Weekly Threat Landscape Digest – Week 23

1. Actively exploited Remote Code Execution Vulnerability in Magento 2

Overview

• A critical Remote Code Execution (RCE) vulnerability (CVE-2026-45247) affects Mirasvit Full Page Cache Warmer for Magento 2.
• The vulnerability stems from insecure deserialization of untrusted data via the CacheWarmer cookie using PHP’s unserialize() function.
• Assigned a CVSS v3.1 score of 9.8 and CVSS v4.0 score of 9.3.
• No authentication or user interaction is required for exploitation.
• Attackers send crafted serialized PHP objects to achieve remote code execution using available gadget chains in Magento and dependencies.

Impact

• Enables unauthenticated attackers to execute arbitrary PHP code on affected servers.
• The vulnerability is currently being actively exploited in the wild.
• Included in the Known Exploited Vulnerabilities (KEV) Catalog.

Affected / Fixed Versions

• Affected: All versions prior to 1.11.12 of Mirasvit Full Page Cache Warmer for Magento 2.
• Fixed: Version 1.11.12 released on May 25, 2026, with further stability improvements in 1.11.13.

Recommendations

• Immediately update to version 1.11.12 or later to mitigate active exploitation risk.
• Monitor relevant systems for suspicious activity related to CacheWarmer cookie manipulation.

Reference

https://mirasvit.com/package/changelog/?package=mirasvit/module-cache-warmer

2. Security Updates – Chrome OS

Overview

• Google released a Long Term Support (LTS) update for Chrome OS addressing multiple high and critical severity vulnerabilities.
• Fixes include memory corruption, input validation errors, race conditions, and sandbox escapes affecting GPU, networking, extensions, printing, passwords, WebCodecs, accessibility, MHTML, performance manager, and Blink components.

Impact

• Successful exploitation can lead to arbitrary code execution, privilege escalation, sandbox bypass, network traffic interception or manipulation, access to sensitive data or credentials, and system crashes.

Vulnerabilities

• Critical: CVE-2026-9887, CVE-2026-9873, CVE-2026-9891 (use after free in Proxy, Network, Extensions)
• High: CVE-2026-9934, CVE-2026-9895, CVE-2026-9980, CVE-2026-10004, CVE-2026-10013, CVE-2026-9894, CVE-2026-9992, CVE-2026-9902, CVE-2026-2314, CVE-2026-7351, CVE-2026-10001 (use after free, out of bounds read, insufficient input validation, heap buffer overflow, race condition)
• Medium: CVE-2026-4462 (out of bounds read in Blink)

Affected / Fixed Versions

• Fixed in LTS-144 version 144.0.7559.254 (Platform Version: 16503.86.0)

Recommendations

• Apply the Chrome OS LTS update 144.0.7559.254 immediately to mitigate the vulnerabilities.

Reference

https://chromereleases.googleblog.com/2026/06/long-term-support-channel-update-for.html

3. Critical Vulnerability in Cisco Unified Communications Manager

Overview

• A critical server-side request forgery (SSRF) vulnerability (CVE-2026-20230) exists in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME).
• The vulnerability stems from improper input validation in specific HTTP requests, exploitable by unauthenticated attackers.
• Exploitation can allow writing files to the underlying operating system, potentially leading to root privilege escalation.
• Proof-of-concept exploit code is publicly available.

Impact

• Unauthorized file write to the OS by unauthenticated attackers.
• Possible escalation to root privileges, severely compromising affected systems.

Affected / Fixed Versions

• Affected products: Cisco Unified CM and Unified CM SME with the WebDialer service enabled.
• Fixed versions:
•   Unified CM 14: Upgrade to 14SU6
•   Unified CM 15: Upgrade to 15SU5 (scheduled for September 2026) or apply the Cisco Out-of-Band Patch (COP).

Recommendations

• Immediately apply available patches when released.
• Disable the WebDialer service until patches can be installed.
• Monitor for exploitation attempts due to public availability of PoC.

