SharePoint RCE CVE-2026-45659: Active Exploits

SharePoint RCE CVE-2026-45659

SharePoint RCE CVE-2026-45659 is now under active exploitation, and the federal patch deadline set by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is July 4 — tomorrow. The CVSS 8.8 deserialization flaw lets any authenticated user with nothing more than baseline Site Member permissions run code remotely on the server. Shadowserver currently counts more…

Read More

SimpleHelp CVE-2026-48558 RMM Bypass Exploited

SimpleHelp CVE-2026-48558

A critical SimpleHelp CVE-2026-48558 authentication bypass is letting attackers forge a login token and seize a fully authenticated technician session in the remote monitoring and management (RMM) software thousands of managed service providers use to run client networks. CISA added the flaw to its Known Exploited Vulnerabilities catalog on June 29, and researchers have already…

Read More

PTC Windchill RCE CVE-2026-12569: Web Shells Actively Deployed

The PTC Windchill RCE CVE-2026-12569 (CVSS 9.3) is actively exploited — and this is the second attack wave targeting the same product in three months. Attackers are deploying persistent JSP web shells inside Windchill PDMLink and FlexPLM installations right now. CISA added the flaw to its Known Exploited Vulnerabilities catalog on June 25, 2026; the…

Read More

Three CVSS 10.0 Vulnerabilities in Ubiquiti UniFi OS — Zero Auth, Full Network Control

Three CVSS 10.0 vulnerabilities in Ubiquiti UniFi OS. One exploit chain. Full network control. Zero authentication required. If you use UniFi in your office — and most DACH SMBs do — this is your highest-priority patch this week. CISA added three Ubiquiti vulnerabilities to its Known Exploited Vulnerabilities catalog on June 23, confirming active exploitation…

Read More