Live · Updated Daily

Vulnerability Priority Dashboard

A live vulnerability priority report, refreshed daily as new threats land – not a static weekly snapshot. The week’s top CVEs accumulate here, ranked by exploitation and CVSS. Filter by industry, see what to patch first, and follow step-by-step remediation advice.

Filter by industry
Week 3 of June 2026June 15 – 21

Latest Vulnerability Report

This week prioritizes three actively exploited vulnerabilities with confirmed KEV catalog status. CVE-2026-48907 (Joomla JCE) is maximum-severity and under active exploitation, with CISA enforcement deadline for federal agencies. Additionally, Microsoft's RoguePlanet Defender zero-day (CVE-2026-50656) is in patch development; patch availability status should be monitored closely.

11 critical9 high2 medium23 total tracked
11
critical
9
high
2
medium
23
total cves
📢 Analyst Guidance – Week 3 of June 2026
This week prioritizes three actively exploited vulnerabilities with confirmed KEV catalog status. CVE-2026-48907 (Joomla JCE) is maximum-severity and under active exploitation, with CISA enforcement deadline for federal agencies. Additionally, Microsoft's RoguePlanet Defender zero-day (CVE-2026-50656) is in patch development; patch availability status should be monitored closely.

Vulnerability Details & Remediation

Click any vulnerability to expand remediation steps.

CVECVSSExploitationEPSSAction
#1CVE-2026-10520Ivanti Sentry10 In the wild In CISA KEV60% · P99Patch immediately

🛠 Remediation Steps

  1. Apply the vendor security update from Ivanti
  2. Verify successful patch deployment across all affected systems
  3. Review authentication logs for suspicious activity

🔗 Official References

www.cisa.gov ↗github.com ↗hub.ivanti.com ↗
#2CVE-2026-35273Oracle PeopleSoft Enterprise PeopleTools9.8 In the wild In CISA KEV1% · P49Patch immediately

🛠 Remediation Steps

  1. Apply Oracle PeopleSoft Enterprise security patch
  2. Review Oracle security advisories for affected version guidance
  3. Prioritize patching systems accessible from external networks

🔗 Official References

www.oracle.com ↗www.cisa.gov ↗nvd.nist.gov ↗
#3CVE-2026-45247Mirasvit Full Page Cache Warmer9.8 In the wild In CISA KEV2% · P71Patch immediately

🛠 Remediation Steps

  1. Consult CISA Known Exploited Vulnerabilities catalog entry for full product and version details
  2. Apply vendor security patch
  3. Verify patch deployment across affected systems
  4. Review security logs for evidence of exploitation

🔗 Official References

www.imperva.com ↗www.vulncheck.com ↗sansec.io ↗
#4CVE-2026-48172LiteSpeed CPanel Plugin9.8 In the wild In CISA KEV1% · P65Patch immediately

🛠 Remediation Steps

  1. Apply the latest security patch from LiteSpeed for the cPanel Plugin immediately
  2. Verify that only authorized cPanel users have access to affected systems
  3. Review system logs for evidence of exploitation or unauthorized script execution
  4. Restrict cPanel administrative access to trusted networks where feasible

🔗 Official References

www.litespeedtech.com ↗www.litespeedtech.com ↗nvd.nist.gov ↗
#5CVE-2026-9082Drupal Core9.8 In the wild In CISA KEV34% · P98Patch immediately

🛠 Remediation Steps

  1. Update all supported Drupal Core versions to the latest patched release immediately
  2. Review database query logs for evidence of SQL injection attempts
  3. Ensure database user accounts are restricted to minimum required privileges
  4. Monitor for malicious activity on systems running affected Drupal versions

🔗 Official References

nvd.nist.gov ↗www.cisa.gov ↗
#6CVE-2026-50751Check Point Security Gateway9.3 In the wild In CISA KEV41% · P98Patch immediately

🛠 Remediation Steps

  1. Apply the vendor security update for Check Point Remote Access VPN / Mobile Access as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

support.checkpoint.com ↗blog.checkpoint.com ↗
TechnologyFinanceGovernmentDefense
#7CVE-2026-0257Palo Alto Networks PAN-OS9.1 In the wild In CISA KEV19% · P97Patch immediately

🛠 Remediation Steps

  1. Apply the vendor security update for Paloaltonetworks Pan-Os as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

security.paloaltonetworks.com ↗www.cisa.gov ↗
GovernmentTechnologyFinanceTransportation
#8CVE-2026-39813Fortinet Fortisandbox9.8 In the wild18% · P97Patch within 48 hours

🛠 Remediation Steps

  1. Apply the vendor security update for Fortinet Fortisandbox as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

fortiguard.fortinet.com ↗
FinanceTechnology
#9CVE-2026-39808Fortinet Fortisandbox9.8 In the wild66% · P99Patch within 48 hours