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW

4. Critical Vulnerability in Langflow

Overview

• A critical Remote Code Execution (RCE) vulnerability (CVE-2026-48519) has been discovered in the AI workflow orchestration platform Langflow.
• The vulnerability allows exploitation via a crafted JSON payload containing malicious Python code.

Impact

• Successful exploitation results in remote code execution, posing significant risk to affected systems.
• CVSS score: 9.6 (Critical).

Affected / Fixed Versions

• Affected: Langflow version 1.9.1 and earlier.
• Fixed: Langflow version 1.9.2 and later.

Recommendations

• Immediately upgrade Langflow to version 1.9.2 or later to mitigate the vulnerability.

Reference

https://github.com/langflow-ai/langflow/releases/tag/1.9.5

5. Multiple Vulnerabilities in Apache ActiveMQ

Overview

• Multiple vulnerabilities in Apache ActiveMQ allow authenticated attackers to execute remote code via the Jolokia management interface and bypass previous security fixes.
• Exploitation can lead to full compromise of the ActiveMQ broker, unauthorized administrative actions, and disruption of enterprise messaging services.

Impact

• Remote code execution (CVE-2026-42588, CVE-2026-45505)
• Privilege management weaknesses (CVE-2026-49157)
• Header injection (CVE-2026-42253)

Affected / Fixed Versions

• Affected:
•   Apache ActiveMQ Broker (org.apache.activemq:activemq-broker) versions before 5.19.7
•   Versions 6.0.0 before 6.2.6
•   Apache ActiveMQ All (org.apache.activemq:activemq-all) before 5.19.7 and 6.0.0 before 6.2.6
•   Apache ActiveMQ (org.apache.activemq:apache-activemq) before 5.19.7 and 6.0.0 before 6.2.6
• Fixed:
•   Apache ActiveMQ 5.19.7 and 6.2.6

Recommendations

• Upgrade affected Apache ActiveMQ installations to versions 5.19.7 or 6.2.6 immediately.
• Restrict access to Jolokia and other management interfaces to trusted personnel and systems only.

Reference

https://lists.apache.org/thread/ns0zktfo16s9ql2mmtqtlb6p6xcs45xm

https://lists.apache.org/thread/7n97nddyw96w6ykldjv1h40jx86xdo0w

https://lists.apache.org/thread/rrcsf6s90hj4tdh89nvkko75q5505rj8

6. Critical Vulnerability in Apache Solr

Overview

• CVE-2026-44825 is a critical hardcoded credentials vulnerability in Apache Solr’s Basic Authentication setup utility (bin/solr auth enable).
• The utility creates additional template user accounts with publicly known credentials alongside user-defined accounts.
• Exploitation allows attackers to gain unauthorized administrative access to Solr clusters.

Impact

• Unauthorized administrative access to Solr clusters.
• Potential for configuration changes, unauthorized data access, service disruption, and compromise of cluster integrity.

Affected / Fixed Versions

• Affected: Apache Solr (org.apache.solr:solr-core) versions 9.4.0 through 9.10.1 and 10.0.0.
• Not affected: Clusters where bin/solr auth enable was not used to bootstrap Basic Authentication or template user passwords have been changed.
• Fixed in forthcoming releases: Apache Solr 9.11.0 and 10.1.0 or later.

Recommendations

• Identify systems with Basic Authentication configured via bin/solr auth enable.
• Remove template accounts (superadmin, admin, search, index) from security.json or change their passwords immediately.
• Audit authentication configurations and remove unnecessary accounts.
• Restrict exposure of administrative interfaces to the public.
• Monitor authentication logs for unauthorized attempts.
• Prioritize upgrades to versions 9.11.0 or 10.1.0 once available.
• Conduct periodic credential and access reviews on Solr deployments.

Reference

https://www.tenable.com/cve/CVE-2026-44825

7. Multiple Vulnerabilities in HPE Telco Network Function Virtualization Orchestrator

Overview

• Multiple vulnerabilities identified in HPE Telco Network Function Virtualization Orchestrator.
• Issues include potential for denial-of-service (DoS), unauthorized remote access, memory corruption, buffer overflow, and input validation bypass.

