{"vulnerability": "cve-2026-20230", "sightings": [{"uuid": "4746fb81-de25-4866-aebb-56388ebab167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-547", "content": "", "creation_timestamp": "2026-06-03T12:22:10.000000Z"}, {"uuid": "e3e69360-49ae-4d61-b7db-d3be7fd7e917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mng7rwuf3i2c", "content": "CVE-2026-20230 - SSRF in Cisco Unified CM & Unified CM SME. Improper HTTP input validation. CVSS 8.6. Unpatched. No workaround available. Monitor for updates. #CVE #Cisco #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-20230/", "creation_timestamp": "2026-06-03T23:03:34.158889Z"}, {"uuid": "6002d201-cbc9-4587-9ccb-3ff2dcd8fb8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mnhan2l7ls2n", "content": "Cisco released patches for CVE-2026-20230 in Unified CM and Unified CM SME, where improper HTTP input validation enables SSRF and potential root escalation.\n", "creation_timestamp": "2026-06-04T08:51:23.804102Z"}, {"uuid": "5e7617eb-cac8-4548-b6ee-275c0488d685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mnhb5genbz23", "content": "Cisco Unified CM & SME face a CRITICAL SSRF flaw (CVE-2026-20230). Only systems with WebDialer enabled are at risk. Patch to 14SU6 ASAP \u2014 PoC is public, no live attacks yet. https://radar.offseq.com/threat/cisco-warns-of-available-poc-for-critical-unified--c947124b #OffSeq #Cisco #SecurityAlert", "creation_timestamp": "2026-06-04T09:00:33.661242Z"}, {"uuid": "2de60f3c-c759-4a27-9ade-b5b5ed15a650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116691018083283672", "content": "\u26a0\ufe0f CRITICAL: Cisco Unified CM/SME hit by SSRF vuln (CVE-2026-20230). Unauthenticated remote attackers can write files & escalate to root if WebDialer is enabled. Patch to 14SU6 ASAP. PoC out, no active exploitation. https://radar.offseq.com/threat/cisco-warns-of-available-poc-for-critical-unified--c947124b #OffSeq #Cisco #SSRF #Vuln", "creation_timestamp": "2026-06-04T09:00:43.736581Z"}, {"uuid": "029b88fa-a1ea-474a-b464-0596bf10c059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1899", "content": "", "creation_timestamp": "2026-06-03T21:00:00.000000Z"}, {"uuid": "74677dba-4642-42c5-8708-e0b18e9c3fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://www.acn.gov.it/portale/w/cisco-cucm-disponibile-poc-per-lo-sfruttamento-di-vulnerabilita", "content": "Disponibile un Proof of Concept (PoC) per la CVE-2026-20230 \u2013 gi\u00e0 sanata dal vendor \u2013 presente in Cisco Unified Communications Manager (CUCM) e Cisco Unified CM Session Management Edition (CUCM SME), note soluzioni Cisco per la gestione delle comunicazioni VoIP aziendali. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato di scrivere file arbitrari sul filesystem dei sistemi interessati", "creation_timestamp": "2026-06-04T07:04:00.000000Z"}, {"uuid": "e66c0d24-d6df-4caf-9398-17f1beb4aa98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnhfdb677x2l", "content": "Cisco patched CVE-2026-20230 in Unified CM and Unified CM SME after PoC code surfaced. The flaw could enable SSRF via crafted HTTP requests and may lead to root access on affected systems. #Cisco #UnifiedCM #CVE202620230", "creation_timestamp": "2026-06-04T10:15:23.706928Z"}, {"uuid": "66b30a01-b4f7-4e6a-b475-cb8737b93c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnhg43zcy32h", "content": "CVE-2026-20230: Critical Cisco Unified CM SSRF Flaw Exposes Enterprises to Root-Level Takeover via Public Exploit Code +\u00a0Video\n\nBreaking Security Reality: A Hidden Door Inside Enterprise Voice Infrastructure A newly disclosed vulnerability in Cisco Unified Communications Manager (Unified CM) has\u2026", "creation_timestamp": "2026-06-04T10:29:17.638797Z"}, {"uuid": "24fbf84e-df9d-4cd2-a351-9f90749b2eb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mnhicayvz62k", "content": "CVE-2026-20230: Public PoC for Cisco Unified CM Vulnerability Risks Remote Root Access", "creation_timestamp": "2026-06-04T11:08:31.175249Z"}, {"uuid": "374e14f8-41a3-41cc-855a-d8e791863593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnhpnko23r2d", "content": "\ud83d\udd17 CVE : CVE-2026-20230", "creation_timestamp": "2026-06-04T13:20:06.817392Z"}, {"uuid": "714049c5-130a-46c7-8f2d-b06dd9aa900c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mnhnpk4ruz2r", "content": "Cisco fixed CVE-2026-20230, a critical Unified CM flaw that could let remote attackers gain root via SSRF. Systems with WebDialer enabled are affected. Upgrade to 14SU6 or 15SU5. #Cisco #UnifiedCM #WebDialer", "creation_timestamp": "2026-06-04T12:45:25.997344Z"}, {"uuid": "ca67fac9-7d06-4f9f-9cff-9e4ab49c5895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://gist.github.com/alon710/820db5e55816f217153b6bb6b1bd693c", "content": "# CVE-2026-20230: CVE-2026-20230: Server-Side Request Forgery in Cisco Unified Communications Manager WebDialer Service\n\n> **CVSS Score:** 8.6\n> **Published:** 2026-06-03\n> **Full Report:** https://cvereports.com/reports/CVE-2026-20230\n\n## Summary\nCVE-2026-20230 is a critical Server-Side Request Forgery (SSRF) vulnerability in the WebDialer service of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). The flaw arises from improper validation of input parameters within WebDialer HTTP requests. Unauthenticated remote attackers can exploit this vulnerability to force the application to make HTTP requests to internal administrative services bound to the loopback interface. In the Cisco Voice Operating System (VOS) environment, these local services trust loopback traffic inherently, permitting unauthorized file writes. By writing malicious files to specific system directories, the attacker can execute arbitrary commands with root privileges.\n\n## TL;DR\nImproper input validation in the WebDialer service of Cisco Unified CM enables unauthenticated remote attackers to execute a Server-Side Request Forgery (SSRF). This vulnerability allows attackers to query internal loopback APIs, write malicious files to the filesystem, and escalate privileges to root.\n\n## Technical Details\n\n- **Vulnerability ID**: CVE-2026-20230\n- **CWE ID**: CWE-918\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1 Score**: 8.6 (Critical Severity Impact Rating)\n- **Exploit Status**: None (No public exploit code or active exploitation detected)\n- **CISA KEV Status**: No\n\n## Affected Systems\n\n- Cisco Unified Communications Manager (Unified CM)\n- Cisco Unified Communications Manager Session Management Edition (Unified CM SME)\n- **Cisco Unified Communications Manager**: All versions where WebDialer is active and unpatched (Fixed in: `Refer to cisco-sa-cucm-ssrf-cXPnHcW`)\n- **Cisco Unified Communications Manager SME**: All versions where WebDialer is active and unpatched (Fixed in: `Refer to cisco-sa-cucm-ssrf-cXPnHcW`)\n\n## Mitigation\n\n- Disable the WebDialer service if it is not actively required for telephony operations.\n- Apply network-level firewall rules to restrict access to Unified CM administrative and application interfaces.\n- Upgrade Cisco Unified CM and Unified CM SME to a supported software version containing the security patch.\n\n**Remediation Steps:**\n1. Log in to the Cisco Unified Serviceability page on the target node.\n2. Go to Tools -> Service Activation and check the status of Cisco WebDialer. If active and unnecessary, deactivate the service.\n3. Download the authorized system update package from the official Cisco Software Download Portal.\n4. Apply the patch or software update during a scheduled maintenance window in accordance with Cisco's deployment guidelines.\n5. Verify that the vulnerability is remediated by checking the software build version against the advisory's fixed releases list.\n\n## References\n\n- [Cisco Unified Communications Manager SSRF Security Advisory](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW)\n- [CVE-2026-20230 on CVE.org](https://www.cve.org/CVERecord?id=CVE-2026-20230)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-20230) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T13:01:07.000000Z"}, {"uuid": "0e6dcd96-31d1-4deb-baa4-8631e856afeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116692107541218445", "content": "Attention, elevated activities detected targeting Cisco Unified Communications Manager (CVE-2026-20230) https://vuldb.com/vuln/368153/cti", "creation_timestamp": "2026-06-04T13:37:37.783646Z"}, {"uuid": "e6484097-7e07-43b5-b0c0-d57b0043d51a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mnhqnbo2uh2e", "content": "\ud83d\udcf0 Cisco Rilis Tambalan Darurat untuk Kerentanan Kritis Unified CM, Kode PoC Telah Beredar Publik\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/04/cisco-peringatan-kerentanan-kritis-unified-cm-poc-eksploitasi/\n\n#beritaTeknologi #bugServer #cisco #ciscoUnifiedCm #cve-2026-20230 ", "creation_timestamp": "2026-06-04T13:37:50.586162Z"}, {"uuid": "849aa712-9164-4ae3-85b7-2185a403246f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mni46dedyx2n", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public", "creation_timestamp": "2026-06-04T17:04:15.410940Z"}, {"uuid": "2898d5c2-ed25-4871-8102-e4a6d414f072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mni4sov4ydn2", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public TheHackerNews Cisco patched a Unified CM flaw allowing unauthenticated network attackers to write files and escalate to root.\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-04T17:16:02.085321Z"}, {"uuid": "508e8cad-5a1b-4467-9c54-c4e6c34412c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mni5qpf5uw2i", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public", "creation_timestamp": "2026-06-04T17:32:24.953399Z"}, {"uuid": "88b945be-77ee-42a8-a0a7-f1b3c1f7fa7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/cibsecurity/89626", "content": "\ud83d\udd8b\ufe0f Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public \ud83d\udd8b\ufe0f\n\nCisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.  It is tracked as CVE202620230, and proofofconcept exploit code is already public. Cisco's PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens that runway.  The flaw is a serverside request forgery.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-06-04T17:15:06.000000Z"}, {"uuid": "feeb52e9-c6a0-4967-91d3-af15747f4a81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/ctinow/251316", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public\nhttps://ift.tt/PuWjc4e", "creation_timestamp": "2026-06-04T17:14:06.000000Z"}, {"uuid": "3ac7168e-0a98-4af6-a282-ca39f55209e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mni7ld6zkg2g", "content": "Cisco has patched a critical server-side request forgery vulnerability, CVE-2026-20230, in its Unified Communications Manager and Session Management Edition. The [\u2026]", "creation_timestamp": "2026-06-04T18:05:11.825207Z"}, {"uuid": "51531889-0424-4f6e-9fc3-84884cf12355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "content": "Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.\n\nIt is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco's PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens that runway.\n\nThe flaw is a server-side request forgery.", "creation_timestamp": "2026-06-04T14:55:51.000000Z"}, {"uuid": "6956abfa-aaa5-41eb-a5d0-f97966b280d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnisdwfqru2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Unified CM as Expl\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-04T23:41:06.267816Z"}, {"uuid": "eb13c2a2-0f00-4458-81d4-8ff7ec17c3f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/8281", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Unified Communications Manager (Unified CM), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root.\n\nCisco Unified CM (\u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a Cisco CallManager) \u0441\u043b\u0443\u0436\u0438\u0442 \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 IP-\u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0438\u0438 Cisco, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0439 \u0437\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438, \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u044e \u0432\u044b\u0437\u043e\u0432\u043e\u0432 \u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0438\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-20230 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0431\u0435\u0437 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043b\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSRF) \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f  \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u0431\u0430\u0437\u043e\u0432\u0443\u044e \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0430\u0432 root.\n\nCisco (PSIRT) \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f CVE-2026-20230, \u043d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f.\n\n\u0421\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0436\u0431\u0430 WebDialer \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d).