Microsoft's Record 206-Patch Tuesday — 3 Exploited Zero-Days
Microsoft patches 206 flaws with 3 exploited zero-days including CVE-2026-42897. Ivanti Sentry CVSS 10.0 RCE and Langflow CVE-2026-5027 also exploited.
Posts tagged: Windows-Zero-Day
Microsoft's Record 206-Flaw Patch Tuesday — 4 Zero-Days
Microsoft patches 206 flaws including 3 zero-days, then a 4th drops hours later. PAN-OS CVE-2026-0257 exploited. ServiceNow 59-day exposure window.
Windows Netlogon RCE CVE-2026-41089 Exploited
CVE-2026-41089 Windows Netlogon RCE exploited in the wild. Oracle WebLogic CVE-2024-21182 active. Red Hat npm supply chain attack hits 32 packages.
CVE-2026-32202 & CVE-2026-41940: Vulnerability Analysis for CySA+ Study
Analyze CVE-2026-32202 (CVSS 4.3) and CVE-2026-41940 (CVSS 10.0) for CySA+ CS0-003: KEV, EPSS, MITRE ATT&CK, and risk-based triage.
NGINX Heap Overflow CVE-2026-42945 Exploited
CVE-2026-42945 NGINX heap overflow exploited 48 hours after disclosure, MiniPlasma Windows kernel zero-day PoC public, ShinyHunters hits 7-Eleven.
CISA Mandates Patch for Windows Shell CVE-2026-32202
CVE-2026-32202 Windows Shell zero-day confirmed exploited, CVE-2026-3854 GitHub RCE exposes private repos, CVE-2026-42208 LiteLLM SQLi hit in 36 hours.