#CVE
Gravity SMTP bug turns WordPress email settings into an attacker map
Gravity SMTP bug turns WordPress email settings into an attacker map Attackers are actively exploiting CVE-2026-4020, a Gravity SMTP [vulnerability](https://inv...
Lucas Oliveira
Research
Splunk Enterprise CVE-2026-20253 hits KEV as exploitation begins
Splunk Enterprise CVE-2026-20253 hits KEV as exploitation begins Splunk's June 18, 2026 advisory update changed CVE-2026-20253 from a patch-now issue into an ac...
Lucas Oliveira
Research
Joomla JCE exploitation forces defenders beyond simple patching
Joomla JCE exploitation forces defenders beyond simple patching On Friday, June 19, 2026, defenders running Joomla sites with the JCE editor are at a deadline,...
Lucas Oliveira
Research
Check Point hotfixes actively exploited IKEv1 VPN bypass
Check Point hotfixes actively exploited IKEv1 VPN bypass CVE-2026-50751 is the kind of security flaw that punishes organizations for leaving legacy remote-acces...
Lucas Oliveira
Research
Cisco patches another SD-WAN zero-day after limited exploitation
Cisco patches another SD-WAN zero-day after limited exploitation Cisco has disclosed yet another actively exploited weakness in its SD-WAN stack, and the import...
Lucas Oliveira
Research
YellowKey fix lands in June baseline: patch BitLocker fleets now
YellowKey fix lands in June baseline: patch BitLocker fleets now Microsoft has now closed the patch gap for CVE-2026-45585, the public BitLocker bypass widely r...
Lucas Oliveira
Research
Exchange CVE-2026-42897 patches land after active OWA exploitation
Exchange CVE-2026-42897 patches land after active OWA exploitation Microsoft has now shipped the June 2026 Exchange security updates for CVE-2026-42897, ending...
Lucas Oliveira
Research
Veeam CVE-2026-44963 puts domain-joined backup servers at RCE risk
Veeam CVE-2026-44963 puts domain-joined backup servers at RCE risk Veeam has patched CVE-2026-44963, a critical [vulnerability](https://invaders.ie/resources/gl...
Lucas Oliveira
Research
Cisco CUCM SSRF bug turns WebDialer exposure into a path toward root
Cisco CUCM SSRF bug turns WebDialer exposure into a path toward root Cisco's latest Unified Communications Manager advisory deserves attention because it turns...
Lucas Oliveira
Research
CVE-2026-45247: Mirasvit Cache Warmer RCE Threatens Magento Stores
CVE-2026-45247: Mirasvit Cache Warmer RCE Threatens Magento Stores Executive Summary CVE-2026-45247 is a critical [vulnerability](https://invaders.ie/resources/...
Lucas Oliveira
Research
CVE-2026-48172 puts LiteSpeed cPanel deployments on a KEV deadline
CVE-2026-48172 puts LiteSpeed cPanel deployments on a KEV deadline CVE-2026-48172 has escalated from vendor emergency to federal patching priority. On May 26, 2...
Lucas Oliveira
Research
CVE-2026-45829: ChromaDB Pre-Auth RCE Risk in AI Stacks
CVE-2026-45829: ChromaDB Pre-Auth RCE Risk in AI Stacks | 2026 Executive Summary CVE-2026-45829 is a critical ChromaDB flaw that can let unauthenticated attacke...
Lucas Oliveira
Research