Impact

• CVE-2025-68121: Critical severity (CVSS 10.0), allowing full system compromise impacting confidentiality, integrity, and availability.
• CVE-2025-25679, CVE-2025-61726, CVE-2026-2391, CVE-2026-25639, CVE-2026-35554: High severity vulnerabilities enabling service disruption, integrity impact, or availability compromise.
• CVE-2025-11143, CVE-2025-13465, CVE-2025-61728, CVE-2026-40453: Medium severity vulnerabilities allowing unauthorized actions, limited information disclosure, or service disruption under specific conditions.

Affected / Fixed Versions

• Affected: HPE Telco Network Function Virtualization Orchestrator version 7.6.0 and earlier.
• Fixed: Version 7.7.0 and later.

Recommendations

• Upgrade affected deployments to version 7.7.0 or later to mitigate these vulnerabilities.

Reference

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05060en_us&docLocale

8. Critical RCE Vulnerability in HP Poly Voice Devices

Overview

• A critical remote code execution vulnerability (CVE-2026-0826) was disclosed in several HP Poly Voice devices running on Linux.
• The vulnerability allows unauthenticated remote attackers to execute arbitrary code when Interactive Connectivity Establishment (ICE) is enabled.
• Exploitation could lead to full system compromise, unauthorized access, malicious code execution, disruption of communication services, and lateral movement within the network.
• CVSS v4.0 score is 9.2.

Impact

• Remote Code Execution (RCE) on affected HP Poly Voice devices.
• Potential full compromise and network pivoting.

Affected / Fixed Versions

• VVX Series UCS: fixed firmware version 6.4.8 (pending release).
• Trio 8300 UCS: fixed firmware version 8.1.7.
• Trio 8500 UCS: fixed firmware version 7.2.8.
• Trio 8800 UCS: fixed firmware version 7.2.8.

Recommendations

• Upgrade all affected Poly Voice devices to the latest firmware versions as soon as they become available.
• Disable Interactive Connectivity Establishment (ICE) on Poly Voice devices if not required for business operations.

Reference

https://support.hp.com/ph-en/document/ish_15052661-15052687-16/hpsbpy04083

9. Critical Vulnerability in ArcGIS Server

Overview

• Esri released the ArcGIS Server Security 2026 Update 2 Patch addressing two vulnerabilities in ArcGIS Server versions prior to 12.0.
• CVE-2026-9181 is a critical directory traversal vulnerability allowing unauthenticated access to sensitive files via crafted path parameters.
• CVE-2026-9182 is an unrestricted file upload vulnerability permitting unauthenticated attackers to upload arbitrary files.

Impact

• CVE-2026-9181 (Critical): CVSS v3.1 base score 9.8; allows access to sensitive system files.
• CVE-2026-9182 (Medium): CVSS v3.1 base score 5.3; may allow arbitrary file uploads which could lead to further compromise.

Affected / Fixed Versions

• Affects ArcGIS Server versions earlier than 12.0.
• Fixed in ArcGIS Server 12.0 Security Update 2 Patch.

Recommendations

• Immediately apply the ArcGIS Server Security 2026 Update 2 Patch, especially on internet-facing systems.
• Implement patching within two weeks of patch release.

Reference

https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/may-2026-arcgis-security-bulletin

https://support.esri.com/en-us/patches-updates/2026/arcgis-server-security-2026-update-2-patch

10. Security Updates – Android

Overview

• Google released the June 2026 Android Security Bulletin addressing multiple vulnerabilities in Android OS components including Framework, System, Kernel, Google Play system modules, and vendor-specific components from Qualcomm, MediaTek, Imagination Technologies, and Unisoc.
• Vulnerabilities include remote code execution, escalation of privilege, information disclosure, and denial-of-service issues.
• Notable CVEs include CVE-2025-65018, CVE-2026-0043, CVE-2026-0097, CVE-2025-47392, CVE-2026-25276, CVE-2025-48595 among others.
• CVE-2025-48595 is reported to be under limited, targeted exploitation.

