Multiple vulnerabilities in PowerDNS allow remote attackers to conduct DoS attacks, cache poisoning, and bypass security checks without authentication.
Multiple vulnerabilities in NGINX products compromise availability, integrity, and system security; extensive data manipulation and code execution are possible.
Vulnerabilities CVE-2026-55200 (CVSS 9.2) and CVE-2026-55199 (CVSS 8.2) in libssh2 1.11.1 and older versions require immediate patches, but are not yet available in official releases.
VMware Tanzu Spring Framework is affected by multiple vulnerabilities that enable privilege escalation, remote code execution, denial of service, and additional attack scenarios.
SolarWinds Serv-U is vulnerable to unauthenticated DoS attacks through CVE-2026-28318 (CVSS 7.5); CISA reports active exploitation and sets a deadline of June 19, 2026.
A vulnerability in Red Hat Advanced Cluster Management enables authenticated attackers to execute code and carry out DoS attacks on central cluster management infrastructure.