\n\n\n\u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442, \u043d\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c Cisco Unified CM \u0432\u0435\u0440\u0441\u0438\u0439 14SU6 \u0438\u043b\u0438 15SU5 (\u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2026 \u0433. \u0438\u043b\u0438 COP), \u0438\u043b\u0438 \u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u0443 WebDialer \u0434\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043f\u0430\u0442\u0447\u0430, \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0449\u0435\u0433\u043e \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 CVE-2026-20230.", "creation_timestamp": "2026-06-04T18:30:06.000000Z"}, {"uuid": "9307e032-9271-4295-816a-82206ac78715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3mnijgs47mj2b", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public\nCisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked\u2026\n\n\ud83d\udd17 https://hnow.live/a/b7de2431", "creation_timestamp": "2026-06-04T21:01:36.806016Z"}, {"uuid": "6186b18b-5cbd-43e8-a724-96e810f34968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10920", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public \u2013 thehackernews.com\n\nFri, 05 Jun 2026 00:55:51", "creation_timestamp": "2026-06-04T20:03:10.000000Z"}, {"uuid": "667547be-c520-40ef-bce6-2990d4537c31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mnimu3fpbx2h", "content": "\ud83d\udd12 Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public\n\nCisco has patched a bug in Unified Communications Manager...\n\nhttps://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-04T22:02:43.993092Z"}, {"uuid": "c6090c2e-f26e-4087-b0f2-9a9590387bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mninkr3kmr2z", "content": "Cisco patched CVE-2026-20230 in Unified CM and Session Management Edition, a SSRF flaw that can allow arbitrary file writes and potential root escalation. PoC code is public. #Cisco #UnifiedCM #WebDialer", "creation_timestamp": "2026-06-04T22:15:25.111221Z"}, {"uuid": "8feb7018-34ce-4fbe-9e96-f8fc0860904f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/blindthoughts.bsky.social/post/3mninnc7brp2r", "content": "Cisco Unified CM Exploit Goes Public \u2014 Unauthenticated Root Access via CVE-2026-20230\n\nhttps://blindthoughts.com/cisco-unified-cm-cve-2026-20230-root-exploit\n\n#cisco #vulnerability #exploit #unifiedcommunications #patchnow", "creation_timestamp": "2026-06-04T22:16:49.796604Z"}, {"uuid": "c7046b06-583a-4c40-b642-dfc4abe00753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mnirknuaxb27", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...", "creation_timestamp": "2026-06-04T23:26:59.954352Z"}, {"uuid": "a8d9f986-aa29-4f86-b781-fc0677e08dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnithbuash2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: ThreatsDay Bulleti\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T00:00:50.303617Z"}, {"uuid": "8b6f7970-4a2c-44c5-92e9-9a05be46eb57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mnj2biabcl27", "content": "Cisco\u306f\u3001\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u30b3\u30fc\u30c9\u304c\u516c\u958b\u3055\u308c\u305f\u3053\u3068\u3092\u53d7\u3051\u3001Unified CM\u306eCVE-2026-20230\u3092\u4fee\u6b63\u3057\u305f \n\nCisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public  #HackerNews (Jun 4)\n\nthehackernews.com/2026/06/cisc...", "creation_timestamp": "2026-06-05T02:02:52.623510Z"}, {"uuid": "133f8d26-2ae1-4061-bfaa-bada239c7452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mnj3tf3oaw2f", "content": "Top 3 CVE for last 7 days:\nCVE-2025-48595: 136 interactions\nCVE-2026-0257: 43 interactions\nCVE-2026-48778: 23 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-49858: 11 interactions\nCVE-2026-20230: 6 interactions\nCVE-2026-10737: 4 interactions\n", "creation_timestamp": "2026-06-05T02:30:47.822207Z"}, {"uuid": "9300b9f2-865e-4452-90b6-4b66768fc03a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mnjj6zwhfssm", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html", "creation_timestamp": "2026-06-05T06:30:47.487671Z"}, {"uuid": "ba2dcaf3-4591-4065-b95d-ddb8c76898d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjphtjbx62d", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Cisco Patches\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:22:13.501961Z"}, {"uuid": "53c74f98-d8bc-4055-80ea-292a06fc255a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjqb46v2j2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Cisco Patches\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:36:21.453194Z"}, {"uuid": "9aff5da6-2966-427c-a2ee-a09a500059f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjrjn2qm42f", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Unified CM\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:59:01.320431Z"}, {"uuid": "f512d3a5-dfac-49b9-9766-13df03f2bfe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjrjn2qm42f", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-20230\n\n\u2022 CVE ID: CVE-2026-20230\n\u2022 CVSS Score: 8.6 (High)\n\u2022 Affected: Unified CM\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:59:01.326322Z"}, {"uuid": "acdb41ad-400f-4900-a4a3-1d9811bf01bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mnk356nsad2m", "content": "Critical Cisco Unified CM Vulnerability (CVE-2026-20230): Unauthenticated File-Write Leads to Root \u2013 Patch Immediately +\u00a0Video\n\nIntroduction A newly disclosed critical vulnerability in Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to exploit a\u2026", "creation_timestamp": "2026-06-05T11:51:02.380940Z"}, {"uuid": "6ea4fa9e-6b69-430d-a42d-de758e32a119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnksgo2gzc2h", "content": "Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public\n\nCisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.\n\nIt is tracked as CVE-2026-20230, and proof\u2026\n#hackernews #news", "creation_timestamp": "2026-06-05T18:47:55.871401Z"}, {"uuid": "9cdef3d5-88cd-4ac5-8180-474fd040a30f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/true_secator/8286", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0438 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 0x12 Dark Development \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u043e\u0432\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Bring Your Own RWX Region DLL (BYORWXDLL).\n\n\u0412\u043c\u0435\u0441\u0442\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0433\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u044d\u0442\u0430 \u0442\u0435\u0445\u043d\u0438\u043a\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 DLL \u0441 \u043f\u0440\u0435\u0434\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 RWX (\u0447\u0442\u0435\u043d\u0438\u0435+\u0437\u0430\u043f\u0438\u0441\u044c+\u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435) \u043e\u0431\u043b\u0430\u0441\u0442\u044f\u043c\u0438 \u043f\u0430\u043c\u044f\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430.\n\n2. Manifold \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 n8n MCP, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u0434\u0440\u0443\u0433\u0438\u0445 \u0430\u0440\u0435\u043d\u0434\u0430\u0442\u043e\u0440\u043e\u0432 \u0432 \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 n8n.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 GitHub Action \u043e\u0442 Anthropic \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Claude Code, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u044d\u0442\u043e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u0438\u043c\u0435\u044f \u043f\u0440\u0438 \u0441\u0435\u0431\u0435 \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u0443 \u043e\u0442\u043a\u0440\u044b\u0442\u0443\u044e \u0437\u0430\u0434\u0430\u0447\u0443 \u043d\u0430 GitHub.\u00a0\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 Action \u043e\u0442 Anthropic \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0442\u043e\u0442 \u0436\u0435 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043c\u043e\u0433\u043b\u0430 \u0431\u044b \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0441\u0430\u043c Action \u0438 \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442.\n\n\u041e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 GMO Flatt Security, \u0430 Anthropic\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0435\u0451 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0447\u0435\u0442\u044b\u0440\u0451\u0445 \u0434\u043d\u0435\u0439. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0432 \u043f\u0430\u043a\u0435\u0442 claude-code-action v1.0.94. Anthropic \u043e\u0446\u0435\u043d\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043d\u0430 7,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0443 CVSS v4.0 \u0438 \u0432\u044b\u043f\u043b\u0430\u0442\u0438\u043b\u0430 \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0437\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 SafeBreach \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u043e\u043c \u043f\u043e\u043c\u043e\u0449\u043d\u0438\u043a\u0435 Google Gemini, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0418\u0418, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u0434\u0441\u043a\u0430\u0437\u043a\u0438, \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 \u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f \u0432 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0430\u0445.\n\n\u041e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f\u0441\u044c \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u0445, SafeBreach \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432 \u0446\u0435\u043b\u043e\u043c \u043d\u043e\u0432\u044b\u0439 \u043a\u043b\u0430\u0441\u0441 \u0430\u0442\u0430\u043a, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0439 Fake Context Alignment.\n\n5. \u0425\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WordPress Everest Forms Pro \u0441 4000 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0430\u0439\u0442\u0430.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0451\u0442 \u043e CVE-2026-3300 (CVSS: 9.8), \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e 1.9.12 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e. \u041f\u0430\u0442\u0447 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d 18 \u043c\u0430\u0440\u0442\u0430 2026 \u0433\u043e\u0434\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 1.9.13.\n\n6. \u041f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u043a\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 Cisco \u0442\u0430\u043a \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 CVE-2026-20230 \u0432 Unified Communications Manager, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432 \u0441\u0435\u0442\u0438 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438 \u043e\u0442\u0442\u0443\u0434\u0430 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root. Cisco \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a \u043f\u043e\u043a\u0430 \u043d\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e.\u00a0\n\n7. \u0412 Tier Zero Security \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u043e\u0439\u0442\u0438 Mark of the Web, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434, \u0441\u043a\u0440\u044b\u0442\u044b\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 .targets NuGet. \u0417\u0430\u0434\u0430\u0447\u0438 \u0432 \u044d\u0442\u0438\u0445 \u0444\u0430\u0439\u043b\u0430\u0445 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442\u0441\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a NuGet. MSRC \u043d\u0430\u0437\u0432\u0430\u043b\u0430 \u044d\u0442\u043e \u043d\u0435 \u043e\u0448\u0438\u0431\u043a\u043e\u0439, \u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e.\n\n8. \u0412 \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u043c\u0438 SOPlanning \u0437\u0430\u043a\u0440\u044b\u0442\u043e \u0441\u0435\u043c\u044c \u043e\u0448\u0438\u0431\u043e\u043a, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0439, \u043a\u0440\u0430\u0436\u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439, \u0430\u0442\u0430\u043a \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u043f\u0443\u0442\u0438 \u0438 \u043c\u043d\u043e\u0433\u043e\u0433\u043e \u0434\u0440\u0443\u0433\u043e\u0433\u043e.\n\n9. OpenSSL \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u043d\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 PatchTuesday. \u041d\u0438\u0447\u0435\u0433\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e, \u043d\u043e \u0435\u0441\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043e\u0448\u0438\u0431\u043e\u043a \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n10. \u0418\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0419\u0435\u043d\u0438 \u0428\u0435\u0440\u0435\u0437 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 DarkReplica (CVE-2026-23631), RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Redis, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u043d \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043b \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e\u0434\u043d\u0435\u043c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 ZeroDayCloud.\n\n11. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u043c \u044d\u043a\u0440\u0430\u043d\u0435 Comodo Internet Security \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u044b Windows \u0432\u0441\u0435\u0433\u043e \u043e\u0434\u043d\u0438\u043c \u043f\u0430\u043a\u0435\u0442\u043e\u043c \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 IP \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430. \u041e\u043d\u0430 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043d\u0435 \u043e\u0442\u0432\u0435\u0442\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u041c\u0430\u0440\u043a\u0443\u0441\u0443 \u0425\u0430\u0442\u0447\u0438\u043d\u0441\u0443. PoC \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0435\u0442\u0441\u044f.