Impact

• Exploitation may allow attackers to gain elevated privileges, execute arbitrary code, disclose sensitive information, disrupt device functionality, or compromise device security.

Affected / Fixed Versions

• Affected Android versions: 14, 15, 16, and 16-qpr2.
• Affected components include kernel, modem, GPU, display, and closed-source chipset modules from Qualcomm, MediaTek, Unisoc, and Imagination Technologies.
• Security patches with levels 2026-06-01 and 2026-06-05 address these vulnerabilities.

Recommendations

• Update Android devices to the latest security patch level as soon as possible.

Reference

https://source.android.com/docs/security/bulletin/2026/2026-06-01

11. Privilege Escalation Vulnerability in Ivanti Neurons for ITSM

Overview

• CVE-2026-9614 is an improper access control vulnerability in Ivanti Neurons for ITSM.
• Allows a remote authenticated attacker with low privileges to escalate to administrative access.

Impact

• Unauthorized access to sensitive information.
• Potential modification of system configurations.
• Service disruption and further compromise of the environment.
• CVSS score: 8.8 (High).

Affected / Fixed Versions

• On-Premises affected versions: 2025.4 and earlier.
• Cloud affected versions: 2026.1 and earlier.
• On-Premises fixed versions: 2025.4 Patch 1, 2025.3 Patch 1, 2025.2 Patch 1.
• Cloud fixed versions: 2026.1 Patch 9, 2026.2 Patch 1.
• Cloud environments receive automatic updates; no user action needed.

Recommendations

• Update to the fixed or latest versions released by Ivanti promptly.

Reference

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2026-9614?language=en_US

12. Critical Remote Code Execution Vulnerabilities in Samba Suite

Overview

• Two critical vulnerabilities disclosed in Samba affecting enterprise file and print-sharing infrastructure.
• CVE-2026-4480: Remote, unauthenticated RCE via Samba printing subsystem due to improper sanitization of the %J substitution parameter in print commands.
• CVE-2026-4408: Authentication bypass and privilege escalation vulnerability.

Impact

• CVE-2026-4480 (CVSS 10.0): Allows unauthenticated attackers to execute arbitrary code remotely via the print command when misconfigured with the %J parameter.
• CVE-2026-4408 (CVSS 10.0): Enables attackers to bypass authentication and escalate privileges.

Affected / Fixed Versions

• Affected: Samba versions prior to 4.22.10, 4.23.8, and 4.24.3.
• Fixed: Versions 4.22.10, 4.23.8, and 4.24.3 or later.

Recommendations

• Upgrade all Samba deployments to the fixed versions immediately.
• Apply vendor security advisories without delay.
• Review print subsystem configurations to avoid use of vulnerable parameters.

Reference

https://www.samba.org/samba/security/CVE-2026-4480.html

https://www.samba.org/samba/security/CVE-2026-4408.html

13. Security Updates – Google Chrome

Overview

• Google released a Chrome Stable Channel update for Windows, Mac, and Linux addressing 151 security vulnerabilities, including 22 critical flaws.
• Affected components include GPU, Network, WebGL, ANGLE, Dawn, Bluetooth, Browser, Extensions, WebView, XR, Proxy, Skia, and Base.

Impact

• Critical vulnerabilities involve out-of-bounds write/read, use-after-free, integer overflow, and insufficient input validation.
• Potential impacts include memory corruption, information disclosure, sandbox escape, code execution, browser/process compromise, and privilege escalation.

Affected / Fixed Versions

• Fixed in Chrome versions 148.0.7778.216/217 for Windows
• Fixed in Chrome versions 148.0.7778.215/216 for Mac
• Fixed in Chrome version 148.0.7778.215 for Linux

Recommendations

• Update Google Chrome to the latest stable version immediately.
• Enable automatic browser updates in enterprise environments to ensure timely patching.

Reference

https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html

14. High-Severity Vulnerability in NVIDIA Merlin Transformers4Rec

Overview

• A high-severity vulnerability (CVE-2026-24162) has been identified in NVIDIA Merlin Transformers4Rec for Linux.
• The issue arises from improper deserialization of untrusted data in the software.