🛠 Remediation Steps

  1. Apply the vendor security update for Fortinet Fortisandbox as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

fortiguard.fortinet.com ↗github.com ↗
FinanceTechnology
#10CVE-2026-25089Fortinet FortiSandbox9.8 In the wild3% · P84Patch within 48 hours

🛠 Remediation Steps

  1. Apply the vendor security update for Fortinet FortiSandbox as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

fortiguard.fortinet.com ↗
FinanceTechnology
#11CVE-2026-42271BerriAI LiteLLM8.8 In the wild In CISA KEV54% · P99Patch immediately

🛠 Remediation Steps

  1. Check CISA's Known Exploited Vulnerabilities catalog for product-specific guidance
  2. Contact vendor for available security patches
  3. Apply patch or implement recommended mitigations from vendor advisory
  4. Verify patch installation and monitor for indicators of active exploitation

🔗 Official References

www.cisa.gov ↗github.com ↗github.com ↗
#12CVE-2026-11645Google Chromium V88.8 In the wild In CISA KEV1% · P49Patch immediately

🛠 Remediation Steps

  1. Update Google Chrome to version 149.0.7827.103 or later
  2. Enable automatic updates to receive future security patches promptly
  3. Check for and remove any suspicious browser extensions
  4. Clear browser cache and temporary files after patching

🔗 Official References

www.cisa.gov ↗issues.chromium.org ↗chromereleases.googleblog.com ↗
#13CVE-2026-54420LiteSpeed CPanel Plugin8.5 In the wild In CISA KEV1% · P46Patch immediately

🛠 Remediation Steps

  1. Apply the patch for the LiteSpeed cPanel user-end plugin to all cPanel servers
  2. Test patched plugin functionality in a staging environment before production deployment
  3. Review server logs for evidence of exploitation attempts
  4. Notify hosting customers of patch deployment timeline

🔗 Official References

www.cisa.gov ↗www.litespeedtech.com ↗blog.litespeedtech.com ↗
#14CVE-2025-48595Android Framework8.4 In the wild In CISA KEV<1% · P5Patch immediately

🛠 Remediation Steps

  1. Apply the vendor security update for Google Android as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

source.android.com ↗www.cisa.gov ↗
TechnologyGovernment
#15CVE-2026-20245Cisco Catalyst SD-WAN Manager7.8 In the wild In CISA KEV1% · P57Patch immediately

🛠 Remediation Steps

  1. Apply the vendor security update for Cisco as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

sec.cloudapps.cisco.com ↗sec.cloudapps.cisco.com ↗
TechnologyDefense
#16CVE-2022-0492Linux Kernel7.8 In the wild In CISA KEV5% · P92Patch immediately

🛠 Remediation Steps

  1. Identify Linux systems running vulnerable kernel versions
  2. Apply the latest stable kernel update from your distribution's repository
  3. Reboot systems to activate patched kernel
  4. Verify kernel version post-reboot using 'uname -r'
  5. Prioritize kernel patching for systems exposed to untrusted local users or containers

🔗 Official References

git.kernel.org ↗bugzilla.redhat.com ↗www.cisa.gov ↗
TechnologyGovernmentEnergy
#17CVE-2026-28318SolarWinds Serv-U7.5 In the wild In CISA KEV1% · P60Patch immediately

🛠 Remediation Steps

  1. Check CISA's Known Exploited Vulnerabilities catalog for product-specific guidance
  2. Contact vendor for available security patches
  3. Apply patch or implement recommended mitigations from vendor advisory
  4. Verify patch installation and monitor for indicators of active exploitation

🔗 Official References

www.cisa.gov ↗documentation.solarwinds.com ↗www.solarwinds.com ↗
#18CVE-2024-21182Oracle WebLogic Server7.5 In the wild In CISA KEV48% · P99Patch immediately

🛠 Remediation Steps

  1. Apply the vendor security update for Oracle Weblogic Server as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

www.oracle.com ↗www.oracle.com ↗
TechnologyGovernment
#19CVE-2026-20262Cisco Catalyst SD-WAN Manager6.5 In the wild In CISA KEV1% · P63Patch immediately

🛠 Remediation Steps

  1. Apply the vendor security patch for Cisco Catalyst SD-WAN Manager
  2. Verify patch deployment across all SD-WAN Manager instances
  3. Monitor for suspicious authentication activity post-patch

🔗 Official References

www.cisa.gov ↗sec.cloudapps.cisco.com ↗www.cisa.gov ↗
#20CVE-2026-7473Arista Extensible Operating System5.8 In the wild In CISA KEV<1% · P29Patch immediately