\n\n12. CISA \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-45247 (CVSS 9,8) \u0432 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 Mirasvit Full Page Cache Warmer \u0434\u043b\u044f Magento 2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f RCE.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 Sansec, \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Mirasvit, \u0432\u043d\u0435\u0434\u0440\u044f\u044f \u0432 cookie-\u0444\u0430\u0439\u043b CacheWarmer \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 PHP-\u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0443\u044e\u0442\u0441\u044f \u0431\u0435\u0437 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u043a\u043b\u0430\u0441\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u044b.", "creation_timestamp": "2026-06-05T18:00:06.000000Z"}, {"uuid": "82ceb129-e0e8-4cbc-81ba-f51897153b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnkavsxjq22h", "content": "Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges\n\nCisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, \u2026\n#hackernews #news", "creation_timestamp": "2026-06-05T13:34:16.549418Z"}, {"uuid": "d792da3c-1112-4d38-8e2a-d00d97c13821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "Telegram/2GKVzEdq0Q1GgXdde3R68qhjmtmEcsIfO4W2udc5u2OvA5M", "content": "", "creation_timestamp": "2026-06-05T09:00:04.000000Z"}, {"uuid": "345415e7-171c-4567-b8c3-6bf4672adf59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://t.me/bdufstecru/3221", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b WebDialer \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0432\u044b\u0437\u043e\u0432\u043e\u0432 Cisco Unified Communications Manager (Unified CM) \u0438 Cisco Unified Communications Manager Session Management Edition (Unified CM SME) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c SSRF-\u0430\u0442\u0430\u043a\u0443\n\nBDU:2026-07815\nCVE-2026-20230\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW", "creation_timestamp": "2026-06-05T13:10:08.000000Z"}, {"uuid": "bfcc178c-1b90-47c3-b796-8578889db305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnkikfh42b26", "content": "Critical vulnerability CVE-2026-20230 in Cisco Unified CM allows unauthenticated SSRF attacks leading to root access. Patch immediately! #CyberSecurity #Cisco #Vulnerability #SSRF Link: thedailytechfeed.com/cisco-patche...", "creation_timestamp": "2026-06-05T15:51:04.280117Z"}, {"uuid": "ef09588c-5e17-4a4a-acf9-a08cc668f7cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnkyrzq5fo2b", "content": "CVE-2026-20230 \u2014 Cisco Unified CM SSRF to Potential Root Escalation", "creation_timestamp": "2026-06-05T20:41:39.706877Z"}, {"uuid": "bfb9e9bc-1a01-490a-af8c-6d097eca46ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mns2orxqel23", "content": "~Checkpoint~\nCheck Point's June 8th report highlights critical zero-days in Android, Cisco, and Windows Netlogon, alongside major breaches at DentaQuest and Dashlane.\n-\nIOCs: CVE-2025-48595, CVE-2026-20230, CVE-2026-41089\n-\n...", "creation_timestamp": "2026-06-08T16:04:16.092861Z"}, {"uuid": "bb47b435-2d64-46d7-a4a5-cb2fbd6cec04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mntglqiuw42k", "content": "Security Updates Released for CVE-2026-20230 and Other Vulnerabilities", "creation_timestamp": "2026-06-09T05:09:58.816049Z"}, {"uuid": "4885005f-9e26-4b57-8e4b-6f858f5eb351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://www.cert.se/2026/06/patchtisdag-juni-2026-samlad-information-om-manadens-sakerhetsuppdateringar.html", "content": "", "creation_timestamp": "2026-06-10T05:00:00.000000Z"}, {"uuid": "bbc5887a-a93c-4220-a138-c59b784a2767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mokbhbp2d72y", "content": "Every organization running Cisco $CSCO Unified Communications Manager should patch now. A flaw tracked as CVE-2026-20230 lets a crafted web request write arbitrary files onto the system, and proof-of-concept exploit code is already public. Cisco has released fixes. Source: Cisco.", "creation_timestamp": "2026-06-18T07:09:16.327791Z"}, {"uuid": "0af4aefa-23db-4baa-8cc1-21e3aa97601d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "Telegram/cFwSQ27uOrqZ96YGVM-ku7YiP0UftFdUhE6IZpDdkcLlq7k", "content": "", "creation_timestamp": "2026-06-13T03:00:05.000000Z"}, {"uuid": "3830422f-3897-4f04-a18e-a218982967a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "Telegram/RH2s8PeGGVhZpVJAgPxAefdwgWbZ17CHKO_8EzHYAqSoEvM", "content": "", "creation_timestamp": "2026-06-12T23:00:21.000000Z"}, {"uuid": "fb75db55-33ad-4df0-b925-6afa7d68e0a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "published-proof-of-concept", "source": "Telegram/5qW5gV7-qoBxzKDv9J2fDYEvV25ComYYg-PDvxq2HqqT9g", "content": "", "creation_timestamp": "2026-06-04T17:46:17.000000Z"}, {"uuid": "3a9f1fe6-339c-4059-b59a-a4cd2a405d78", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9a30df14-176b-450a-845b-42cd2768d79d", "content": "", "creation_timestamp": "2026-06-23T23:00:21.203946Z"}, {"uuid": "4854122c-2740-429c-a922-8556048031c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3moyewp7nhj2v", "content": "A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks.", "creation_timestamp": "2026-06-23T21:48:49.216058Z"}, {"uuid": "10460dee-e82f-44c2-adb9-fce6ad4b802c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3moyfvy23642d", "content": "Cisco Unified CM Under Fire: Critical CVE-2026-20230 Vulnerability Actively Exploited as Attackers Hunt for Root Access +\u00a0Video\n\nIntroduction: A Dangerous Shift From Disclosure to Active Exploitation Cybersecurity threats often follow a predictable lifecycle. A vulnerability is discovered, a patch\u2026", "creation_timestamp": "2026-06-23T22:06:21.709610Z"}, {"uuid": "6f3621c5-6df5-412a-967f-28ea59c3c63b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3moygchpn732d", "content": "Cisco Unified Communications Manager Server\u3067\u3001CVE-2026-20230\uff08SSRF\u8106\u5f31\u6027\uff09\u304c\u60aa\u7528\u3055\u308c\u3066\u3044\u307e\u3059\u3002", "creation_timestamp": "2026-06-23T22:13:18.393992Z"}, {"uuid": "e3e8e49c-4454-486a-b930-2c943b975d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/thecircuitry.to/post/3moygf64tfe2p", "content": "Cisco Unified CM servers are now seeing live exploitation of a high-severity SSRF flaw.\nThe PoC writes one specific test file but full root details just dropped.\n\nRead the full report: https://thecircuitry.to/article/attackers-exploit-cisco-unified-cm-cve-2026-20230-in-the-wild-mqr6yztb", "creation_timestamp": "2026-06-23T22:14:48.252124Z"}, {"uuid": "a5be4a14-39ca-45eb-b73d-f0fdbd9e1dd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3moyifcppbvm2", "content": "Cisco Unified CM SME flaw CVE-2026-20230 now exploited in attacks BleepingComputer A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is n...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-23T22:50:45.681238Z"}, {"uuid": "f2f42c4f-ad6b-499d-bd5d-6d131c40310c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3moyjyfpgjb2u", "content": "\ud83e\udd16 CVE-2026-20230 (CVSS 8.6): SSRF in Cisco Unified CM exploited in wild. Allows access to internal systems. No patch \u2014 CISA KEV added.\n\nhttps://www.bleepingcomputer.com/news/security/cisco-unified-cm-sme-flaw-cve-2026-20230-now-exploited-in-attacks/", "creation_timestamp": "2026-06-23T23:19:14.934459Z"}, {"uuid": "9ded9d00-cbd4-4c32-84c8-cbd126354073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/happeningnow.news/post/3moykwp5uvl2g", "content": "\ud83d\udea8 Breaking: Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks\nA high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. [...]\n\n\ud83d\udd17 https://hnow.live/a/d57975cb", "creation_timestamp": "2026-06-23T23:36:11.447850Z"}, {"uuid": "ed337679-5faa-4c7c-a582-846769381aa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mozjzedpm52p", "content": "CRITICAL CISCO SSRF FLAW (CVE-2026-20230): ROOT-LEVEL TAKEOVER THREATENS ENTERPRISE COMMUNICATION SYSTEMS\u00a0WORLDWIDE\n\nIntroduction: When Enterprise Communication Becomes an Attack Gateway A newly disclosed vulnerability in Cisco\u2019s Unified Communications Manager has raised serious alarms across\u2026", "creation_timestamp": "2026-06-24T08:52:27.551571Z"}, {"uuid": "4ece8289-b6f2-4647-a63c-bfe273f159c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/tugate.ch/post/3mozd2atp732r", "content": "Falha cr\u00edtica CVE-2026-20230 na Cisco j\u00e1 \u00e9 explorada globalmente. Admins em Portugal devem actualizar urgentemente os sistemas afectados \u26a0\ufe0f \n\n#falha ", "creation_timestamp": "2026-06-24T06:47:40.843771Z"}, {"uuid": "1eabb564-dd0a-43b8-aee1-8ed19222e805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mozfae4etov2", "content": "Hackers Exploiting Cisco Unified CM Vulnerability Cisco noted that a PoC had been available for CVE-2026-20230 when it announced patches in early June. The post Hackers Exploiting Cisco Unified CM ...\n\n#Network #Security #Vulnerabilities #Cisco #exploited [\u2026] \n\n[Original post on securityweek.com]", "creation_timestamp": "2026-06-24T07:26:58.243627Z"}, {"uuid": "260d2024-4617-4519-8021-2c15e8a3cc90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mozgi437w5v2", "content": "Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root TheHackerNews Cisco Unified CM CVE-2026-20230 is under active exploitation, allowing file writes on WebDialer-enabled syste...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-24T07:49:29.564301Z"}, {"uuid": "434bc29b-2441-4756-89e8-8ca73aa50f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/sec-news-bot.bsky.social/post/3mozh65hfc22x", "content": "Cisco Unified CM CVE-2026-20230 \u304c\u60aa\u7528\u3055\u308c\u308b \u2014 \u30d5\u30a1\u30a4\u30eb\u66f8\u304d\u8fbc\u307f\u3067 root \u6a29\u9650\u7372\u5f97\n\nWebDialer \u6709\u52b9\u6642\u306e Cisco Unified CM \u3067 CVE-2026-20230 \u304c\u5b9f\u969b\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u3002PoC \u516c\u958b\u5f8c\u3001\u30d5\u30a1\u30a4\u30eb\u66f8\u304d\u8fbc\u307f\u3092\u7d4c\u7531\u3057\u305f root \u6a29\u9650\u7372\u5f97\u304c\u53ef\u80fd\u306b\u306a\u3063\u305f\u3002\u5bfe\u8c61\u7d44\u7e54\u306f\u7dca\u6025\u5bfe\u5fdc\u304c\u5fc5\u8981\u3002\n\n#CVE #\u8106\u5f31\u6027 #\u6a19\u7684\u578b\u653b\u6483", "creation_timestamp": "2026-06-24T08:01:26.479442Z"}, {"uuid": "62ce1d2e-6bfe-4ea1-8d95-59b38d0c9a76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mozhfac4lm25", "content": "CVE-2026-20230 enables unauthenticated remote SSRF via crafted HTTP requests against Cisco Unified CM and Unified CM SME, potentially leading to file writes and root escalation.\n", "creation_timestamp": "2026-06-24T08:05:24.555866Z"}, {"uuid": "d4ff0c00-8b80-4e62-b5f5-49b4ce7782e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mozhsneg4y2u", "content": "\ud83d\udd34 EXPLOITED\n\nCisco Unified CM can be exploited to root.\n\nBut only if WebDialer is on, and it ships off by default. Check before you panic-patch.\n\nThe \"active exploitation\" so far is one source dropping a test file. (CVE-2026-20230)", "creation_timestamp": "2026-06-24T08:12:54.302352Z"}, {"uuid": "d4e83f53-ff4d-49f8-9f81-932bb1b0151e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mozi54m2vc2u", "content": "Cisco Unified CM Under Active Attack: CVE-2026-20230 SSRF Exploit PoC Public \u2014 Patch Now or Get Rooted +\u00a0Video\n\nIntroduction: A critical server-side request forgery (SSRF) vulnerability in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME) is currently\u2026", "creation_timestamp": "2026-06-24T08:18:45.920649Z"}, {"uuid": "d56cf3d5-33aa-4101-9b1a-bcefcc9c4ef5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3moznsubvfr2f", "content": "Cisco Unified CM CVE-2026-20230 is being actively exploited with a PoC, enabling SSRF, arbitrary file writes, and possible root escalation. Defused observed attacks and SSD published details. #Cisco #UnifiedCM #CVE202620230", "creation_timestamp": "2026-06-24T10:00:24.904218Z"}, {"uuid": "5ce66d0e-bf50-4cb1-9a02-e655fa5984d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html", "content": "Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME).\n\nThe vulnerability, tracked as CVE-2026-20230 (CVSS score: 8.6), is a case of improper input validation for specific HTTP requests that could allow an unauthenticated, remote", "creation_timestamp": "2026-06-24T04:50:38.000000Z"}, {"uuid": "35869fe8-a17a-450f-a0e7-8f851a568ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mozny3rloh2o", "content": "\ud83d\udd12 Same-Day Shells: A Full-Chain RCE Sweep Against Cisco CUCM (CVE-2026-20230)\n\nA critical Cisco CUCM WebDialer vulnerability (CVE-2026-20230) was rapidly weaponized for full remote ...\n\nhttps://tinyurl.com/24h2pv9j #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-06-24T10:03:19.031122Z"}, {"uuid": "60963919-8b3d-4a9e-a9e9-33d8f8ad8a3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mozti7n5cs2p", "content": "Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/06/24/c...