Archiv für Juni 2026

Cisco has disclosed a seventh SD-WAN zero-day exploited in 2026, tracked as CVE-2026-20245. The flaw affects the command-line interface of Cisco Catalyst SD-WAN Manager and can allow an authenticated remote attacker with netadmin privileges to execute arbitrary commands as root by uploading a crafted file. Cisco says exploitation has already been observed in limited cases, […]

A newly disclosed denial-of-service vulnerability, tracked as CVE-2026-49975, shows how long-known HTTP/2 weaknesses can still be chained into a highly effective modern attack. SecurityWeek reports that researchers at Calif demonstrated an HTTP/2 Bomb exploit capable of knocking major web servers offline within seconds by combining a compression bomb with a Slowloris-style hold that prevents the […]