Skip to content
Auto-CTI

What has changed?

Comparing 12 June 2026 with the previous day 11 June 2026.

Newly added

26
KEV B1
62

The April 2026 Security Update Review

Extensive patch collection with 60+ Adobe CVEs and Windows EoP bugs; active exploitation in Reader area requires prioritization, but no nation-state implication identified.

Medium CVSS 6.5 EPSS 53%
NEW A2
100

CVE-2026-48610

The vulnerability allows unauthorized network-based modification of UniFi OS device configurations without authentication.

Critical CVSS 8.1 EPSS 0%
NEW A2
71

CVE-2026-47965

The vulnerability enables remote code execution with user interaction and affects Acrobat Reader versions deployed across many production environments.

High CVSS 7.8 EPSS 0%
NEW A3
20

Google Chrome: Multiple Vulnerabilities

BSI warning for multiple unspecified Chrome vulnerabilities without CVE details; patch availability and exploitation status not mentioned in the source.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

20
NEW C3
70

'GreatXML' Zero-Day Exploit Bypasses BitLocker

The exploit leverages a vulnerability in Microsoft Defender's offline scan functionality to bypass BitLocker and spawn a SYSTEM shell, posing a critical threat to locally accessible Windows systems.

Critical
NEW A3
51

Ubiquiti UniFi OS: Multiple Vulnerabilities

The BSI warning addresses multiple critical vulnerabilities in Ubiquiti UniFi OS without specific CVE identification, suggesting either incomplete disclosure or coordinated vulnerability management.

Critical
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warns of multiple OpenSSL vulnerabilities with high risk potential (RCE, DoS, information disclosure); an official German government warning signals active exploitation or imminent public exploit availability.

High
A3
20

7-Zip: Multiple Vulnerabilities

BSI warns of multiple vulnerabilities in 7-Zip with remote code execution potential when processing manipulated archives , relevant immediate threat to desktop end-users.

High
NEW A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warns of multiple OpenSSL vulnerabilities; without specific CVE numbers, this is a generic advisory likely referencing a patch cycle or multiple known flaws.

High
UNC6671 (BlackFile) B3
15

Welcome to BlackFile: Inside a Vishing Extortion Operation

UNC6671 uses social engineering (vishing) combined with Adversary-in-the-Middle (AiTM) and Python/PowerShell to bypass MFA and systematically compromise Microsoft 365 and Okta; the announced shutdown signals possible rebranding rather than permanent cessation.

High
ESC