\n\n#communication #enterprise #PoC #vulnerability #cybersecurity #cybersecuritynews @cisco.com", "creation_timestamp": "2026-06-24T11:41:52.505426Z"}, {"uuid": "f5f9f139-60a1-49de-86fb-62ac60b5cb35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116804930613951549", "content": "Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel AttacksSource URL: https://www.securityweek.com/eight-year-old-samsung-knox-flaw-exposed-millions-of-galaxy-devices-to-kernel-attacks/Researchers disclosed a high-severity use-after-free (UAF) race condition flaw (CVE-2026-20971, CVSS 7.8) affecting Samsung Galaxy S9 through S25 devices. The bug resides in the interaction between the kernel's process authenticator (PROCA) and its integrity subsystem (FIVE), leaving a tiny preemption window open during child process spawning that attackers can exploit to compromise the kernel.Mythos Discovers 'Squidbleed,' a Memory Leak That's Gone Undetected Since Clinton EraSource URL: https://www.theregister.com/security/2026/06/23/mythos-discovers-squidbleed-a-memory-leak-thats-gone-undetected-since-clinton-era/A 29-year-old vulnerability dubbed \"Squidbleed\" (CVE-2026-47729) was discovered in the popular open-source caching proxy server Squid using Anthropic's Claude Mythos Preview AI. The flaw silently leaks users' plaintext HTTP requests, credentials, and session tokens, posing significant data exposure risks across enterprise networks and older legacy environments. It was resolved in version 7.6.FortiBleed-kyberhy\u00f6kk\u00e4yskampanjan vaikutukset n\u00e4kyv\u00e4t my\u00f6s SuomessaSource URL: https://www.kyberturvallisuuskeskus.fi/fi/uutiset/fortibleed-kyberhyokkayskampanjan-vaikutukset-nakyvat-myos-suomessaThe global FortiBleed cyberattack campaign heavily impacts Fortinet FortiGate firewalls and SSL-VPN appliances using previously leaked or stolen credentials. The Finnish National Cyber Security Centre (Kyberturvallisuuskeskus) has begun mapping targeted organizations across Finland and releasing remediation guidelines to counter ongoing unauthorized access attempts.CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration.Source URL: https://isc.sans.edu/diary/rss/33094Despite a 2024 patch for an improper access control flaw (CVE-2024-40766, CVSS 9.3) impacting SonicWall Gen 5, 6, and 7 firewalls, ransomware operators continue to successfully compromise networks due to unmanaged configurations. The vulnerability targets the management interface and SSLVPN services, allowing threat actors to drop entire networks or gain complete device control.New macOS ClickFix Attack Silently Mounts DMGs to Push InfostealerSource URL: https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/A novel macOS ClickFix social engineering campaign tricks users into running malicious Terminal commands via fake CAPTCHA verification prompts. Upon execution, the script uses the native hdiutil utility to silently download, mount, and execute a disk image (DMG) bundle containing the Atomic macOS Stealer (AMOS), harvesting browser credentials, system Keychains, and crypto wallet data.'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer WorkflowsSource URL: https://www.darkreading.com/application-security/cordyceps-malicious-pull-requests-developer-workflowsDubbed \"Cordyceps,\" a newly identified architectural weakness within automated CI/CD pipelines allows malicious pull requests to compromise software supply chains. By exploiting overly permissive access controls in automated pre-merge testing workflows, attackers can execute command injection to hijack highly privileged signing keys and access tokens.The Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data ExfiltrationSource URL: https://unit42.paloaltonetworks.com/cloud-bucket-hijacking-risks/Palo Alto Networks Unit 42 uncovered a structural flaw across AWS, Google Cloud, and Microsoft Azure involving global namespace collision. Attackers can silently hijack an organization's active cloud data streams by anticipating, deleting, and immediately recreating targeted storage buckets under their own control, leaving minimal detection signatures during data exfiltration.LastPass Confirms Data Breach in Klue Supply Chain AttackSource URL: https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/LastPass suffered a security breach impacting its corporate Salesforce environment after threat actors stole OAuth tokens from Klue, a third-party market intelligence platform. While customer password vaults and internal core infrastructure remain fully isolated and untouched, the attackers successfully extracted internal corporate CRM data, customer names, and support log information.Tata Electronics Confirms Cyberattack After Alleged Apple, Tesla Documents Appear OnlineSource URL: https://therecord.media/tata-electronics-confirms-cyberattackIndian manufacturing giant Tata Electronics confirmed a recent network breach following claims by extortion group \"World Leaks,\" who published stolen documents allegedly detailing proprietary client data from Apple and Tesla. Tata maintains that the incident was isolated, successfully contained, and has caused zero operational downtime.Payouts King Ransomware Initial Access Broker Deploys New Edgecution MalwareSource URL: https://www.zscaler.com/blogs/security-research/payouts-king-ransomware-initial-access-broker-deploys-new-edgecutionZscaler ThreatLabz isolated a stealthy delivery mechanism dubbed \"Edgecution,\" deployed by initial access brokers linked to the Payouts King ransomware family. The attack abuses a malicious Microsoft Edge browser extension that manipulates the Chrome native messaging protocol to bypass browser sandboxing entirely, triggering arbitrary local file system modification and execution.AI Models Capable of Launching Major Cyberattacks Months Away, Five Eyes Alliance WarnsSource URL: https://www.cybersecuritydive.com/news/ai-cyberattacks-five-eyes-frontier-models-warning/An international intelligence coalition comprising the United States, United Kingdom, Canada, Australia, and New Zealand issued a joint advisory warning that advanced frontier AI models are rapidly collapsing offensive cyber timelines. The group cautioned corporate boards and infrastructure operators that AI-driven exploitation capabilities will outpace standard enterprise defenses in a matter of months rather than years, vastly lowering technical barriers for automated network intrusions.14 Million Email Accounts Exposed in Cyberattack on Japanese Telecom Giant KDDISource URL: https://www.nippon.com/en/news/yjj2026062301023/Japanese telecommunications provider KDDI Corp. disclosed a massive data breach targeting its email infrastructure utilized by several domestic internet service providers. The cyberattack, which exploited zero-day vulnerabilities in a third-party software component embedded in the email system, has potentially exposed up to 14.22 million user email addresses and encrypted passwords across major partner networks including JCOM, Biglobe, and Nifty.Active Exploitation of Cisco Unified Communications Manager Flaw Triggers Root-Level RiskSource URL: https://thehackernews.com/2026/06/23/attackers-exploit-cisco-unified-cm-flaw-weeks-after-patch-release/Threat intelligence teams detected active, in-the-wild exploitation of a critical server-side request forgery (SSRF) flaw in Cisco's Unified Communications Manager and Session Management Edition. Tracked as CVE-2026-20230 (CVSS 8.6), the bug allows unauthenticated, remote attackers to send crafted HTTP requests to the WebDialer service, enabling them to write arbitrary files directly to the underlying operating system and escalate privileges to root.", "creation_timestamp": "2026-06-24T11:49:58.360985Z"}, {"uuid": "80971f19-a871-4674-ab15-d746fc4e8dd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/iberianm.bsky.social/post/3mozujf2q7q2l", "content": "Cisco Unified CM flaw CVE-2026-20230 is reportedly being exploited after PoC shows a file-write path to root. Patch and restrict access to management endpoints. #Cybersecurity #Vulnerability #InfoSec\n\nSource: https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html", "creation_timestamp": "2026-06-24T12:00:22.519801Z"}, {"uuid": "bceb9ed6-a136-4328-a57b-080235b251a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mozuul7mtz2u", "content": "A critical vulnerability in Cisco Unified Communications Manager (CVE-2026-20230, CVSS 8.6) allows unauthenticated remote attackers to conduct SSRF attacks, potentially writing files to the operating system. Active exploitation has been observed, requiring the WebDialer service to be enabled.", "creation_timestamp": "2026-06-24T12:06:38.409004Z"}, {"uuid": "86ba63fa-e0cb-4684-9fbf-1ef8b8d964b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mozvsk2cni2f", "content": "\ud83d\udc1b VULNERABILITIES Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230) \u2014 Help Net Security\nhttps://www.helpnetsecurity.com/2026/06/24/cisco-unified-cm-flaw-exploited-to-drop-webshells-cve-2026-20230/ #Vulnerability #CVE #ZeroDay", "creation_timestamp": "2026-06-24T12:23:22.753685Z"}, {"uuid": "d77de3b6-ba5d-4ff6-894f-98fa9b8ab719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/techoverload.bsky.social/post/3mozwb6rug522", "content": "Cisco Unified CM\u2019s CVE-2026-20230 is now being exploited after PoC details showed a path to root. If you run Cisco call-control gear, patch fast and keep admin interfaces off the open internet. \ud83d\uded1\n\n#Cisco #Security #Cybersecurity", "creation_timestamp": "2026-06-24T12:31:34.818694Z"}, {"uuid": "3c2889c7-4c30-4b41-8396-ac20b5014efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3mozwehcg7227", "content": "\ud83d\udea8 Cisco is urging organizations to patch CVE-2026-20230 after reports of active exploitation against Unified Communications Manager.\n\nPublic exploit code is online and the EPSS score jumped sharply after attack reports surfaced.\n\n\ud83d\udc47\nbasefortify.eu/posts/2026/0...\n\n#CyberSecurity #Cisco #CVE #InfoSec", "creation_timestamp": "2026-06-24T12:33:41.225051Z"}, {"uuid": "c42581ca-fbf8-48e7-b60f-566a3d58879b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3mozwelrjcc27", "content": "\ud83d\udea8 Cisco is urging organizations to patch CVE-2026-20230 after reports of active exploitation against Unified Communications Manager.\n\nPublic exploit code is online and the EPSS score jumped sharply after attack reports surfaced.\n\n\ud83d\udc47\nbasefortify.eu/posts/2026/0...\n\n#CyberSecurity #Cisco #CVE #InfoSec", "creation_timestamp": "2026-06-24T12:33:42.046246Z"}, {"uuid": "eb1a76cb-2bfa-4d70-a1ad-413ca33e7784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3mozwer3bw227", "content": "\ud83d\udea8 Cisco is urging organizations to patch CVE-2026-20230 after reports of active exploitation against Unified Communications Manager.\n\nPublic exploit code is online and the EPSS score jumped sharply after attack reports surfaced.\n\n\ud83d\udc47\nbasefortify.eu/posts/2026/0...\n\n#CyberSecurity #Cisco #CVE #InfoSec", "creation_timestamp": "2026-06-24T12:33:42.870178Z"}, {"uuid": "a4c0e436-451c-48f5-a9c5-9c242ba50b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://threatintel.cc/2026/06/24/morning-cyber-summary.html", "content": "Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks\n\nSource URL: https://www.securityweek.com/eight-year-old-samsung-knox-flaw-exposed-millions-of-galaxy-devices-to-kernel-attacks/\nResearchers disclosed a high-severity use-after-free (UAF) race condition flaw (CVE-2026-20971, CVSS 7.8) affecting Samsung Galaxy S9 through S25 devices. The bug resides in the interaction between the kernel’s process authenticator (PROCA) and its integrity subsystem (FIVE), leaving a tiny preemption window open during child process spawning that attackers can exploit to compromise the kernel.\n\nMythos Discovers ‘Squidbleed,’ a Memory Leak That’s Gone Undetected Since Clinton Era\n\nSource URL: https://www.theregister.com/security/2026/06/23/mythos-discovers-squidbleed-a-memory-leak-thats-gone-undetected-since-clinton-era/\nA 29-year-old vulnerability dubbed “Squidbleed” (CVE-2026-47729) was discovered in the popular open-source caching proxy server Squid using Anthropic’s Claude Mythos Preview AI. The flaw silently leaks users' plaintext HTTP requests, credentials, and session tokens, posing significant data exposure risks across enterprise networks and older legacy environments. It was resolved in version 7.6.\n\nFortiBleed-kyberhy\u00f6kk\u00e4yskampanjan vaikutukset n\u00e4kyv\u00e4t my\u00f6s Suomessa\n\nSource URL: https://www.kyberturvallisuuskeskus.fi/fi/uutiset/fortibleed-kyberhyokkayskampanjan-vaikutukset-nakyvat-myos-suomessa\nThe global FortiBleed cyberattack campaign heavily impacts Fortinet FortiGate firewalls and SSL-VPN appliances using previously leaked or stolen credentials. The Finnish National Cyber Security Centre (Kyberturvallisuuskeskus) has begun mapping targeted organizations across Finland and releasing remediation guidelines to counter ongoing unauthorized access attempts.\n\nCVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration.\n\nSource URL: https://isc.sans.edu/diary/rss/33094\nDespite a 2024 patch for an improper access control flaw (CVE-2024-40766, CVSS 9.3) impacting SonicWall Gen 5, 6, and 7 firewalls, ransomware operators continue to successfully compromise networks due to unmanaged configurations. The vulnerability targets the management interface and SSLVPN services, allowing threat actors to drop entire networks or gain complete device control.