A critical authentication bypass in the peering handshake of Cisco Catalyst SD-WAN Controller and Manager lets an unauthenticated remote attacker and issue arbitrary NETCONF commands.
Read more about Emerging Threat: (CVE-2026-20182) Cisco Catalyst SD-WAN Authentication Bypass
CyCognito Blog
Posts by Igal Zeifman
Search the Blog
A heap buffer overflow in NGINX’s rewrite module lets an unauthenticated attacker crash worker processes with a single crafted HTTP request, and on hosts with ASLR disabled can be leveraged for remote code execution.
Read more about Emerging Threat: (CVE-2026-42945) NGINX Rift Heap Overflow in Rewrite ModuleA cross-site scripting vulnerability in Microsoft Exchange Server’s Outlook Web Access lets an unauthenticated attacker execute arbitrary JavaScript in a victim’s browser session by sending a specially crafted email, and is already being exploited in the wild.
Read more about Emerging Threat: (CVE-2026-42897) Microsoft Exchange OWA Cross-Site Scripting via Crafted EmailA critical use-after-free vulnerability in Exim’s BDAT message body parsing path, allows an unauthenticated network attacker to execute arbitrary code on the underlying mail server.
Read more about Emerging Threat: (CVE-2026-45185) Exim Remote Code Execution via BDAT over GnuTLSAn authenticated admin RCE vulnerability in Ivanti Endpoint Manager Mobile is being actively exploited in the wild.
Read more about Emerging Threat: CVE-2026-6973, Authenticated Admin RCE in Ivanti Endpoint Manager MobileA critical pre-authentication CRLF injection vulnerability in cPanel and WHM allows unauthenticated remote attackers to inject crafted lines into pre-auth session files and promote themselves to root, granting full administrative control
Read more about Emerging Threat: (CVE-2026-41940) cPanel & WHM Authentication Bypass via CRLF InjectionAn unauthenticated arbitrary file upload vulnerability in the Breeze Cache plugin for WordPress allows attackers to drop a PHP webshell onto the server through the plugin’s Gravatar-fetching function, leading to remote code execution on affected sites.
Read more about Emerging Threat: (CVE-2026-3844) WordPress Breeze Cache Plugin Unauthenticated File UploadA command injection vulnerability in GitHub Enterprise Server’s git push pipeline allows any authenticated user with repository push access to execute arbitrary commands on the underlying instance using a single crafted git push.
Read more about Emerging Threat: (CVE-2026-3854) GitHub Enterprise Server RCE via Git Push InjectionA critical command injection flaw in Cisco ISE and ISE-PIC lets an authenticated administrator run arbitrary commands as root on the appliance.
Read more about Emerging Threat: (CVE-2026-20147) Cisco ISE Remote Code ExecutionA cryptographic signature verification flaw in ASP.NET Core’s Data Protection library lets an unauthenticated attacker forge authentication cookies and other protected payloads, allowing impersonation of privileged users on Linux-hosted applications running Microsoft.AspNetCore.DataProtection 10.0.0 through 10.0.6.
Read more about Emerging Threat: (CVE-2026-40372) ASP.NET Core Privilege Escalation via Signature Bypass