Skip to content
Auto-CTI

What has changed?

Comparing 23 June 2026 with the previous day 22 June 2026.

Newly added

18
KEV NEW B1
71

CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration.

The vulnerability is actively exploited and demonstrates a typical gap between patch availability and user configuration; exploitation waves in July-August 2025 indicate ransomware campaigns (including Akira) combining a firewall vulnerability with weak configuration practices.

High CVSS 9.8 EPSS 16%
KEV Russian state-sponsored actors C1
70

Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs

Russian threat actors are actively exploiting a known WinRAR vulnerability (patched in July) for targeted cyberespionage against Ukrainian military and government targets, signaling sustained cyber-warfare in the region.

High CVSS 8.8 EPSS 81%
NEW Russian Initial-Access Broker (IAB) C3
80

Russian Initial Access Broker Behind FortiBleed Campaign

A Russian initial-access broker is running the FortiBleed campaign to harvest credentials at scale (110+ million since February 2026) via network sniffers and may sell acquired access to state-sponsored groups or ransomware gangs.

Critical
NEW A2
71

CVE-2020-9695

This CVE originates from 2020 and has been extensively patched; active exploitations in the wild are unlikely if patches have been applied.

High CVSS 7.8 EPSS 0%
NEW A2
58

CVE-2026-54515

Vulnerability allows bypass of @JsonIgnoreProperties filters by exploiting case-insensitivity processing in jackson-databind, making supposedly ignored properties writable again.

Medium CVSS 5.3 EPSS 0%
NEW A2
50

CVE-2020-9711

This 2020 CVE is long patched and remains relevant only if outdated Acrobat versions are still in productive use in the organisation; no current threat.

Medium CVSS 5.5 EPSS 0%
NEW A2
50

CVE-2020-9713

This is a 2020 vulnerability with no evidence of active exploitation or coordinated attack campaigns in the wild.

Medium CVSS 5.5 EPSS 0%
A3
20

[UPDATE] systemd: Multiple Vulnerabilities

BSI advisory without explicit CVE numbers suggests coordinated disclosure or not-yet-fully-disclosed vulnerabilities; priority depends on CVE details and patch availability.

High
NEW A3
0

Siemens WinCC Certificate Manager

Siemens WinCC Certificate Manager has a vulnerability that may allow attackers to bypass authentication mechanisms or accept invalid certificates.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

8
ESC