\n\nNew macOS ClickFix Attack Silently Mounts DMGs to Push Infostealer\n\nSource URL: https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/\nA novel macOS ClickFix social engineering campaign tricks users into running malicious Terminal commands via fake CAPTCHA verification prompts. Upon execution, the script uses the native hdiutil utility to silently download, mount, and execute a disk image (DMG) bundle containing the Atomic macOS Stealer (AMOS), harvesting browser credentials, system Keychains, and crypto wallet data.\n\n‘Cordyceps’: Mushrooming Malicious Pull Requests Threaten Developer Workflows\n\nSource URL: https://www.darkreading.com/application-security/cordyceps-malicious-pull-requests-developer-workflows\nDubbed “Cordyceps,” a newly identified architectural weakness within automated CI/CD pipelines allows malicious pull requests to compromise software supply chains. By exploiting overly permissive access controls in automated pre-merge testing workflows, attackers can execute command injection to hijack highly privileged signing keys and access tokens.\n\nThe Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration\n\nSource URL: https://unit42.paloaltonetworks.com/cloud-bucket-hijacking-risks/\nPalo Alto Networks Unit 42 uncovered a structural flaw across AWS, Google Cloud, and Microsoft Azure involving global namespace collision. Attackers can silently hijack an organization’s active cloud data streams by anticipating, deleting, and immediately recreating targeted storage buckets under their own control, leaving minimal detection signatures during data exfiltration.\n\nLastPass Confirms Data Breach in Klue Supply Chain Attack\n\nSource URL: https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/\nLastPass suffered a security breach impacting its corporate Salesforce environment after threat actors stole OAuth tokens from Klue, a third-party market intelligence platform. While customer password vaults and internal core infrastructure remain fully isolated and untouched, the attackers successfully extracted internal corporate CRM data, customer names, and support log information.\n\nTata Electronics Confirms Cyberattack After Alleged Apple, Tesla Documents Appear Online\n\nSource URL: https://therecord.media/tata-electronics-confirms-cyberattack\nIndian manufacturing giant Tata Electronics confirmed a recent network breach following claims by extortion group “World Leaks,” who published stolen documents allegedly detailing proprietary client data from Apple and Tesla. Tata maintains that the incident was isolated, successfully contained, and has caused zero operational downtime.\n\nPayouts King Ransomware Initial Access Broker Deploys New Edgecution Malware\n\nSource URL: https://www.zscaler.com/blogs/security-research/payouts-king-ransomware-initial-access-broker-deploys-new-edgecution\nZscaler ThreatLabz isolated a stealthy delivery mechanism dubbed “Edgecution,” deployed by initial access brokers linked to the Payouts King ransomware family. The attack abuses a malicious Microsoft Edge browser extension that manipulates the Chrome native messaging protocol to bypass browser sandboxing entirely, triggering arbitrary local file system modification and execution.\n\nAI Models Capable of Launching Major Cyberattacks Months Away, Five Eyes Alliance Warns\n\nSource URL: https://www.cybersecuritydive.com/news/ai-cyberattacks-five-eyes-frontier-models-warning/\nAn international intelligence coalition comprising the United States, United Kingdom, Canada, Australia, and New Zealand issued a joint advisory warning that advanced frontier AI models are rapidly collapsing offensive cyber timelines. The group cautioned corporate boards and infrastructure operators that AI-driven exploitation capabilities will outpace standard enterprise defenses in a matter of months rather than years, vastly lowering technical barriers for automated network intrusions.\n\n14 Million Email Accounts Exposed in Cyberattack on Japanese Telecom Giant KDDI\n\nSource URL: https://www.nippon.com/en/news/yjj2026062301023/\nJapanese telecommunications provider KDDI Corp. disclosed a massive data breach targeting its email infrastructure utilized by several domestic internet service providers. The cyberattack, which exploited zero-day vulnerabilities in a third-party software component embedded in the email system, has potentially exposed up to 14.22 million user email addresses and encrypted passwords across major partner networks including JCOM, Biglobe, and Nifty.\n\nActive Exploitation of Cisco Unified Communications Manager Flaw Triggers Root-Level Risk\n\nSource URL: https://thehackernews.com/2026/06/23/attackers-exploit-cisco-unified-cm-flaw-weeks-after-patch-release/\nThreat intelligence teams detected active, in-the-wild exploitation of a critical server-side request forgery (SSRF) flaw in Cisco’s Unified Communications Manager and Session Management Edition. Tracked as CVE-2026-20230 (CVSS 8.6), the bug allows unauthenticated, remote attackers to send crafted HTTP requests to the WebDialer service, enabling them to write arbitrary files directly to the underlying operating system and escalate privileges to root.", "creation_timestamp": "2026-06-24T09:50:42.000000Z"}, {"uuid": "61223a83-6dfc-490b-b937-d366103a2fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mp24ia7q2d2t", "content": "Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild", "creation_timestamp": "2026-06-24T14:22:53.604755Z"}, {"uuid": "8eaf02f7-c1a0-48a8-af8c-288aabbcad9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mp24ovle2j2p", "content": "Cisco Unified Communications Manager Under Fire as Critical CVE-2026-20230 Exploitation Emerges, Organizations Face Immediate Security Threat +\u00a0Video\n\nA Dangerous Cisco Vulnerability Is Suddenly in the Spotlight A newly disclosed security vulnerability affecting Cisco Unified Communications Manager\u2026", "creation_timestamp": "2026-06-24T14:26:37.559499Z"}, {"uuid": "68c8583a-9879-43a5-bb2a-b026cefe8243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mp26ij5gl52d", "content": "Cisco Unified CM SME flaw CVE-2026-20230 now exploited in attacks #cybersecurity #hacking #news #infosec #security #technology #privacy", "creation_timestamp": "2026-06-24T14:58:50.638250Z"}, {"uuid": "b5637d98-22ea-4df8-97e3-538113b72f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/thenewoil.org/post/3mp2pe6iqttg2", "content": "#Cisco #UnifiedCM flaw CVE-2026-20230 now exploited in attacks\n\nhttps://www.bleepingcomputer.com/news/security/cisco-unified-cm-sme-flaw-cve-2026-20230-now-exploited-in-attacks/\n\n#cybersecurity", "creation_timestamp": "2026-06-24T20:00:47.265036Z"}, {"uuid": "c3b60750-c663-456f-90fd-9f47f6ed03e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mp2xoge6vk27", "content": "Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks\n\nA high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. [...]\n#hackernews #news", "creation_timestamp": "2026-06-24T22:29:32.314347Z"}, {"uuid": "1fb2a706-c228-435c-93e3-a5d0ec12296d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/eurotrends24.bsky.social/post/3mp2yyido3h2o", "content": "JUST RELEASED: Exclusive video clip on how to protect your network from the Cisco Unified CM flaw CVE-2026-20230 - Watch now and stay safe! \u2b07\ufe0f\u2699\ufe0f #cybersecurity", "creation_timestamp": "2026-06-24T22:53:04.747998Z"}, {"uuid": "33f64846-5d28-4e3c-bb6e-c2dda21d495d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/k3live.bsky.social/post/3mp2yz5iunu2z", "content": "LEAKED: Immediate download update available for the premium mod menu tool to safeguard against CVE-2026-20230 - Get it before it's too late! \u2b07\ufe0f", "creation_timestamp": "2026-06-24T22:53:25.943624Z"}, {"uuid": "8d64b185-ac4d-4fda-be6d-216bf9815b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mp36mqeabi2c", "content": "Cisco Unified CM\u306e\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u3001Web\u30b7\u30a7\u30eb\u304c\u30c9\u30ed\u30c3\u30d7\u3055\u308c\u308b\uff08CVE-2026-20230\uff09 \n\nCisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)  #HelpNetSecurity (Jun 24)\n\nwww.helpnetsecurity.com/2026/06/24/c...", "creation_timestamp": "2026-06-25T00:33:51.404416Z"}, {"uuid": "598d63e1-3752-45e1-8e94-2b99b4ea39ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html", "content": "Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME).\n\nThe vulnerability, tracked as CVE-2026-20230 (CVSS score: 8.6), is a case of improper input validation for specific HTTP requests that could allow an unauthenticated, remote", "creation_timestamp": "2026-06-25T01:00:40.690736Z"}, {"uuid": "04594e82-eede-410e-a059-8e9e0bfb0d88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://threatintel.cc/2026/06/24/morning-cyber-summary.html", "content": "Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks\n\nSource URL: https://www.securityweek.com/eight-year-old-samsung-knox-flaw-exposed-millions-of-galaxy-devices-to-kernel-attacks/\nResearchers disclosed a high-severity use-after-free (UAF) race condition flaw (CVE-2026-20971, CVSS 7.8) affecting Samsung Galaxy S9 through S25 devices. The bug resides in the interaction between the kernel’s process authenticator (PROCA) and its integrity subsystem (FIVE), leaving a tiny preemption window open during child process spawning that attackers can exploit to compromise the kernel.\n\nMythos Discovers ‘Squidbleed,’ a Memory Leak That’s Gone Undetected Since Clinton Era\n\nSource URL: https://www.theregister.com/security/2026/06/23/mythos-discovers-squidbleed-a-memory-leak-thats-gone-undetected-since-clinton-era/\nA 29-year-old vulnerability dubbed “Squidbleed” (CVE-2026-47729) was discovered in the popular open-source caching proxy server Squid using Anthropic’s Claude Mythos Preview AI. The flaw silently leaks users' plaintext HTTP requests, credentials, and session tokens, posing significant data exposure risks across enterprise networks and older legacy environments. It was resolved in version 7.6.\n\nFortiBleed-kyberhy\u00f6kk\u00e4yskampanjan vaikutukset n\u00e4kyv\u00e4t my\u00f6s Suomessa\n\nSource URL: https://www.kyberturvallisuuskeskus.fi/fi/uutiset/fortibleed-kyberhyokkayskampanjan-vaikutukset-nakyvat-myos-suomessa\nThe global FortiBleed cyberattack campaign heavily impacts Fortinet FortiGate firewalls and SSL-VPN appliances using previously leaked or stolen credentials. The Finnish National Cyber Security Centre (Kyberturvallisuuskeskus) has begun mapping targeted organizations across Finland and releasing remediation guidelines to counter ongoing unauthorized access attempts.\n\nCVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration.\n\nSource URL: https://isc.sans.edu/diary/rss/33094\nDespite a 2024 patch for an improper access control flaw (CVE-2024-40766, CVSS 9.3) impacting SonicWall Gen 5, 6, and 7 firewalls, ransomware operators continue to successfully compromise networks due to unmanaged configurations. The vulnerability targets the management interface and SSLVPN services, allowing threat actors to drop entire networks or gain complete device control.\n\nNew macOS ClickFix Attack Silently Mounts DMGs to Push Infostealer\n\nSource URL: https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/\nA novel macOS ClickFix social engineering campaign tricks users into running malicious Terminal commands via fake CAPTCHA verification prompts. Upon execution, the script uses the native hdiutil utility to silently download, mount, and execute a disk image (DMG) bundle containing the Atomic macOS Stealer (AMOS), harvesting browser credentials, system Keychains, and crypto wallet data.\n\n‘Cordyceps’: Mushrooming Malicious Pull Requests Threaten Developer Workflows\n\nSource URL: https://www.darkreading.com/application-security/cordyceps-malicious-pull-requests-developer-workflows\nDubbed “Cordyceps,” a newly identified architectural weakness within automated CI/CD pipelines allows malicious pull requests to compromise software supply chains. By exploiting overly permissive access controls in automated pre-merge testing workflows, attackers can execute command injection to hijack highly privileged signing keys and access tokens.\n\nThe Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration\n\nSource URL: https://unit42.paloaltonetworks.com/cloud-bucket-hijacking-risks/\nPalo Alto Networks Unit 42 uncovered a structural flaw across AWS, Google Cloud, and Microsoft Azure involving global namespace collision. Attackers can silently hijack an organization’s active cloud data streams by anticipating, deleting, and immediately recreating targeted storage buckets under their own control, leaving minimal detection signatures during data exfiltration.\n\nLastPass Confirms Data Breach in Klue Supply Chain Attack\n\nSource URL: https://www.bleepingcomputer.com/news/security/lastpass-confirms-data-breach-in-klue-supply-chain-attack/\nLastPass suffered a security breach impacting its corporate Salesforce environment after threat actors stole OAuth tokens from Klue, a third-party market intelligence platform. While customer password vaults and internal core infrastructure remain fully isolated and untouched, the attackers successfully extracted internal corporate CRM data, customer names, and support log information.\n\nTata Electronics Confirms Cyberattack After Alleged Apple, Tesla Documents Appear Online\n\nSource URL: https://therecord.media/tata-electronics-confirms-cyberattack\nIndian manufacturing giant Tata Electronics confirmed a recent network breach following claims by extortion group “World Leaks,” who published stolen documents allegedly detailing proprietary client data from Apple and Tesla. Tata maintains that the incident was isolated, successfully contained, and has caused zero operational downtime.