🛠 Remediation Steps

  1. Apply the vendor security update from Arista
  2. Review network device access logs for unauthorized activity
  3. Restrict management access to network devices from trusted administrative networks

🔗 Official References

www.cisa.gov ↗www.arista.com ↗www.arista.com ↗
#21CVE-2026-48907Widget Factory Joomla Content Editor0 In the wild In CISA KEV5% · P91Patch immediately

🛠 Remediation Steps

  1. Apply security patch from Widget Factory/Joomla vendor immediately
  2. Disable the JCE plugin if patch is not immediately available
  3. Review access logs for evidence of exploitation attempts

🔗 Official References

www.joomlacontenteditor.net ↗www.joomlacontenteditor.net ↗www.cisa.gov ↗
#22CVE-2026-20253Splunk Enterprise9.8No exploitation reported2% · P75Patch within 48 hours

🛠 Remediation Steps

  1. Apply the vendor security update for Splunk Enterprise as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

🔗 Official References

advisory.splunk.com ↗
TechnologyFinance
#23CVE-2026-50656Microsoft Malware Protection Engine7.8No exploitation reported<1% · P30Patch this week

🛠 Remediation Steps

  1. Monitor Microsoft Security Updates and advisories for RoguePlanet patch release
  2. Plan immediate deployment upon patch availability
  3. Ensure Microsoft Defender update mechanisms are functioning on all endpoints
  4. Test patch in non-production environment before broad deployment if possible

🔗 Official References

github.com ↗msrc.microsoft.com ↗nvd.nist.gov ↗
🤖 Vulnerability data and remediation guidance are AI-generated from NVD, CISA KEV, and vendor advisories. Always verify remediation steps through official vendor documentation before applying changes to production systems.

Need this data programmatically? Every tracked CVE is available as a free JSON data feed – updated daily, no key required, CC BY 4.0.

Previous Reports

June 8 – 14

Week 2 of June 2026

Organizations should prioritize patching these vulnerabilities immediately — several are actively exploited in the wild and confirmed in CISA's KEV ca...

10 critical, 10 high
June 1 – 7

Week 1 of June 2026

Three verified CVEs dominated this week's reporting: one actively exploited Linux kernel vulnerability (CVE-2022-0492) now in CISA's Known Exploited V...

8 critical, 6 high
May 25 – 31

Week 22 of May 2026

This week's verified threat landscape is dominated by three actively exploited vulnerabilities affecting web platforms and infrastructure. CVE-2026-48...

3 critical, 0 high
May 18 – 24

Week 3 of May 2026

This week presents an exceptionally high-risk threat landscape with multiple critical vulnerabilities under active exploitation across infrastructure,...

0 critical, 2 high
May 11 – 17

Week 2 of May 2026

This week marks a significant surge in actively exploited vulnerabilities, with three critical flaws requiring immediate patching across IT infrastruc...

2 critical, 2 high
May 4 – 10

Week 1 of May 2026

This week presents an exceptionally high-risk threat landscape dominated by active exploitation campaigns and critical infrastructure vulnerabilities....

0 critical, 0 high
April 27 – May 3

Week 4 of April 2026

This week presents elevated risk from actively exploited vulnerabilities across network infrastructure, IoT devices, and enterprise software. Immediat...

3 critical, 7 high
April 20 – 26

Week 3 of April 2026

This week presents elevated risk across OT/ICS sectors with multiple critical RCE vulnerabilities in industrial control systems and emerging threats t...

5 critical, 8 high
April 13 – 19

Week 2 of April 2026

This week presents an elevated threat landscape dominated by actively exploited critical vulnerabilities in both IT and OT environments. Iranian-affil...

0 critical, 0 high
April 6 – 12

Week 1 of April 2026

This week presents elevated risk with five critical vulnerabilities actively exploited in the wild, including FortiClient EMS and video conferencing s...

0 critical, 0 high
March 30 – April 5

Week 5 of March 2026

This week reflects sustained critical threats across OT/ICS and enterprise systems with multiple actively exploited vulnerabilities. F5 BIG-IP APM (CV...

0 critical, 0 high
March 14–20

Week 3 of March 2026

This week demands immediate attention. Two actively exploited vulnerabilities (VMware ESXi and FortiOS) require emergency patching. Organizations usin...

0 critical, 0 high

Browse the full weekly report archive →

Need a vulnerability scanner? Compare Tenable, Qualys, Rapid7, OpenVAS & more →

Get Vulnerability Alerts

Subscribe for vulnerability priority updates and critical CVE alerts.

Data synthesized from publicly available vendor documentation, MITRE Engenuity ATT&CK Evaluations, AV-TEST, Gartner Peer Insights, G2/Capterra/TrustRadius, and anonymized transaction data (Vendr, CostBench). Read methodology →