
UniFi CVSS 10 Command Injection — CVE-2026-50746
CVE-2026-50746 UniFi OS CVSS 10 command injection, CVE-2026-50656 Defender RoguePlanet exploit, UAT-7810 LONGLEASH ORB malware, ColdFusion KEV deadline.
Posts tagged: Cisa-Kev

CVE-2026-50746 UniFi OS CVSS 10 command injection, CVE-2026-50656 Defender RoguePlanet exploit, UAT-7810 LONGLEASH ORB malware, ColdFusion KEV deadline.

CVE-2026-43499 GhostLock grants instant root on Linux since 2011. CVE-2026-48282 ColdFusion CVSS 10 added to KEV. KDDI 12M credential breach confirmed.

Cisco UCM zero-day exploited with public PoC. CVE-2026-45659 SharePoint RCE hits CISA KEV. DHS confirms HSIN breach. JADEPUFFER AI ransomware.

CVE-2026-20245 gave attackers root on Cisco SD-WAN routers for two months pre-patch. Plus CVSS 9.8 Lantronix OT flaw and 27M credentials recovered.

FortiBleed leaks VPN credentials for 73,000 FortiGate devices. F5 patches critical NGINX RCE flaws. Cisco ISE root exploit patched.

144 Mastra AI npm packages compromised via hijacked contributor account. CVE-2026-48907 Joomla JCE CVSS 10.0 actively exploited.

Ivanti Sentry RCE under active exploitation with CISA's new 3-day patch mandate. ShinyHunters hit Oracle PeopleSoft CVE-2026-35273.

Microsoft patches 206 flaws with 3 exploited zero-days including CVE-2026-42897. Ivanti Sentry CVSS 10.0 RCE and Langflow CVE-2026-5027 also exploited.

Microsoft patches 206 flaws including 3 zero-days, then a 4th drops hours later. PAN-OS CVE-2026-0257 exploited. ServiceNow 59-day exposure window.

CVE-2026-50751 Check Point VPN IKEv1 auth bypass exploited by Qilin ransomware. Plus Chrome's fifth zero-day and a UniFi unauthenticated root chain.