Impact

• Exploitation can lead to arbitrary code execution, unauthorized data modification, and sensitive information disclosure.
• CVSS v3.1 score: 7.8 (High).

Affected / Fixed Versions

• Affected versions: All commits on the main branch prior to March 11, 2026.
• Fixed versions: Any commit on the main branch released after March 11, 2026.

Recommendations

• Update affected installations to the fixed or latest versions released after March 11, 2026.
• Share information and findings related to this vulnerability within relevant teams and partners.

Reference

https://nvidia.custhelp.com/app/answers/detail/a_id/5838

15. Security Updates – Oracle

Overview

• Oracle released the May 2026 Critical Security Patch Update (CSPU) addressing multiple vulnerabilities across various products including Database Server, REST Data Services, Communications Unified Assurance, E-Business Suite, and Hospitality.
• Several vulnerabilities are remotely exploitable without authentication, allowing potential full system compromise.

Impact

• CVE-2026-46840 (CVSS 10.0): Critical remote unauthenticated exploit in Oracle REST Data Services Backend-as-a-Service permitting full system compromise over HTTPS.
• CVE-2026-46775, CVE-2026-46839 (CVSS 9.9): Critical vulnerabilities in Oracle REST Data Services Core, enabling low-privileged attackers to compromise environments.
• CVE-2026-46833 (CVSS 9.0): Remotely exploitable vulnerability in Oracle Database Server Net Services affecting confidentiality, integrity, and availability.
• CVE-2026-46817, CVE-2026-34311 (CVSS 9.8): Remote unauthenticated vulnerabilities in Oracle Payments and Oracle Hospitality OPERA 5 Property Services.
• Additional High to Critical severity issues (CVSS 4.5-10.0) across Communications Unified Assurance, E-Business Suite, payroll, financial modules, middleware, and third-party dependencies.

Affected / Fixed Versions

• Detailed affected and fixed versions are available in the official Oracle CSPU advisory.

Recommendations

• Apply the May 2026 Oracle Critical Patch Update promptly to mitigate the identified vulnerabilities.
• Monitor Oracle advisories for further details on patches and mitigation guidance.

Reference

https://www.oracle.com/security-alerts/cspumay2026.html

16. High-Severity Vulnerability in F5 BIG-IP Access Policy Manager (APM)

Overview

• A buffer handling vulnerability (CWE-120) exists in BIG-IP APM when an access policy is configured on a virtual server.
• Specially crafted network traffic can cause the apmd process to terminate unexpectedly.
• Exploitable remotely without authentication, leading to denial-of-service (DoS).

Impact

• Termination of the apmd process results in temporary traffic disruption and service interruption.

Affected / Fixed Versions

• Affected:
•   21.x Branch: 21.0.0
•   17.5.x Branch: 17.5.0 – 17.5.1
•   17.1.x Branch: 17.1.0 – 17.1.3
•   16.x Branch: 16.1.0 – 16.1.6 (no fix available)
• Fixed:
•   21.x Branch: Upgrade to 21.0.0.1 or later
•   17.5.x Branch: Upgrade to 17.5.1.4 or later
•   17.1.x Branch: Upgrade to 17.1.3.1 or later
•   16.x Branch: No vendor fix; upgrade to a supported branch with available fixes.

Recommendations

• Upgrade affected BIG-IP APM versions to the fixed releases as soon as possible.
• For 16.x branch users, migrate to a supported branch with a security fix.
• Monitor network traffic and system stability for signs of attempted exploitation.

Reference

https://my.f5.com/manage/s/article/K000161056

17. Active Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)

Overview

• High-severity authentication bypass vulnerability affecting PAN-OS GlobalProtect portal and gateway components.
• Allows attackers to bypass authentication and establish unauthorized VPN connections using improperly validated authentication override cookies under specific certificate conditions.
• Exploitation attempts have been confirmed in the wild targeting unpatched devices.
• CVSS score: 7.8 (High).

Impact

• Unauthorized VPN access, potentially granting attackers network access without valid credentials.
• Could lead to compromise of internal resources accessible through the VPN.

