Skip to content
Auto-CTI

What has changed?

Comparing 26 May 2026 with the previous day 25 May 2026.

Newly added

41
NEW
94

CVE-2026-7451

The vulnerability enables arbitrary code execution through maliciously crafted TIF files in Autodesk 3ds Max, which poses a risk to organizations with design workflows.

Critical CVSS 7.8 EPSS 0%
NEW
81

CVE-2026-48133

A vulnerability in Fortinet's Identity Awareness blade allows unauthenticated users to read internal files on the Security Gateway when browser-based authentication is enabled.

Critical CVSS 7.5 EPSS 0%
NEW Nimbus Manticore
80

Iranian APT Targets Aviation, Software Companies With Updated Tools

Iranian APT Nimbus Manticore continues operations with updated tools targeting critical sectors such as aviation and software,evidence of sustained state-sponsored cyber-warfare with potential implications for European supply chains.

Critical
NEW
51

Microsoft 365 Copilot: Multiple Vulnerabilities

AI assistants with access to enterprise-wide data repositories are attractive targets for state-sponsored actors who could use RCE to gain access to sensitive information or systems.

Critical
NEW
47

CVE-2026-48897

A state-validation vulnerability enables attackers to bypass two-factor authentication, representing a critical risk for all AD/Entra-ID-based systems.

Critical EPSS 0%
NEW
47

CVE-2026-48896

A state-management vulnerability enables bypass of two-factor authentication,potentially a target for nation-state actors to gain initial access.

Critical EPSS 0%
NEW
17

Microsoft Issues Out-of-Band SharePoint Patch

The vulnerability allows non-privileged authenticated users to execute remote code without administrator rights, making SharePoint an exponentially riskier target for insider threats and APTs.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

8
NEW Russia (state-sponsored intelligence agencies via Stark Industries Solutions infrastructure)
90

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

Dutch authorities dismantled a hosting infrastructure (Stark Industries) used by Russian intelligence for DDoS attacks, influence operations, and disinformation campaigns against EU targets , evidence of enforcement of EU sanctions and ongoing Russian cyber threat to the DACH region.

Critical
NEW
75

25th May , Threat Intelligence Report

Check Point Research documents a 124% surge in hacktivism and ransomware attacks across Germany, Austria, and Switzerland in 2025 , a significant escalation of regional cyber threat to Swiss manufacturing enterprises.

Critical
NEW TeamPCP
58

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24

Active, multi-vector supply-chain campaign targeting the developer ecosystem compromised both open-source repositories and Microsoft-published Python SDKs; GitHub, OpenAI, Grafana, and Mistral AI named as downstream victims.

Critical
NEW TeamPCP
58

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24

TeamPCP compromised three critical supply-chain tiers (VS Code extension, Python SDK, npm packages) in a single week and reached GitHub's internal repositories; downstream victims include OpenAI, Grafana Labs, and Mistral AI.

Critical
ESC