Skip to content
Auto-CTI

What has changed?

Comparing 22 May 2026 with the previous day 21 May 2026.

Newly added

47
NEW
92

CVE-2026-33000

A privilege-escalation vulnerability in UniFi OS enables remote command execution for attackers with network access, directly compromising the central network-management infrastructure.

Critical CVSS 9.1 EPSS 0%
NEW
92

CVE-2026-34908

An access control vulnerability in UniFi OS allows network-adjacent attackers to make unauthorized system changes without requiring authentication.

Critical CVSS 10.0 EPSS 0%
NEW
92

CVE-2026-34909

Network access alone is sufficient to exploit a path-traversal vulnerability in UniFi devices for file manipulation and account compromise, without requiring authentication.

Critical CVSS 10.0 EPSS 0%
NEW
92

CVE-2026-34910

The vulnerability enables direct command execution on UniFi devices through network access by exploiting improper input validation, requiring immediate patch prioritization in Joel Traber AG's infrastructure.

Critical CVSS 10.0 EPSS 0%
NEW
51

Ubiquiti UniFi OS Server: Multiple Vulnerabilities

BSI warns of multiple production-in-use vulnerabilities in UniFi OS Server with direct RCE potential; absence of CVE numbers suggests possible zero-days or coordinated disclosure.

Critical
NEW
20

[UPDATE] Linux Kernel: Multiple Vulnerabilities

The advisory lacks specificity regarding affected kernel versions and CVE identifiers; further details are required to assess exploitation status and patching priority for Ubuntu 24.04 LTS.

High
20

[UPDATE] Linux Kernel: Multiple Vulnerabilities

BSI advisory on multiple Linux kernel vulnerabilities without specific CVE disclosure or PoC status; concrete patch status and affected versions must be obtained from the full BSI report.

High
20

Adobe Acrobat DC: Multiple Vulnerabilities

The BSI alert on multiple RCE and privilege escalation vulnerabilities in Adobe Acrobat DC/Reader DC requires immediate patching action for all affected systems in the company.

High
NEW
12

CVE-2026-39832

OpenSSH-based remote access scenarios at Joel Traber AG may be affected by a vulnerability that bypasses key access restrictions and permits unrestricted use of forwarded keys on remote hosts.

High EPSS 0%
0

Microsoft Edge: Multiple Vulnerabilities

The BSI warns of multiple unspecified vulnerabilities in Microsoft Edge enabling information disclosure and manipulation; user interaction is required for exploitation.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

11
NEW
20

Google Chrome: Mehrere Schwachstellen

Generic BSI advisory without specific CVE identifiers, affected versions, or exploitation status; describes multiple undefined vulnerabilities without documenting active campaigns or current exploitation.

Low
NEW
0

CVE-2026-43501

A kernel bug in IPv6 RPL processing can cause memory corruption, affecting Ubuntu 24.04 LTS.

Low EPSS 0%
ESC