\n\nPayouts King Ransomware Initial Access Broker Deploys New Edgecution Malware\n\nSource URL: https://www.zscaler.com/blogs/security-research/payouts-king-ransomware-initial-access-broker-deploys-new-edgecution\nZscaler ThreatLabz isolated a stealthy delivery mechanism dubbed “Edgecution,” deployed by initial access brokers linked to the Payouts King ransomware family. The attack abuses a malicious Microsoft Edge browser extension that manipulates the Chrome native messaging protocol to bypass browser sandboxing entirely, triggering arbitrary local file system modification and execution.\n\nAI Models Capable of Launching Major Cyberattacks Months Away, Five Eyes Alliance Warns\n\nSource URL: https://www.cybersecuritydive.com/news/ai-cyberattacks-five-eyes-frontier-models-warning/\nAn international intelligence coalition comprising the United States, United Kingdom, Canada, Australia, and New Zealand issued a joint advisory warning that advanced frontier AI models are rapidly collapsing offensive cyber timelines. The group cautioned corporate boards and infrastructure operators that AI-driven exploitation capabilities will outpace standard enterprise defenses in a matter of months rather than years, vastly lowering technical barriers for automated network intrusions.\n\n14 Million Email Accounts Exposed in Cyberattack on Japanese Telecom Giant KDDI\n\nSource URL: https://www.nippon.com/en/news/yjj2026062301023/\nJapanese telecommunications provider KDDI Corp. disclosed a massive data breach targeting its email infrastructure utilized by several domestic internet service providers. The cyberattack, which exploited zero-day vulnerabilities in a third-party software component embedded in the email system, has potentially exposed up to 14.22 million user email addresses and encrypted passwords across major partner networks including JCOM, Biglobe, and Nifty.\n\nActive Exploitation of Cisco Unified Communications Manager Flaw Triggers Root-Level Risk\n\nSource URL: https://thehackernews.com/2026/06/23/attackers-exploit-cisco-unified-cm-flaw-weeks-after-patch-release/\nThreat intelligence teams detected active, in-the-wild exploitation of a critical server-side request forgery (SSRF) flaw in Cisco’s Unified Communications Manager and Session Management Edition. Tracked as CVE-2026-20230 (CVSS 8.6), the bug allows unauthenticated, remote attackers to send crafted HTTP requests to the WebDialer service, enabling them to write arbitrary files directly to the underlying operating system and escalate privileges to root.", "creation_timestamp": "2026-06-25T01:00:41.214334Z"}, {"uuid": "fb50d16e-a304-491b-9eb4-c1df187ed8a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mp3du45u2c2i", "content": "Cisco Unified Communications Manager\u306eSSRF \u8106\u5f31\u6027 CVE-2026-20230 \u304c\u30b5\u30a4\u30d0\u30fc\u653b\u6483\u3067\u60aa\u7528\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews #cyberattack #incident", "creation_timestamp": "2026-06-25T02:07:30.329406Z"}, {"uuid": "36ce4552-c4e6-4652-af45-fe0758eb3f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mp3f5lq7nf2t", "content": "Top 3 CVE for last 7 days:\nCVE-2026-55200: 44 interactions\nCVE-2026-47729: 18 interactions\nCVE-2026-50656: 17 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-55200: 35 interactions\nCVE-2026-20230: 8 interactions\nCVE-2026-20245: 7 interactions\n", "creation_timestamp": "2026-06-25T02:30:39.449386Z"}, {"uuid": "c3f227ba-9d71-4b31-a751-d29b0d409b7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mp3lwfrxxcj5", "content": "Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild https://securityaffairs.com/194153/uncategorized/cisco-unified-cm-flaw-cve-2026-20230-actively-exploited-in-the-wild.html", "creation_timestamp": "2026-06-25T04:31:54.893915Z"}, {"uuid": "1f07f7b0-3054-42e1-9a60-13d12797258a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mp3urmhg7y27", "content": "Cisco Unified Servers Face Active CVE-2026-20230\u00a0Exploitation\n\nThreat actors have initiated attempts to exploit the CVE-2026-20230 vulnerability within Cisco Unified servers used for corporate telephony. This critical error allows an unauthenticated, remote attacker to force file creation within\u2026", "creation_timestamp": "2026-06-25T07:10:18.248782Z"}, {"uuid": "f4e1ddad-21af-4d70-9f10-d34481d1910b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/sagalinked.bsky.social/post/3mp44uqvab32f", "content": "\ud83d\udcf0 Cisco has released multiple critical vulnerabilities, including CVE-2026-20230 under exploitation and an earlier SD-WAN 0-day that appears even more severe tha...\n\n\ud83d\udd17 https://www.theregister.com/security/2026/06/24/the-hits-keep-on-coming-for-cisco-vulnerabilities/5261797\n\n#Tech #Enterprise", "creation_timestamp": "2026-06-25T09:35:13.198588Z"}, {"uuid": "2d71072d-9bae-4211-a3c2-1a7f8fb842c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://www.cert.dk/news/2026-06-25/Cisco-fejl-udnyttes-i-angreb-mod-telefonisystemer", "content": "", "creation_timestamp": "2026-06-25T09:45:09.414350Z"}, {"uuid": "9b0b582b-3836-4f2e-96af-6eb57d0f6e46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mp46re3uqp2k", "content": "Running Cisco Unified CM? Check if WebDialer is enabled and patch now. Security firm Defused reports attacks on CVE-2026-20230, a critical flaw letting an unauthenticated attacker gain root on the server. Cisco $CSCO patched it June 3 but says it sees no malicious use yet.", "creation_timestamp": "2026-06-25T10:09:06.165349Z"}, {"uuid": "a482bf98-555a-480d-9ca4-0f8c13acec77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/index.espresso.cafecito.tech.ap.brid.gy/post/3mp4fjzszhsg2", "content": "TL;DR\n\n * CVE-2026-20230: Cisco Unified CM Critical RCE \u2014 Legacy WebDialer Flaw Triggers Global Enterprise Risk. Is your enterprise network still running deprecated services that act as open doors for hackers?\n * 630GB Leak: Tata Electronics Breach Exposes Apple and Tesla Specs. How can a 630GB [\u2026]", "creation_timestamp": "2026-06-25T12:10:19.109262Z"}, {"uuid": "253fa479-c0ba-402d-baae-42e5b3b329c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mp4gflydpc27", "content": "Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)\n\nCVE-2026-20230, a server-side request forgery (SSRF) vulnerability affecting Cisco\u2019s Unified Communications Manager (Unified CM), is being exploited to drop webshells and achieve remote code execution cap\u2026\n#hackernews #news", "creation_timestamp": "2026-06-25T12:25:41.982544Z"}, {"uuid": "b956676e-d55e-4181-a6ea-d6dae9d0d410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-high-severity-vulnerability-cisco-unified-communications-manager-exploit-poc", "content": "", "creation_timestamp": "2026-06-25T13:45:03.525819Z"}, {"uuid": "e8ce48de-921e-4f9c-afbf-98ad0e3074d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mp4ncbyexk27", "content": "Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild\n\nAttackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access Cisco Unified Communications Manager has a serious vulnerability, tracked \u2026\n#hackernews #news", "creation_timestamp": "2026-06-25T14:29:07.507980Z"}, {"uuid": "3343e617-b733-40c0-bb16-7c653f54076e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116811816867526680", "content": "\ud83d\udcf0 Attackers Actively Exploit Critical Cisco Unified CM Flaw to Deploy Webshells\n\u26a0\ufe0f ACTIVE EXPLOITATION: A critical SSRF flaw in Cisco Unified CM (CVE-2026-20230) is being used to drop webshells. Attackers are scanning from Tor. Disable the WebDialer service or patch immediately! #Cisco #CyberAttack #Infosec #SSRF\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/active-exploitation-of-critical-cisco-unified-cm-flaw-begins/?utm_source=mastodon&utm_medium\u2026", "creation_timestamp": "2026-06-25T17:01:19.198744Z"}, {"uuid": "0b79c74e-53e0-4830-8c58-39f6c9d3637d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mp4vsz3evt2x", "content": "\u26a0\ufe0f ACTIVE EXPLOITATION: A critical SSRF flaw in Cisco Unified CM (CVE-2026-20230) is being used to drop webshells. Attackers are scanning from Tor. Disable the WebDialer service or patch immediately! #Cisco #CyberAttack #Infosec #SSRF\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-25T17:01:38.207428Z"}, {"uuid": "2fa1be7a-a622-46a6-9702-d9a99fbd6b83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mp55wlb5ge2d", "content": "\ud83d\uded1 CVE-2026-20230\nCisco Unified Communications Manager\nCVSS 8.6 / EPSS 34% / KEV \u2705\nTL;DR: A vulnerability in Cisco Unified Communications Manager (Unified CM) an\u2026\nhttps://cvesentinel.com/report/CVE-2026-20230?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-06-25T19:26:47.252271Z"}, {"uuid": "12dddeca-d060-4f0b-afcf-b5d72ed10e82", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a68980e0-b134-4149-a482-a2baf1a341a6", "content": "", "creation_timestamp": "2026-06-25T20:00:02.000436Z"}, {"uuid": "619864d1-e76d-4064-a274-4654bd0f309f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6837276", "content": "2026-06-25: [CVE-2026-20230] Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) VulnerabilityCisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root.\ncisakev", "creation_timestamp": "2026-06-25T20:02:48.477560Z"}, {"uuid": "3e860450-0567-484d-9704-6e19250d57f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mp5g37q2xe2e", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u60272\u4ef6\u3092\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds Two Known Exploited Vulnerabilities to Catalog  #CISA (Jun 25)\n\nCVE-2026-12569 PTC Windchill\u304a\u3088\u3073FlexPLM\u306b\u304a\u3051\u308b\u4e0d\u9069\u5207\u306a\u5165\u529b\u691c\u8a3c\u306e\u8106\u5f31\u6027\nCVE-2026-20230 Cisco Unified Communications Manager\u306e\u30b5\u30fc\u30d0\u30fc\u30b5\u30a4\u30c9\u30ea\u30af\u30a8\u30b9\u30c8\u30d5\u30a9\u30fc\u30b8\u30a7\u30ea\uff08SSRF\uff09\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-06-25T21:52:34.194028Z"}, {"uuid": "02481193-ae32-4e05-aa30-1dcfba89f161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mp5poxir3k2a", "content": "The hits keep on coming for Cisco vulnerabilities\n\nCVE-2026-20230 under exploitation, while an earlier SD-WAN 0-day looks even worse than we thought\n#hackernews #news", "creation_timestamp": "2026-06-26T00:44:39.990988Z"}, {"uuid": "2258658b-bd0c-402b-98ee-f9a0e356b4ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mp6ouvfhn22j", "content": "Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild\n\nsecurityaffairs.com/194153/uncat...\n\n#Cybersecurity #LargeScaleImpact #Vulnerability", "creation_timestamp": "2026-06-26T10:02:45.246510Z"}, {"uuid": "4ef2f2ff-bb40-4548-85a6-a219ccf10624", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116816986268752727", "content": "\ud83d\udcf0 CISA Adds Actively Exploited PTC and Cisco Flaws to KEV Catalog, Mandates Federal Patching\n\ud83d\udce2 CISA adds two actively exploited vulnerabilities to its KEV catalog: CVE-2026-12569 in PTC products and CVE-2026-20230 in Cisco UCM. Federal agencies are mandated to patch. All orgs should prioritize these now! \u26a0\ufe0f #CyberSecurity #Vulnerability #CI...\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/cisa-adds-actively-exploited-ptc-and-cisco-flaws-to-kev-cata\u2026", "creation_timestamp": "2026-06-26T14:55:55.893235Z"}, {"uuid": "9afc874b-f5ac-4615-8744-4b554b7fe532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mp77bxemxo2f", "content": "\ud83d\udce2 CISA adds two actively exploited vulnerabilities to its KEV catalog: CVE-2026-12569 in PTC products and CVE-2026-20230 in Cisco UCM. Federal agencies are mandated to patch. All orgs should prioritize these now! \u26a0\ufe0f #CyberSecurity #Vulnerability #CI...\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-26T14:56:22.762722Z"}, {"uuid": "48ff3e3e-a4d2-43ea-a577-8f3c27b54ce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/royans.bsky.social/post/3mp7ebc562n2w", "content": "Cisco Unified Communications Manager: Critical SSRF-to-RCE Chain CVE-2026-20230\n\n##Cisco ##SSRF ##RCE ##VulnerabilityAnalysis\n\nhttps://flagthis.com/newsletter/2026/06/26/tldr/3798", "creation_timestamp": "2026-06-26T16:25:28.991451Z"}, {"uuid": "978169eb-5ca0-4100-a0cb-ca7c6526e688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mp7wbzexxc2z", "content": "Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks\n\nwww.bleepingcomputer.com/news/securit...\n\n#Kyberturvallisuus #LaajaVaikutus #Haavoittuvuus", "creation_timestamp": "2026-06-26T21:48:02.693416Z"}, {"uuid": "3c21fa90-85ae-4945-a72b-08b9bab5b671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mpaamydmgs25", "content": "CISA added a Cisco $CSCO Unified Communications Manager flaw, CVE-2026-20230, to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. The server-side request forgery bug hits enterprise phone systems. Federal agencies were ordered to patch. Per CISA.", "creation_timestamp": "2026-06-27T00:53:07.310362Z"}, {"uuid": "0ba47790-6a0e-4dd6-ae03-e113edbcbdf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mpaap6ajt72a", "content": "\ud83e\udd16 CVE-2026-20230: RCE in Cisco Unified CM, actively exploited. CISA adds to KEV with Sunday patch deadline.