Security & Risk
50 analyses
The largest update in the history of the program brings six zero-days, one of which, CVE-2026-41091, has confirmed active exploitation in Microsoft Defender. CISA has already mandated federal agencies to apply the package.
CVE-2026-50751 has a CVSS of 9.3 and allows authentication bypass in IKEv1 deployments; Qilin affiliates have been exploiting the vulnerability since May 7, according to Check Point.
The June 9 Patch Tuesday brings 200 vulnerabilities, 33 critical, three zero-days publicly disclosed, and CVE-2026-45657 with a CVSS of 9.8 in the Windows TCP/IP kernel.
Microsoft delivers a definitive fix for CVE-2026-42897, an XSS vulnerability in Outlook Web Access exploited since mid-May, on the same day SAP closes a critical SAML vulnerability.
CVE-2026-20245 allows command execution as root on the Catalyst SD-WAN Manager. Mandiant detected exploitation before the disclosure. Cisco has not released a fix yet.
CVE-2026-20245, CVSS 7.8, affects all deployment models of the Catalyst SD-WAN Manager with no patch available. Google Mandiant researchers reported the vulnerability, actively exploited since before the advisory on June 5.
Use-after-free vulnerability with CVSS 8.8 was present in the client unblock flow since version 7.2.0, released in August 2023. The bug was uncovered by an autonomous bug bounty tool.
Record Net New ARR of $256 million and a 4-for-1 stock split raised the annual guidance, but billings below consensus punished the stock after the market closed on June 3.
Anthropic's unreleased frontier model has already identified over 10,000 critical vulnerabilities. The company allocates $100 million in usage credits and $4 million in donations for open-source security.
Mandate effective from 1 June for individual users of Trusted Access for Cyber with access to GPT-5.5, GPT-5.5-Cyber, and GPT-5.4-Cyber. Yubico provides a dual pack of YubiKey dedicated for this purpose.
Sysdig's Threat Research Team reported the first autonomous intrusion conducted by an LLM agent: via CVE-2026-39987 on Marimo (CVSS 9.3), the attacker exfiltrated a PostgreSQL database in under an hour, without pre-written scripts.
The vulnerability allows complete takeover of instances by a remote attacker without login and opens the new monthly critical patch cycle of Oracle. ORDS versions 24.2.0 to 26.1.0 are affected.