CVE-2026-46817 in Oracle E-Business Suite is already being exploited by attackers and enables complete takeover of affected systems by bypassing authentication and privilege control mechanisms.
The Cisco vulnerability CVE-2026-20230 (CVSS 8.6) is being actively exploited weeks after patch release in June and enables root access through SSRF and file operations.
An actively exploited XSS vulnerability in Exchange OWA is being patched for current versions but remains unfixed for Exchange 2016/2019 without paid Extended Support.
CVE-2026-48907 in Joomla JCE enables unauthenticated code execution with CVSS 10.0 and is being actively exploited, while large-scale WordPress attack campaigns run parallel through manipulated plugins.
One in six breaches involves third parties, and even rapid patches fail to prevent most incidents—therefore incident exercises must prioritize operational resilience and third-party scenarios.
Multiple antivirus solutions are blocking update files for Siemens Desigo CC (versions 7–9) due to a compiled PowerShell script triggering heuristic detection mechanisms — supply chain compromise has been ruled out.