Ransomware gangs are exploiting the BlueHammer vulnerability in Microsoft Defender for privilege escalation, putting Windows systems at widespread risk.
CVE-2026-46817 in Oracle E-Business Suite is already being exploited by attackers and enables complete takeover of affected systems by bypassing authentication and privilege control mechanisms.
The Linux vulnerability CVE-2026-43503 enables local attackers to escalate privileges to root through memory manipulation during network packet processing, leaves no traces, and is particularly critical in container and multi-tenant environments.
A widely distributed YouTube ad blocker extension with over 10 million downloads can be abused through server-side configuration to execute arbitrary malicious code without evidence of active abuse to date.
Kernel vulnerability CVE-2026-46331 allows local users to escalate privileges to root through the packet editing module with a publicly available exploit.
Unauthenticated attackers can manipulate privileged processes and take over code repositories through insecure permission configurations in GitHub Actions.
Microsoft 365 Copilot contains multiple remotely exploitable vulnerabilities that allow unauthenticated attackers to perform privilege escalation, command injection, and data access.
A missing authorization check in backend APIs allowed unauthorized users to access critical streaming and match data systems for the 2026 World Cup through FIFA’s public agents portal.
Cisco ISE contains multiple vulnerabilities that compromise critical system functions (code execution, privilege escalation, data access) and pose a high risk to network authentication.
A critical privilege escalation vulnerability (CVE-2026-54420) in the LiteSpeed cPanel plugin is being actively exploited and requires immediate patching to version 2.4.8 or higher.