CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
May 21, 2026
CVE-2026-3102 in ExifTool’s SetMacOSTags lets a crafted image execute shell commands on macOS; the flaw is patched in ExifTool 13.50
CVE Vulnerability Alerts
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
CVE-2026-3102 in ExifTool's SetMacOSTags lets a crafted image execute shell commands on macOS; the flaw is patched in ExifTool 13.50 after Kaspersky disclosure.
CVE-2026-46376: FreePBX Hard-Coded Credentials Open VoIP Portals
CVE-2026-46376 in FreePBX hardcodes setup credentials in the User Control Panel, letting unauthenticated attackers access phone systems and commit toll fraud.
CVE-2026-46333: Linux Kernel Flaw Grants Root via ssh-keysign
Qualys disclosed CVE-2026-46333, a nine-year-old Linux privilege escalation flaw that gives local users a reliable path to root on Debian, Fedora, and Ubuntu.
CISA Adds Two Exploited Microsoft Defender Zero-Days to KEV
Microsoft Defender is actively being exploited via two zero-days, CVE-2026-41091 and CVE-2026-45498, which CISA added to its KEV catalog on May 20, 2026.
SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
SonicWall's patch for CVE-2024-12802 needed a manual LDAP reconfiguration most admins skipped, leaving Gen6 VPN open to MFA bypass and ransomware access.
CVE-2026-45585: Windows Zero-Day Bypasses BitLocker
Microsoft disclosed CVE-2026-45585, a Windows zero-day that allows attackers with physical access to bypass BitLocker encryption without the decryption key.
CVE-2026-45829: Max-Severity Flaw Lets Attackers Hijack ChromaDB
CVE-2026-45829 is a maximum-severity pre-auth flaw in ChromaDB allowing server hijacking; about 73% of internet-exposed instances run a vulnerable version.
Drupal Issues Highly Critical Patch, Exploits Expected Within Hours
Drupal warned a highly critical vulnerability in versions 11.3.x through 10.5.x could be exploited within hours of its May 20, 2026 patch release date.
SEPPMail Gateway Hit with 7 CVEs, Including CVSS 10.0 RCE Flaw
Seven vulnerabilities in SEPPMail Secure E-Mail Gateway, including a CVSS 10.0 pre-auth RCE, could let attackers intercept all protected mail traffic.
CISA Orders Patch for Sixth Cisco SD-WAN Zero-Day of 2026
Cisco confirmed active exploitation of CVE-2026-20182, a CVSS 10.0 authentication bypass in SD-WAN, as CISA gave federal agencies three days to patch.
CVE-2026-46376: FreePBX Hard-Coded Credentials Open VoIP Portals
May 21, 2026
CVE-2026-46376 in FreePBX hardcodes setup credentials in the User Control Panel, letting unauthenticated attackers access phone systems and commit toll
CVE-2026-46333: Linux Kernel Flaw Grants Root via ssh-keysign
May 21, 2026
Qualys disclosed CVE-2026-46333, a nine-year-old Linux privilege escalation flaw that gives local users a reliable path to root on Debian,
CISA Adds Two Exploited Microsoft Defender Zero-Days to KEV
May 21, 2026
Microsoft Defender is actively being exploited via two zero-days, CVE-2026-41091 and CVE-2026-45498, which CISA added to its KEV catalog on
SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
May 21, 2026
SonicWall’s patch for CVE-2024-12802 needed a manual LDAP reconfiguration most admins skipped, leaving Gen6 VPN open to MFA bypass and
CVE-2026-45585: Windows Zero-Day Bypasses BitLocker
May 20, 2026
Microsoft disclosed CVE-2026-45585, a Windows zero-day that allows attackers with physical access to bypass BitLocker encryption without the decryption key.
CVE-2026-45829: Max-Severity Flaw Lets Attackers Hijack ChromaDB
May 20, 2026
CVE-2026-45829 is a maximum-severity pre-auth flaw in ChromaDB allowing server hijacking; about 73% of internet-exposed instances run a vulnerable version.
Drupal Issues Highly Critical Patch, Exploits Expected Within Hours
May 20, 2026
Drupal warned a highly critical vulnerability in versions 11.3.x through 10.5.x could be exploited within hours of its May 20,
SEPPMail Gateway Hit with 7 CVEs, Including CVSS 10.0 RCE Flaw
May 20, 2026
Seven vulnerabilities in SEPPMail Secure E-Mail Gateway, including a CVSS 10.0 pre-auth RCE, could let attackers intercept all protected mail
CISA Orders Patch for Sixth Cisco SD-WAN Zero-Day of 2026
May 19, 2026
Cisco confirmed active exploitation of CVE-2026-20182, a CVSS 10.0 authentication bypass in SD-WAN, as CISA gave federal agencies three days
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.