\n\nhttps://www.bleepingcomputer.com/news/security/cisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks/", "creation_timestamp": "2026-06-27T00:54:19.312467Z"}, {"uuid": "b3f1143c-a128-4c40-b737-e29149485be6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mpaqym3f7g2d", "content": "CISA confirms active zero-day exploitation of Cisco Unified CM (CVE-2026-20230), introducing a critical SSRF vector that allows threat actors to bypass internal security boundaries. Access our complete executive risk mitigation framework and boardroom governance strategy:\u2026", "creation_timestamp": "2026-06-27T05:45:56.391712Z"}, {"uuid": "29570372-1f09-4b37-b2cd-226b12d251d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mpb6yxj74a2f", "content": "Cisco Unified Communications Manager Arbitrary File Write to RCE (CVE-2026-20230) #patchmanagement", "creation_timestamp": "2026-06-27T09:56:41.236646Z"}, {"uuid": "5cbc282f-eb30-4161-bb93-074d793e0ba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mpbjrewkxx2n", "content": "\ud83e\udd16 CVE-2026-20230 (SSRF, CISA KEV): Cisco Unified Communications Manager flaw allows unauthenticated remote attackers to write files to the OS and escalate to root. Actively exploited. CISA deadline: June 28.\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-20230", "creation_timestamp": "2026-06-27T13:09:16.824554Z"}, {"uuid": "dedd6e6d-ab95-4270-8d0a-cb83c126c2aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/thecybermind.co/post/3mpdo4e4zik2b", "content": "\ud83d\udee1\ufe0f The patch window has collapsed. This week's Cyber Mind Brief breaks down CISA's emergency Cisco SSRF (CVE-2026-20230) mandate, the 2026 Verizon DBIR shift to machine-speed exploits, and tactical moves to harden your Zero Trust perimeter. Read the full operational intel:\u2026", "creation_timestamp": "2026-06-28T09:32:20.707036Z"}, {"uuid": "080216f5-1d64-4822-b214-fe279f16e54e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/sen-perimetered.bsky.social/post/3mpe4vg2kp62k", "content": "CVE-2026-20230: unauthenticated SSRF in Cisco Unified CM. No creds. Attacker writes files to the OS, escalates to root. KEV-listed Jun 25. Federal patch deadline: today, Jun 28. UC servers aren't edge infra \u2014 but they're reachable. That's enough.", "creation_timestamp": "2026-06-28T13:56:52.731932Z"}, {"uuid": "03484230-8ed2-4448-aa1f-ffbefd5cd214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/sen-perimetered.bsky.social/post/3mpe52nkveo25", "content": "CVE-2026-20230 \u2014 Cisco Unified CM. Unauthenticated SSRF \u2192 two-stage JSP webshell. Automated Tor sweeps confirmed this weekend.\n\nPatch: June 3. PoC: June 12. Exploitation: now.\n\n3 weeks of runway. Can't patch? Disable WebDialer. Today.", "creation_timestamp": "2026-06-28T13:59:48.522599Z"}, {"uuid": "28d240bd-7088-485c-a117-bc866116320c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mpeabajlfp2u", "content": "\ud83d\udce2 CISA adds two actively exploited vulnerabilities to its KEV catalog: CVE-2026-12569 in PTC products and CVE-2026-20230 in Cisco UCM. Federal agencies are mandated to patch. All orgs should prioritize these now! \u26a0\ufe0f #CyberSecurity #Vulnerability #CI...\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-28T14:57:10.924047Z"}, {"uuid": "699c9ad6-e498-45cb-b050-7ea31949bd8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mpedt3uhf224", "content": "Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild\n\nsecurityaffairs.com/194153/hacki...\n\n#Cybersecurity #LargeScaleImpact #Vulnerability", "creation_timestamp": "2026-06-28T16:00:52.143910Z"}, {"uuid": "5cbcf9c8-ef41-4811-9ab8-6b0e9fb23bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpffnzdgim2o", "content": "This weekly CVE report covers 1,909 new vulnerabilities from June 22-28, 2026. CISA flagged six as exploited, including CVE-2026-20230.\n\n#CVE #CISA #KEV #Vulnerability #Cybersecurity #Infosec", "creation_timestamp": "2026-06-29T02:06:29.234853Z"}, {"uuid": "c9cf1960-0d03-400f-9b0e-65392e080aa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpfhbkx6r32q", "content": "Cisco Unified CM RCE Flaw Exploited in the Wild as PoC Code Goes\u00a0Public\n\nTL;DR Attackers are exploiting a Cisco Unified CM RCE flaw in live attacks. Tracked as CVE-2026-20230, it carries a CVSS score of 8.6. Researchers have now published full technical details and proof-of-concept exploit code.\u2026", "creation_timestamp": "2026-06-29T02:35:18.951919Z"}, {"uuid": "5d9896d1-c2a0-4166-818b-246832885dfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20230", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mpg37n4b3722", "content": "\ud83d\udcf0 CISA Tetapkan Tenggat Waktu Darurat untuk Perbaiki Celah Keamanan Cisco dan PTC Windchill yang Dieksploitasi Peretas\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/06/29/cisa-sets-urgent-deadline-to-fix-cisco-and-ptc-flaws/\n\n#cisa #cisco #cve-2026-12569 #cve-2026-20230 #defusedT", "creation_timestamp": "2026-06-29T08:32:07.858103Z"}, {"uuid": "ca55eb21-8bac-401e-bd32-1f860a373aa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/aegisbot.bsky.social/post/3mpggudv6x32m", "content": "\ud83d\udd0d Top signals this week:\n\nCVEs: CVE-2026-20230, CVE-2026-12569, CVE-2026-8461, CVE-2026-20245, CVE-2025-25205\nActors: Play, Ransomware, Apt\n\nFull intel: https://matlock.ca/cybersecnews", "creation_timestamp": "2026-06-29T12:00:33.794101Z"}, {"uuid": "bcb06b07-264a-4066-8d76-4cbac65aec37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://threatintel.cc/2026/06/29/threat-intel.html", "content": "1. FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys\n\n\n\nOriginal URL: [https://thehackernews.com/2026/06/fbi-warns-russian-intelligence-hackers.html](https://thehackernews.com/2026/06/fbi-warns-russian-intelligence-hackers.html)\n\nSummary: The FBI and CISA have issued an updated advisory warning that Russian state-sponsored threat groups (including UNC5792 and UNC4221) are actively targeting Signal messaging accounts via credential-phishing campaigns. Attackers are using social engineering to trick users into revealing their Signal Backup Recovery Keys, which allows the adversaries to permanently hijack accounts, restore complete message histories, and continue monitoring communication even if a user attempts to recreate their account. To mitigate this threat, users must generate a completely new recovery key within their Signal security settings, an action that instantly revokes the access privileges of any previously compromised keys.\n\nKeywords: #CyberSecurity #SignalApp #Phishing #Infosec #CISA #FBI #RussianHackers #DataPrivacy #ThreatIntelligence\n\n\n2. Self-Destructing Mistic Backdoor Linked to Access Broker Selling Corporate Footholds\n\n\n\nOriginal URL: [https://www.theregister.com/security/2026/06/25/self-destructing-mistic-backdoor-linked-to-access-broker-selling-corporate-footholds-to-ransomware-gangs/](https://www.theregister.com/security/2026/06/25/self-destructing-mistic-backdoor-linked-to-access-broker-selling-corporate-footholds-to-ransomware-gangs/)\n\nSummary: A newly discovered, highly evasive backdoor known as “Mistic” (or MLTBackdoor) is being deployed across multiple corporate networks, including organizations within the IT, insurance, and education sectors. Security researchers from Symantec, Carbon Black, and Zscaler have linked the malware to a financially motivated initial access broker tracked as KongTuke (or Woodgnat), who specializes in establishing early network footprints to sell to ransomware syndicates. Mistic stands out due to its built-in self-destruction mechanisms, which erase its tracks following initial deployment to complicate forensic investigations while facilitating lateral movement within target environments.\n\nKeywords: #Malware #Ransomware #InitialAccessBroker #MisticBackdoor #ThreatHunting #EnterpriseSecurity #Infosec #CyberCrime\n\n\n3. CISA Sets Urgent Deadline to Fix Cisco Flaw Exploited in Attacks\n\n\n\nOriginal URL: [https://www.bleepingcomputer.com/news/security/cisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks/](https://www.bleepingcomputer.com/news/security/cisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks/)\n\nSummary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Cisco flaw to its Known Exploited Vulnerabilities catalog, imposing an urgent patching deadline for federal agencies. The vulnerability, tracked as CVE-2026-20230, is a critical server-side request forgery (SSRF) flaw in the Cisco Unified Communications Manager Server that permits unauthenticated, remote attackers to execute malicious actions via custom HTTP requests. While Cisco initially patch-released the flaw with no evidence of active exploits, threat detection firm Defused recently caught threat actors actively leveraging the vulnerability to write arbitrary text files directly onto vulnerable network endpoints.\n\nKeywords: #Cisco #Vulnerability #PatchTuesday #CISA #KEV #SSRF #NetworkSecurity #ITSecurity #FederalCyber\n\n\n4. New Initiative Tackles Security for End-of-Life Open Source Software\n\n\n\nOriginal URL: [https://www.darkreading.com/application-security/initiative-tackles-security-end-of-life-open-source](https://www.darkreading.com/application-security/initiative-tackles-security-end-of-life-open-source)\n\nSummary: The Commonhaus Foundation has officially introduced the Open Source Sustainability Initiative (OSSI) to confront the systemic security risks associated with abandoned and end-of-life (EOL) open-source projects. Because standard enterprises utilize hundreds of open-source dependencies, managing security patches becomes highly error-prone once development teams stop maintaining original repositories. The OSSI aims to establish a structured, collaborative framework to track, secure, and retroactively patch vulnerable code in widely used legacy projects, minimizing the attack surface for enterprise supply chains.\n\nKeywords: #OpenSource #SoftwareSupplyChain #AppSec #Commonhaus #OSSI #CyberResilience #VulnerabilityManagement #EnterpriseSoftware\n\n\n5. Clean GitHub Repo Tricks AI Coding Agents Into Running Malware\n\n\n\nOriginal URL: [https://www.bleepingcomputer.com/news/security/clean-github-repo-tricks-ai-coding-agents-into-running-malware/](https://www.bleepingcomputer.com/news/security/clean-github-repo-tricks-ai-coding-agents-into-running-malware/)\n\nSummary: Security researchers at Mozilla’s Zero Day Investigative Network (0DIN) have demonstrated a novel prompt injection attack vector that completely bypasses code scanners by tricking AI coding assistants into generating and running local malware. Instead of containing malicious code, the target GitHub repository remains entirely clean; instead, it relies on indirect prompt instructions that manipulate the AI agent during setup into creating an unintended local vulnerability. Once executed by an automated tool like Claude Code, the attack grants the adversary a localized terminal shell functioning with the host developer’s system privileges, giving them direct access to local API keys, environment variables, and files.\n\nKeywords: #AISecurity #GitHub #PromptInjection #LLM #ArtificialIntelligence #SoftwareDevelopment #DevSecOps #Mozilla #0DIN\n\n\n6. Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts\n\n\n\nOriginal URL: [https://thehackernews.com/2026/06/microsoft-removes-119-edge-extensions.html](https://thehackernews.com/2026/06/microsoft-removes-119-edge-extensions.html)\n\nSummary: Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, then woke up days after install to steal credentials and run ad fraud. The company calls it StegoAd, a mash-up of steganography and adware, and ties 119 extensions to a single threat actor it says has been active since at least 2021. The extensions were disguised as common utilities like ad blockers, VPNs, and translators, which performed their stated tasks to gain positive reviews while remaining dormant until clearing evasion checks.\n\nKeywords: #Malware #BrowserExtensions #Steganography #MicrosoftEdge #AdFraud #CredentialTheft #SupplyChainAttack #Infosec\n\n\n7. Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer\n\n\n\nOriginal URL: [https://thehackernews.com/2026/06/hijacked-npm-and-go-packages-use-vs.html](https://thehackernews.com/2026/06/hijacked-npm-and-go-packages-use-vs.html)\n\nSummary: Cybersecurity researchers have uncovered a new ecosystem supply chain attack involving hijacked npm and Go packages designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts. To evade the typical script detection mechanisms implemented to harden security registries, the malware strategically avoids common execution paths and hides its initialization logic inside an automatic Microsoft Visual Studio Code workspace configuration file. Once a developer simply opens the project directory inside their IDE, the hidden task triggers automatically, fetching malicious code from blockchain records and granting the threat actors a direct command shell.\n\nKeywords: #SupplyChainAttack #Malware #VSCode #DeveloperSecurity #Python #npm #GoLang #Infostealer #DevSecOps\n\n\n8. US Seizes Hundreds of FIFA World Cup Illegal Streaming Domains\n\n\n\nOriginal URL: [https://www.bleepingcomputer.com/news/security/us-seizes-hundreds-of-fifa-world-cup-illegal-streaming-domains/](https://www.bleepingcomputer.com/news/security/us-seizes-hundreds-of-fifa-world-cup-illegal-streaming-domains/)\n\nSummary: The U.S. Department of Justice has executed a massive coordinated enforcement action dubbed “Operation Offsides,” seizing nearly 400 web domains that were providing illegal, real-time streams of World Cup soccer matches. Working alongside law enforcement networks across Peru, Bulgaria, Croatia, Romania, Poland, and Colombia, federal agents targeted infrastructure that infringed on global broadcasting copyright protections. Beyond media piracy, Homeland Security Investigations (HSI) warned that these unauthorized streaming platforms aggressively expose users to hidden drive-by malware infections and insecure browser connections engineered to harvest financial details.