Skip to content
Auto-CTI

What has changed?

Comparing 26 June 2026 with the previous day 25 June 2026.

Newly added

25
KEV B1
62

The April 2026 Security Update Review

Monthly patch roundup focused on Adobe and Microsoft; particular priority given to an active Reader exploit and multiple elevation-of-privilege vulnerabilities in Windows components and SQL Server.

Medium CVSS 6.5 EPSS 64%
KEV NEW C1
55

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild

First documented exploitation of CVE-2026-12569 in Windchill demonstrates that threat actors are operationalizing PTC products as targets immediately after patches became available,German authorities have also previously warned about this vulnerability and a related CVE-2026-4681.

Medium EPSS 1%
NEW B2
51

The May 2026 Security Update Review

May release covers 52 Adobe CVEs and numerous Microsoft patches with Adobe Commerce and Connect highest priority; no active wild exploitations reported.

Medium CVSS 8.1 EPSS 72%
NEW A3
20

CVE-2026-57535

HTML content in PDF rendering contexts can leak information about the rendering server via <img> tags with remote URLs or be exploited as an SSRF vector in the local network.

High EPSS 0%
A3
20

Microsoft Edge: Multiple Vulnerabilities

BSI warns of multiple critical vulnerabilities in Microsoft Edge enabling remote code execution and security bypass; specific CVE numbers not provided.

High
NEW A3
20

Bitwarden: Multiple Vulnerabilities

Authenticated attackers can exploit multiple vulnerabilities to manipulate critical password and management data or disclose sensitive information.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

16
KEV NEW C1
100

Cisco SD-WAN Zero-Day Exploited Months Before Patching

A Cisco SD-WAN zero-day was actively exploited for months prior to disclosure, with evidence of file deletion and system configuration restoration by the attacker to evade detection.

Critical CVSS 7.8 EPSS 10%
NEW Russia A3
90

«Security Switzerland 2026»: No All-Clear for Switzerland

The official Swiss security report 2026 designates Russia as Europe's greatest threat with aggressive hybrid warfare directly targeting Switzerland in cyberspace, critical infrastructure, and espionage , a strategic signal for Swiss manufacturing SMEs.

Critical
NEW C3
80

Europe Evolves Into Ransomware's Favorite Region

After a global lull in 2024,2025, ransomware gangs have actively refocused on Europe and are deliberately targeting EU organizations and their supply chains,a strategic risk for Swiss and European manufacturing enterprises.

Critical
NEW A3
20

CVE-2026-53153

Race-condition vulnerability in Linux kernel memory management with potential for memory corruption under concurrent access to memcg lists.

High EPSS 0%
NEW B3
20

Introduction to COM usage by Windows threats

Cisco Talos documents systematically how malware exploits COM interfaces for lateral movement, persistence, and evasion , a fundamental defensive competency for Windows-heavy infrastructure defenders.

High
NEW A3
20

[UPDATE] Adobe Acrobat DC: Multiple Vulnerabilities

The BSI has issued a security advisory on multiple vulnerabilities in Adobe Acrobat DC and Adobe Acrobat Reader DC enabling remote code execution and privilege escalation, though specific CVE identifiers are not named in this notice.

High
NEW C3
17

Update Chrome to patch critical browser security flaws

Chrome 149.0.7827.196/197 patches 18 vulnerabilities including four critical flaws; no indication of active in-the-wild exploitation yet, but Chrome zero-days have been exploited multiple times this year.

High
ESC