All CosmicBytez Labs articles tagged #Patch Now, across news, security advisories, how-to guides, and projects.
CISA added two critical Fortinet FortiSandbox OS command injection vulnerabilities to its KEV catalog and gave federal agencies just three days to patch, as active exploitation continues against the security appliance platform.
Progress Software has confirmed a high-severity path traversal zero-day vulnerability in ShareFile Storage Zone Controller triggered the emergency shutdown order issued to on-premises customers on July 10, 2026. Emergency patches (versions 5.12.5 and 6.0.2) were released July 14, restoring customer access. All 5.x and 6.x versions are affected; cloud-only ShareFile accounts are not impacted.
SonicWall has issued an urgent advisory warning that two vulnerabilities in its SMA 1000 series secure remote access appliances are being actively exploited in chained zero-day attacks. CVE-2026-15409 (SSRF, CVSS 10.0) and CVE-2026-15410 (OS command injection) are combined to achieve full remote compromise. Patches are available; CISA has set a July 17 federal deadline.
CISA has added a high-severity Microsoft SharePoint Server remote code execution vulnerability to its Known Exploited Vulnerabilities catalog following...
Drupal has released emergency security updates for CVE-2026-9082, a highly critical vulnerability in Drupal Core that allows remote code execution,...
A critical vulnerability in certain configurations of the Exim open-source mail transfer agent allows unauthenticated remote attackers to execute...
Exim has released security updates to patch a severe vulnerability affecting GnuTLS-compiled builds of the world's most widely deployed mail transfer...
Fortinet has released emergency security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to...
CISA has added a high-severity Apache ActiveMQ vulnerability to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the...
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity...
Hackers are actively exploiting a critical memory overread vulnerability tracked as CVE-2026-3055 in Citrix NetScaler ADC and NetScaler Gateway appliances...
Threat intelligence firm Defused confirms active in-the-wild exploitation of a critical vulnerability in Fortinet's FortiClient EMS platform....