Skip to content
Auto-CTI

What has changed?

Comparing 27 May 2026 with the previous day 26 May 2026.

Newly added

36
NEW
100

CVE-2025-12686

A remote code execution vulnerability in BeeStation Manager requires attention if the product is deployed, but does not affect standard Synology DSM devices typically used in manufacturing environments.

Critical CVSS 9.8 EPSS 0%
NEW
98

CVE-2025-13392

An authentication bypass in Synology DSM SSO module allows unauthorised access to NAS systems with knowledge of LDAP Distinguished Names, without requiring a password.

Critical CVSS 8.1 EPSS 0%
NEW
97

CVE-2025-41669

The vulnerability allows local users to install unsigned APP packages on PLCnext controllers without integrity verification, leading to root-level code execution,a critical risk for connected industrial automation systems.

Critical CVSS 8.8 EPSS 0%
NEW
80

Disputed Powers: BKA Receives Access to Attacker Infrastructure

Germany's Cabinet has granted the BKA new powers for active cyber defense, including the right to infiltrate and disrupt or destroy foreign IT systems , a measure that carries significant risks to uninvolved third parties, as attackers routinely use compromised systems as springboards.

Critical
NEW
80

Bill on Cybersecurity: Dobrindt Redefines Hackbacks

The German bill explicitly regulates hackbacks and active cyber defense for the first time, defining new legal boundaries and options for cyber countermeasures for German and European companies.

Critical
OceanLotus
75

OceanLotus suspected of using PyPI to deliver ZiChatBot malware

OceanLotus leverages legitimate Python package repositories (PyPI) as a malware distribution channel to compromise developers and organizations with Python dependencies,a sophisticated supply-chain approach with potential DACH implications.

Critical
NEW
59

CVE-2024-47268

The vulnerability allows already-authenticated administrators to obtain sensitive information via undocumented vectors , an insider-risk scenario in surveillance-critical systems.

Medium CVSS 4.9 EPSS 0%
NEW
20

7-Zip: Vulnerability Enables Code Execution

The BSI warns of a critical remote code execution vulnerability in 7-Zip when processing NTFS archives, which requires user interaction but poses significant security implications.

High
NEW
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warning on multiple OpenSSL vulnerabilities without specific CVE references , requires clarification via direct BSI source or CISA cross-reference for concrete patching priorities.

High
20

Google Chrome: Multiple Vulnerabilities

BSI warns of multiple unspecified Chrome vulnerabilities without naming specific CVE IDs or affected versions; the exact risk remains unclear until full disclosure.

High
NEW Akira
20

Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs

Akira intrusion demonstrates typical pattern: initial authentication via SSLVPN, lateral movement exclusively via RDP over two days, Kerberoasting and defense evasion through Event Log deletion,all activity was visible in standard logs but required proactive correlation between firewall and endpoint logs.

High
NEW
0

[UPDATE] Linux Kernel: Multiple Vulnerabilities

BSI warning regarding multiple unspecified Linux kernel vulnerabilities without concrete CVE identifiers complicates risk prioritization for organizations with Ubuntu deployments.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

41
NEW
94

CVE-2026-7451

The vulnerability enables arbitrary code execution through maliciously crafted TIF files in Autodesk 3ds Max, which poses a risk to organizations with design workflows.

Critical CVSS 7.8 EPSS 0%
NEW
81

CVE-2026-48133

A vulnerability in Fortinet's Identity Awareness blade allows unauthenticated users to read internal files on the Security Gateway when browser-based authentication is enabled.

Critical CVSS 7.5 EPSS 0%
NEW Nimbus Manticore
80

Iranian APT Targets Aviation, Software Companies With Updated Tools

Iranian APT Nimbus Manticore continues operations with updated tools targeting critical sectors such as aviation and software,evidence of sustained state-sponsored cyber-warfare with potential implications for European supply chains.

Critical
NEW
51

Microsoft 365 Copilot: Multiple Vulnerabilities

AI assistants with access to enterprise-wide data repositories are attractive targets for state-sponsored actors who could use RCE to gain access to sensitive information or systems.

Critical
NEW
47

CVE-2026-48897

A state-validation vulnerability enables attackers to bypass two-factor authentication, representing a critical risk for all AD/Entra-ID-based systems.

Critical EPSS 0%
NEW
47

CVE-2026-48896

A state-management vulnerability enables bypass of two-factor authentication,potentially a target for nation-state actors to gain initial access.

Critical EPSS 0%
NEW
17

Microsoft Issues Out-of-Band SharePoint Patch

The vulnerability allows non-privileged authenticated users to execute remote code without administrator rights, making SharePoint an exponentially riskier target for insider threats and APTs.

High
ESC