of error message containing sensitive information vulnerability when using a long value in the UID cookie.
VulnerabilityALERT High
CVE-2026-3910: Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability
Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple...
VulnerabilityALERT High
CVE-2026-3909: Google Skia Out-of-Bounds Write Vulnerability
Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.
VulnerabilityALERT Critical
CVE-2025-68613: n8n Improper Control of Dynamically-Managed Code Resources Vulnerability
n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.
VulnerabilityALERT Critical
CVE-2025-53770: Microsoft SharePoint Server remote code execution vulnerability
Known exploited SharePoint Server vulnerability requiring urgent mitigation, exposure review, and patch validation.
VulnerabilityALERT Critical
CVE-2024-3400: Palo Alto PAN-OS command injection vulnerability
Known exploited PAN-OS command injection vulnerability affecting firewall management and GlobalProtect deployments.
VulnerabilityALERT Critical
CVE-2023-34362: MOVEit Transfer SQL injection vulnerability
Known exploited MOVEit Transfer SQL injection vulnerability associated with data theft campaigns.
VulnerabilityALERT Critical
CVE-2021-44228: Apache Log4j remote code execution vulnerability
Log4Shell remains a high-priority enterprise exposure because vulnerable Java dependencies can persist in applications and appliances.