Affected / Fixed Versions

• PAN-OS 12.1: Versions earlier than 12.1.4-h6 and 12.1.7 are vulnerable; fixed in 12.1.7 and 12.1.4-h6.
• PAN-OS 11.2: Versions earlier than 11.2.4-h17, 11.2.7-h14, 11.2.10-h7, and 11.2.12 are vulnerable; fixed in 11.2.12 and corresponding interim updates.
• PAN-OS 11.1: Versions earlier than 11.1.4-h33, 11.1.6-h32, 11.1.7-h6, 11.1.10-h25, 11.1.13-h5, and 11.1.15 are vulnerable.
• PAN-OS 10.2: Versions earlier than 10.2.7-h34, 10.2.10-h36, 10.2.13-h21, 10.2.16-h7, and 10.2.18-h6.
• Prisma Access 11.2.0: Versions earlier than 11.2.7-h13 are vulnerable.
• Prisma Access 10.2.0: Versions earlier than 10.2.10-h36 are vulnerable.

Recommendations

• Upgrade to fixed versions as listed above without delay.
• Configure a dedicated certificate solely for Authentication Override cookies and avoid reuse of certificates.
• Disable Authentication Override by turning off cookie generation and acceptance in GlobalProtect portal and gateway settings.
• Audit GlobalProtect configurations to identify and remediate use of authentication override cookies.
• Prioritize patching for internet-facing GlobalProtect deployments.
• Monitor VPN authentication logs for anomalous or unauthorized access.
• Review certificate management and isolate certificates used for authentication override.
• Migrate unsupported PAN-OS versions to supported fixed releases.
• Note that users must re-authenticate after patching due to regeneration of authentication override cookies with strengthened security.

Reference

https://security.paloaltonetworks.com/CVE-2026-0257

18. Cisco SD-WAN Vulnerability Exploited in the Wild to Execute Arbitrary Commands as Root User

Overview

• Cisco Catalyst SD-WAN Manager contains a high-severity vulnerability (CVE-2026-20245) with a CVSS score of 7.8.
• Root cause is improper input validation in the command-line interface, allowing command injection via specially crafted uploaded files.
• The flaw requires netadmin-level authentication; attackers can escalate privileges to root and fully compromise the management plane.
• Vulnerability is actively exploited in limited attacks to push unauthorized configurations to SD-WAN edge devices.

Impact

• Full control over SD-WAN management plane and connected edge devices.
• Potential persistence, lateral movement, and traffic manipulation within enterprise networks.
• Higher risk for internet-exposed management interfaces.

Affected / Fixed Versions

• All Cisco Catalyst SD-WAN Manager deployments are affected including on-premises, Cisco SD-WAN Cloud, Cloud-Pro, and government (FedRAMP) versions.
• No specific patch released yet for CVE-2026-20245; users are advised to upgrade to software referenced in Cisco’s May 2026 advisory as a partial mitigation.

Recommendations

• Restrict netadmin-level access and strengthen access controls.
• Monitor and analyze scripts.log for suspicious entries related to command execution, though be aware of possible false positives.
• Collect forensic data using the “request admin-tech” command before applying upgrades to preserve evidence.
• Review device configurations and logs post-upgrade; engage Cisco TAC for remediation if indicators of compromise are found.
• Prioritize monitoring and incident response while awaiting a dedicated patch.

Reference

https://cybersecuritynews.com/cisco-sd-wan-vulnerability-exploit/

19. Microsoft Edge Vulnerabilities Including Critical Remote Code Execution Flaw

Overview

• Microsoft released security updates addressing multiple vulnerabilities in Microsoft Edge reported by Orange Tsai of DEVCORE.
• The most critical flaw, tracked as CVE-2026-45495 (CVSS 7.5), involves improper validation of user-supplied file paths during feedback log handling, enabling remote attackers to execute arbitrary code.
• Exploitation requires user interaction such as visiting a malicious webpage or opening a crafted file.
• Additional addressed flaws include CVE-2026-45494 (CVSS 5.0), a navigation-handling weakness enabling cross-origin script injection, and CVE-2026-45492 (CVSS 4.3), insufficient origin validation in cross-device managed sign-in.

