soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
123
4
5
678910
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Gefiltert nach: 16. Juli 2026
soc

CVE-2026-42533: Critical NGINX Map Regex Flaw Can Trigger Heap Buffer Overflow and Possible RCE

F5 has disclosed multiple NGINX Vulnerabilities in an out-of-band security update, with CVE-2026-42533 standing out as one of the most dangerous issues in the batch. The flaw is a heap buffer overflow in NGINX’s handling of the map directive when regular expression matching references regex variables in a specific order. In vulnerable deployments, a remote […]

Mehr lesen →
soc

CVE-2026-56164 and CVE-2026-56155: Two Exploited Microsoft Zero-Days Put SharePoint and AD FS at Risk

Microsoft’s July 2026 Patch Tuesday drew immediate attention not just because of its record scale, but because two actively exploited zero-days hit some of the most sensitive parts of enterprise infrastructure. CVE-2026-56164 targets on-premises SharePoint Server and is remotely exploitable in low-complexity attacks, while CVE-2026-56155 targets Active Directory Federation Services and allows privilege escalation from […]

Mehr lesen →
soc

CVE-2026-15410 and CVE-2026-15409: SonicWall SMA 1000 Zero-Days Exploited in the Wild

SonicWall has patched two actively exploited zero-days affecting SMA 1000 Series secure remote access appliances. The issues are CVE-2026-15409, a critical unauthenticated SSRF flaw in the Workplace interface, and CVE-2026-15410, a post-authentication code injection flaw in the Appliance Management Console that can lead to arbitrary OS command execution as administrator under certain conditions. Public reporting […]

Mehr lesen →