Skip to content
Auto-CTI

What has changed?

Comparing 3 June 2026 with the previous day 2 June 2026.

Newly added

17
NEW
94

CVE-2022-49042

The vulnerability allows local users to execute arbitrary code on backup management systems, compromising the integrity of backup infrastructure.

Critical CVSS 7.8 EPSS 0%
NEW C3
70

Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover

A debugging error in Microsoft 365 Android apps (Excel, Word, PowerPoint, OneNote, Loop, Copilot) disabled a critical security setting for token protection validation in production releases, allowing attackers to steal authentication tokens and take over accounts.

Critical
NEW
52

CVE-2024-47273

A path-traversal vulnerability in Synology Hyper Backup before version 4.1.2-4036 allows authenticated users to write arbitrary files and potentially compromise the integrity of backup systems.

Medium CVSS 4.3 EPSS 0%
NEW
50

CVE-2024-47263

Path-traversal vulnerability in Hyper Backup allows authenticated administrators to write non-sensitive files via unspecified vectors , requires admin privileges and is already fixed in version 4.1.2-4036.

Medium CVSS 4.1 EPSS 0%
NEW A3
20

CVE-2026-42840

An authenticated user can inject persistent JavaScript into a customer record and compromise every POS operator in the organization who retrieves that record.

High EPSS 0%
NEW C3
20

Attackers Use AI to Automate EDR Evasion Testing

Attackers are using AI-driven automation to systematically test and refine evasion techniques against EDR solutions , signaling a professionalization of attack preparation workflows.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

9
NEW
20

Red Hat Infostealer Reaches Over 100,000 Downloads

An npm-based infostealer with over 100,000 downloads demonstrates active supply-chain risk through manipulated open-source packages that exfiltrate credentials and environment data from developers.

High
ESC