Advisories 12 June 2026

Fortinet FortiCloud SSO Authentication Bypass Actively Exploited Against FortiGate Firewalls (CVE-2026-24858)

Scope: FortiOS, FortiManager, FortiAnalyzer, FortiWeb, FortiProxy, FortiSwitch Manager (FortiCloud S

Advisories 12 June 2026
Windows HTTP.sys Integer Overflow Enables Unauthenticated RCE, "Exploitation More Likely" (CVE-2026-47291)

Scope: Windows Server (All Supported Versions Running IIS, WinRM, or Other HTTP.sys-Dependent Servic

Advisories 12 June 2026
Windows Kernel Use-After-Free Remote Code Execution Patched in Record June 2026 Patch Tuesday (CVE-2026-45657)

Scope: Windows 11 (Versions 23H2 through 26H1) and Windows Server 2022, 2025 (Including Server Core)

Advisories 10 June 2026
Google Chrome V8 Zero-Day Under Active Exploitation (CVE-2026-11645)

Scope: Google Chrome Prior to 149.0.7827.103 (Windows/macOS) and 149.0.7827.102 (Linux), All Chromiu

Advisories 10 June 2026
Microsoft Defender "RoguePlanet" Race Condition Zero-Day Grants SYSTEM Privileges on Fully Patched Windows

Scope: Microsoft Windows 10 and Windows 11 (Including June 2026 Patch Tuesday Updates)

Advisories 10 June 2026
SolarWinds Serv-U Unauthenticated Denial of Service Added to CISA KEV (CVE-2026-28318)

Scope: SolarWinds Serv-U (All Versions Prior to 15.5.4 HF1)

Advisories 4 June 2026
Mirasvit Magento Full Page Cache Warmer PHP Object Injection Under Active Exploitation (CVE-2026-45247)

Scope: Mirasvit Full Page Cache Warmer for Magento 2 / Adobe Commerce (Versions Prior to 1.11.12)

Subscribe to Advisories