Skip to content
Auto-CTI

What has changed?

Comparing 26 June 2026 with the previous day 19 June 2026.

Newly added

25
KEV B1
62

The April 2026 Security Update Review

Monthly patch roundup focused on Adobe and Microsoft; particular priority given to an active Reader exploit and multiple elevation-of-privilege vulnerabilities in Windows components and SQL Server.

Medium CVSS 6.5 EPSS 64%
KEV NEW C1
55

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild

First documented exploitation of CVE-2026-12569 in Windchill demonstrates that threat actors are operationalizing PTC products as targets immediately after patches became available,German authorities have also previously warned about this vulnerability and a related CVE-2026-4681.

Medium EPSS 1%
NEW B2
51

The May 2026 Security Update Review

May release covers 52 Adobe CVEs and numerous Microsoft patches with Adobe Commerce and Connect highest priority; no active wild exploitations reported.

Medium CVSS 8.1 EPSS 72%
NEW A3
20

CVE-2026-57535

HTML content in PDF rendering contexts can leak information about the rendering server via <img> tags with remote URLs or be exploited as an SSRF vector in the local network.

High EPSS 0%
A3
20

Microsoft Edge: Multiple Vulnerabilities

BSI warns of multiple critical vulnerabilities in Microsoft Edge enabling remote code execution and security bypass; specific CVE numbers not provided.

High
NEW A3
20

Bitwarden: Multiple Vulnerabilities

Authenticated attackers can exploit multiple vulnerabilities to manipulate critical password and management data or disclose sensitive information.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

10
NEW Russian ransomware group (identity not specifically disclosed in source) C3
46

An update on FortiBleed , what's happening with victim orgs

FortiBleed campaign demonstrates active exploitation of Fortinet devices by eCrime and Russian ransomware groups for lateral movement into Active Directory environments via MSP and telecom providers.

Critical
ESC