\n\nKeywords: #DomainSeizure #CyberCrime #LawEnforcement #DOJ #WorldCup #Malware #CopyrightInfringement #Piracy\n\n\n9. Active Phishing Campaign Exploits Calendly and Photo ZIP Files to Target Hotels\n\n\n\nOriginal URL: [https://www.rescana.com/post/klue-supply-chain-breach-exposes-oauth-tokens-and-salesforce-data-in-multi-stage-cybersecurity-incident-june-2026](https://www.rescana.com/post/klue-supply-chain-breach-exposes-oauth-tokens-and-salesforce-data-in-multi-stage-cybersecurity-incident-june-2026)\n\nSummary: Microsoft has issued an active alert to the global hospitality sector warning of a coordinated phishing campaign that abuses common scheduling applications like Calendly to drop dangerous Node.js malware. Attackers are posing as prospective corporate clients or wedding parties to schedule appointments, leveraging the booking platforms to share highly realistic compressed “photo archives” containing malicious configuration files. Once executed by unsuspecting hotel booking agents, the payload installs a flexible Node.js infostealer designed to bypass memory protections, sweep web browser caches, and extract corporate credit card data.\n\nKeywords: #Phishing #Malware #HospitalitySector #Calendly #NodeJS #SocialEngineering #DataTheft #MicrosoftSecurity\n\n\n10. Klue Supply Chain Breach Exposes OAuth Tokens and Salesforce Data\n\n\n\nOriginal URL: [https://www.rescana.com/post/klue-supply-chain-breach-exposes-oauth-tokens-and-salesforce-data-in-multi-stage-cybersecurity-incident-june-2026](https://www.rescana.com/post/klue-supply-chain-breach-exposes-oauth-tokens-and-salesforce-data-in-multi-stage-cybersecurity-incident-june-2026)\n\nSummary: A significant multi-stage supply chain breach has compromised the market intelligence SaaS platform Klue, leading to the unauthorized collection of active OAuth tokens and data exfiltration impacting approximately 200 client organizations. A threat group identified as Icarus gained initial entry by exploiting an inactive legacy administrative credential to inject malicious code directly into Klue’s core synchronization infrastructure. Armed with the stolen OAuth access tokens, the threat actors systematically pivoted to download sensitive CRM records from client environments, subsequently posting the data on a Tor leak site for double-extortion.\n\nKeywords: #SupplyChainAttack #OAuth #DataBreach #Salesforce #SaaS #ThreatIntelligence #Extortion #CloudSecurity\n\n\n11. Amazon Q Developer Extension Flaw Enables Cloud Credential Theft\n\n\n\nOriginal URL: [https://cisoseries.com/cybersecurity-news-cisas-cisco-deadline-chinas-mythos-competitor-amazon-q-flaw/](https://cisoseries.com/cybersecurity-news-cisas-cisco-deadline-chinas-mythos-competitor-amazon-q-flaw/)\n\nSummary: Security researchers at Wiz have publicly disclosed a high-severity flaw within Amazon\u2019s Q Developer AI-assisted coding extension for Visual Studio Code that opens developers up to immediate cloud credential theft. The underlying vulnerability stems from the extension’s behavior of automatically evaluating workspace configuration parameters without checking for manual user authorization when a new project folder is initialized. By enticing software engineers to clone an intentionally booby-trapped repository, attackers can force the IDE extension to execute automated system commands in the background to harvest local cloud access keys.\n\nKeywords: #AmazonQ #Wiz #Vulnerability #CloudSecurity #AISecurity #VSCode #DevSecOps #CredentialTheft\n\n\n12. Qihoo 360 Announces Tulongfeng Multi-Agent Swarm to Challenge US AI Security\n\n\n\nOriginal URL: [https://cisoseries.com/cybersecurity-news-cisas-cisco-deadline-chinas-mythos-competitor-amazon-q-flaw/](https://cisoseries.com/cybersecurity-news-cisas-cisco-deadline-chinas-mythos-competitor-amazon-q-flaw/)\n\nSummary: Chinese cybersecurity giant Qihoo 360 has unveiled its newest defensive security platform, dubbed “Tulongfeng,” engineered as an adversarial alternative to frontier American code evaluation tools like Anthropic’s Claude Mythos. Presented at the Beijing Cybersecurity Conference, the platform leverages a highly specialized multi-agent swarm trained exclusively on Qihoo’s massive internal repository of historical malware variants and software bugs. The developer team claims this custom architecture is finding critical vulnerabilities across open-source and enterprise-tier platforms at machine speeds, bypassing the computational overhead of generic LLMs.\n\nKeywords: #ArtificialIntelligence #Qihoo360 #Tulongfeng #VulnerabilityHunting #ZeroDay #TechGeopolitics #AIModel #Infosec\n\n\n13. KDDI Data Breach Impacts Up to 14.2 Million Accounts in Japan\n\n\n\nOriginal URL: [https://www.bleepingcomputer.com/news/security/data-breach-exposes-up-to-142-million-email-logins-at-six-isps/](https://www.bleepingcomputer.com/news/security/data-breach-exposes-up-to-142-million-email-logins-at-six-isps/)\n\nSummary: Major Japanese telecommunications operator KDDI Corporation has disclosed a massive data breach affecting up to 14.2 million email accounts spread across six distinct internet service providers (ISPs). Cybercriminals successfully compromised the systems by exploiting a newly identified software vulnerability within a shared third-party email administration module utilized by the networks. KDDI has patched the direct system vulnerability and is actively coordinating with data privacy authorities to notify impacted subscribers of potential credential theft and incoming phishing risks.\n\nKeywords: #DataBreach #TelecomSecurity #KDDI #DataPrivacy #JapanCyber #Vulnerability #SupplyChainRisk #EmailSecurity\n\n\n14. Active Exploitation Alert Issued for Cisco CUCM SSRF-RCE Flaw\n\n\n\nOriginal URL: [https://www.rescana.com/post/klue-supply-chain-breach-exposes-oauth-tokens-and-salesforce-data-in-multi-stage-cybersecurity-incident-june-2026](https://www.rescana.com/post/klue-supply-chain-breach-exposes-oauth-tokens-and-salesforce-data-in-multi-stage-cybersecurity-incident-june-2026)\n\nSummary: Threat monitors have issued an updated advisory following the rapid weaponization of CVE-2026-20230, a server-side request forgery (SSRF) flaw in Cisco’s Unified Communications Manager (CUCM). Within 24 hours of public exploitation proof-of-concepts, automated exploitation scripts were detected scanning the internet and actively dropping weaponized HTTP requests onto enterprise servers. Attackers are currently leveraging the unauthenticated flaw to write arbitrary system files directly onto endpoints, which can lead to localized remote code execution (RCE) and full communication server compromise.\n\nKeywords: #Cisco #CUCM #ExploitAlert #SSRF #RemoteCodeExecution #ZeroDay #PatchManagement #NetworkHardening\n\n\n15. JP Morgan Warns Cybersecurity Now Outpaces Credit Risks for Major US Banks\n\n\n\nOriginal URL: [https://uk.finance.yahoo.com/news/jp-morgan-warns-cybersecurity-bigger-110200388.html](https://uk.finance.yahoo.com/news/jp-morgan-warns-cybersecurity-bigger-110200388.html)\n\nSummary: In a comprehensive analytical briefing sent to institutional investors, JP Morgan’s European equity research group has warned that systemic cybersecurity threats now pose a fundamentally greater risk to banking stability than traditional credit default risks. The firm highlights that while conventional loan losses and asset risks are heavily modeled and calculated within current banking valuations, the financial and reputational liabilities of automated ransomware or infrastructure hacks remain dangerously understated. The report calls for regulatory bodies to introduce market valuation premiums for financial institutions that demonstrate quantifiable cyber-resilience frameworks.\n\nKeywords: #BankingSecurity #FinSec #JPMorgan #RiskManagement #Ransomware #FinancialServices #CyberEconomics #EnterpriseRisk\n", "creation_timestamp": "2026-06-29T13:00:47.391861Z"}, {"uuid": "8d812aaf-89ee-4d3b-9d23-5513f8cbda36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/trinacriatech.bsky.social/post/3mpgoavylnc2r", "content": "CVE-2026-20230 \u2014 Cisco Unified CM. SSRF WebDialer \u2192 file write arbitrario \u2192 RCE root. Unauthenticated, CVSS 8.6. PoC pubblico. CISA KEV, deadline FCEB scaduta ieri. Exploitation ancora attiva. #Cisco #CISA", "creation_timestamp": "2026-06-29T14:12:52.319643Z"}, {"uuid": "604af9a5-fdc9-432d-9bff-6d59df0151d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/trinacriatech.bsky.social/post/3mpgobtipkk2s", "content": "CVE-2026-20230 \u2014 Cisco Unified CM. SSRF WebDialer \u2192 file write arbitrario \u2192 RCE root. Unauthenticated, CVSS 8.6. PoC pubblico. CISA KEV, deadline FCEB scaduta ieri. Exploitation ancora attiva. #Cisco #CISA", "creation_timestamp": "2026-06-29T14:13:23.451228Z"}, {"uuid": "4d3a8d16-47b0-4eb8-b833-c2106341a193", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116834485468683687", "content": "\ud83d\udcf0 Attackers Actively Exploit Critical Cisco Unified CM Flaw to Deploy Webshells\n\u26a0\ufe0f ACTIVE EXPLOITATION: A critical SSRF flaw in Cisco Unified CM (CVE-2026-20230) is being used to drop webshells. Attackers are scanning from Tor. Disable the WebDialer service or patch immediately! #Cisco #CyberAttack #Infosec #SSRF\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/active-exploitation-of-critical-cisco-unified-cm-flaw-begins/?utm_source=mastodon&utm_medium\u2026", "creation_timestamp": "2026-06-29T17:06:16.611430Z"}, {"uuid": "c04b7cf1-c5e7-4082-a3d6-979bc73c6931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mpgxxn75ed2c", "content": "\u26a0\ufe0f ACTIVE EXPLOITATION: A critical SSRF flaw in Cisco Unified CM (CVE-2026-20230) is being used to drop webshells. Attackers are scanning from Tor. Disable the WebDialer service or patch immediately! #Cisco #CyberAttack #Infosec #SSRF\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-06-29T17:06:37.707404Z"}, {"uuid": "6ddd624c-21de-45cc-8f73-30eaa26e5221", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mphbse4y7c2f", "content": "\u300cCisco Unified CM\u300d\u306b\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u8106\u5f31\u6027 - \u5b9f\u8a3c\u30b3\u30fc\u30c9\u304c\u516c\u958b\u6e08\u307f\n\nCisco Systems\u306f\u3001IP\u96fb\u8a71\u3084\u30d3\u30c7\u30aa\u901a\u8a71\u306a\u3069\u3092\u7ba1\u7406\u3059\u308b\u4f01\u696d\u5411\u3051\u30b3\u30df\u30e5\u30cb\u30b1\u30fc\u30b7\u30e7\u30f3\u57fa\u76e4\u300cCisco Unified Communications Manager\u300d\u306b\u8106\u5f31\u6027\u304c\u5224\u660e\u3057\u305f\u3068\u3057\u3001\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u305f\u3002\u3059\u3067\u306b\u6982\u5ff5\u5b9f\u8a3c\u30b3\u30fc\u30c9\uff08PoC\uff09\u3082\u516c\u958b\u6e08\u307f\u3067\u3001\u91cd\u8981\u5ea6\u3092\u3082\u3063\u3068\u3082\u9ad8\u3044\u300c\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u300d\u3078\u30681\u6bb5\u968e\u5f15\u304d\u4e0a\u3052\u3001\u5229\u7528\u8005\u306b\u5bfe\u5fdc\u3092\u547c\u3073\u304b\u3051\u3066\u3044\u308b\u3002\n\n\u540c\u793e\u306f\u73fe\u5730\u6642\u95932026\u5e746\u67083\u65e5\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u3092\u516c\u958b\u3057\u3001\u30b5\u30fc\u30d0\u30b5\u30a4\u30c9\u30ea\u30af\u30a8\u30b9\u30c8\u30d5\u30a9\u30fc\u30b8\u30a7\u30ea\uff08SSRF\uff09\u306e\u8106\u5f31\u6027\u300cCVE-2026-20230...", "creation_timestamp": "2026-06-29T20:02:38.309541Z"}, {"uuid": "829271ef-0a60-41da-81a8-db18bbc800c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20230", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mphc5mbw2k2f", "content": "Cisco\u3001Unified CM\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027\u306b\u5bfe\u3059\u308b\u6982\u5ff5\u5b9f\u8a3c\uff08PoC\uff09\u304c\u5229\u7528\u53ef\u80fd\u306b\u306a\u3063\u305f\u3068\u8b66\u544a\n\nCVE-2026-20230\uff08CVSS\u30b9\u30b3\u30a28.6\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b\u3053\u306e\u30d0\u30b0\u306f\u3001\u7279\u5b9a\u306eHTTP\u30ea\u30af\u30a8\u30b9\u30c8\u306b\u304a\u3051\u308b\u5165\u529b\u304c\u9069\u5207\u306b\u691c\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u3053\u3068\u306b\u8d77\u56e0\u3057\u3001\u653b\u6483\u8005\u304c\u30b5\u30fc\u30d0\u30fc\u30b5\u30a4\u30c9\u30ea\u30af\u30a8\u30b9\u30c8\u30d5\u30a9\u30fc\u30b8\u30a7\u30ea\uff08SSRF\uff09\u653b\u6483\u3092\u5b9f\u884c\u3067\u304d\u308b\u3068\u3044\u3046\u3082\u306e\u3067\u3059\u3002\n\n\u300c\u653b\u6483\u8005\u306f\u3001\u7d30\u5de5\u3055\u308c\u305fHTTP\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30c7\u30d0\u30a4\u30b9\u306b\u9001\u4fe1\u3059\u308b\u3053\u3068\u3067\u3001\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u653b\u6483\u304c\u6210\u529f\u3059\u308b\u3068\u3001\u653b\u6483\u8005\u306f\u57fa\u76e4\u3068\u306a\u308b\u30aa\u30da\u30ec\u30fc\u30c6\u30a3\u30f3\u30b0\u30b7\u30b9\u30c6\u30e0\u306b\u30d5\u30a1\u30a4\u30eb\u3092\u66f8\u304d\u8fbc\u3080\u3053\u3068\u304c\u3067\u304d\u3001\u5f8c\u3067\u305d\u308c\u3092\u4f7f\u7528\u3057\u3066root\u6a29\u9650\u306b\u6607...", "creation_timestamp": "2026-06-29T20:08:57.295680Z"}]}