Impact

• Successful exploitation of CVE-2026-45495 allows code execution in the context of the logged-in user, potentially leading to data theft, browser profile compromise, local persistence, or lateral movement.
• Other flaws can expose restricted functions or enable script injection attacks.

Recommendations

• Update Microsoft Edge to the latest stable version via Microsoft Update or the About page immediately.
• Apply any prompted operating system patches.
• Block or scrutinize untrusted email attachments and links.
• Use least-privilege accounts for routine activities to constrain potential exploit impact.
• Monitor endpoints for unusual file operations or persistence related to browser processes.

Reference

https://cybersecuritynews.com/microsoft-edge-vulnerability-code-execution/

20. Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us

Overview

• Microsoft AI Red Team updated its 2025 taxonomy of failure modes in agentic AI systems based on 12 months of red team engagements.
• Added seven new failure modes addressing emerging threats from the rapid adoption of open-source agentic frameworks and MCP ecosystems.
• Red teaming revealed high frequency of human-in-the-loop (HitL) bypass, cross-domain prompt injection, memory poisoning, session context contamination, and capability disclosure as key attack vectors.

Impact

• New failure modes include agentic supply chain compromise, goal hijacking, inter-agent trust escalation, computer use agent visual attacks, session context contamination, MCP/plugin abuse, and capability/architecture disclosure.
• Attackers can remotely execute code, exfiltrate data, manipulate agent goals, bypass safety controls, and escalate privileges through novel natural language and graphical interface techniques.
• Real-world attacks demonstrated zero-click end-to-end compromise chains and difficulty detecting incremental session contamination attacks.

Recommendations

• Treat all agentic system dependencies as part of the software supply chain; implement SBOM generation, signature/provenance verification, and registry scanning for malicious instructions.
• Adopt zero-trust principles for inter-agent communication with cryptographic identity verification and deny privilege elevation from self-asserted roles.
• Harden consent and HitL approval mechanisms by decomposing compound actions, preventing description laundering, scaling approval by risk, and enforcing deterministic HitL invocation.
• Monitor session behavior comprehensively to detect incremental escalation and contamination.

Reference

https://www.microsoft.com/en-us/security/blog/2026/06/04/updating-taxonomy-failure-modes-agentic-ai-systems-year-red-teaming-taught-us/

21. Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Overview

• A use-after-free vulnerability in Redis blocking-client code allows authenticated users to execute arbitrary OS commands on the host.
• The flaw was discovered by an autonomous AI bug-hunting tool.
• Introduced in Redis 7.2.0, it remained unpatched in all stable branches for over two years.

Impact

• Remote code execution with OS-level privileges via authenticated access.

Affected / Fixed Versions

• Affected: Redis version 7.2.0 and all subsequent stable releases until May 5, 2026.
• Fixed in Redis patches released on May 5, 2026.

Recommendations

• Upgrade Redis to the latest patched version released after May 5, 2026.
• Restrict access to authenticated Redis clients and monitor for suspicious activity.

Reference

https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html

22. Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

Overview

• A newly disclosed unpatched vulnerability exists in the Windows Search URI handler, similar to the earlier CVE-2026-33829 affecting the Windows Snipping Tool’s URI handler.
• The issue enables attackers to steal NTLMv2 hashes by exploiting how the search: URI scheme is processed.

Impact

• Attackers can remotely capture and steal NTLMv2 authentication hashes.
• Stolen hashes can be used to perform offline brute-force attacks or pass-the-hash attacks to escalate privileges on affected systems.

Affected / Fixed Versions

• Affects Windows systems implementing the search: URI handler.
• No patch or mitigation released at this time.

Recommendations

• Limit exposure by disabling the search: URI handler if feasible.
• Monitor for unusual network authentication attempts and implement strong password policies.
• Apply defense-in-depth measures to mitigate lateral movement if hashes are compromised.

Reference

https://thehackernews.com/2026/06/unpatched-windows-search-uri.html