Skip to content
Auto-CTI

What has changed?

Comparing 20 June 2026 with the previous day 19 June 2026.

Newly added

57
NEW A2
100

CVE-2026-54130

An authentication bypass in M365 Copilot permits unauthorized access to sensitive information over the network without legitimate credentials.

Critical CVSS 9.8 EPSS 0%
NEW A2
100

CVE-2026-45480

An authentication flaw in Azure AD enables remote privilege escalation; this affects organizations relying on Microsoft Entra ID for identity management, especially in distributed access scenarios (RDP, VPN, cloud services).

Critical CVSS 10.0 EPSS 0%
NEW A2
90

CVE-2026-48582

An authentication gap in Microsoft Exchange Online allows authorized attackers to escalate privileges over the network, with no prior disclosure or active exploitation reported.

Critical CVSS 9.6 EPSS 0%
NEW A2
87

CVE-2026-42488

A memory corruption vulnerability in Xen shadow paging can lead to mapcache inconsistencies when vCPU references are not updated after page-table switches.

Critical CVSS 8.1 EPSS 0%
Screening Serpens B3
85

Tracking Iranian APT Screening Serpens' 2026 Espionage Campaigns

Iranian APT Screening Serpens deploys updated MiniJunk V2 malware with advanced defense evasion techniques (.NET AppDomainManager) for espionage against European targets, signaling elevated activity against EU/DACH infrastructure.

Critical
B3
75

25th May , Threat Intelligence Report

Two actively exploited Windows Defender flaws (privilege escalation and denial of service) are being weaponized in the wild, coinciding with a documented 124% surge in hacktivism and ransomware targeting DACH organizations in 2025.

Critical
NEW A2
50

CVE-2026-1288

A NULL pointer dereference in Revit's RFA-to-FormIt conversion can cause application crashes, but impacts only availability, not data integrity or code execution.

Medium CVSS 5.5 EPSS 0%
NEW A3
20

Adobe Creative Cloud Applications: Multiple Vulnerabilities

The BSI warns of multiple unspecified vulnerabilities in Adobe Creative Cloud without naming individual CVEs or version numbers; this indicates an aggregated security notice but requires cross-reference with Adobe security bulletins for specific affected versions.

High
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warns of multiple OpenSSL vulnerabilities with varying impacts (DoS, information disclosure); specific CVE numbers and CVSS scores are required for prioritization.

High
A3
20

7-Zip: Vulnerability Enables Code Execution

A code-execution vulnerability in 7-Zip affecting NTFS archive processing requires user interaction for exploitation; this poses a risk to systems where 7-Zip is deployed for file management.

High
NEW B3
15

Threat Brief: Mitigating Large-Scale Credential Attacks

Unit 42 documents an active large-scale campaign using password spraying attacks against Fortinet, Sophos, and MSSQL services for initial access; threat actors extract configurations and target authentication mechanisms.

High
A3
0

Microsoft Patchday April 2026

Routine BSI patch advisory without specific CVE details or active exploitation; requires standard patch process.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

10
NEW Russian ransomware group (identity not specifically disclosed in source) C3
46

An update on FortiBleed , what's happening with victim orgs

FortiBleed campaign demonstrates active exploitation of Fortinet devices by eCrime and Russian ransomware groups for lateral movement into Active Directory environments via MSP and telecom providers.

Critical
ESC