← Back to Vulnerability Reports

Vulnerability Priority Report – Week 1 of June 2026

📅 June 1 – 7🟢 Live · updated 2026-06-0514 CVEs tracked this week

Analyst Guidance

Three verified CVEs dominated this week's reporting: one actively exploited Linux kernel vulnerability (CVE-2022-0492) now in CISA's Known Exploited Vulnerabilities catalog, one proof-of-concept released for Cisco Unified Communications Manager (CVE-2026-20230), and. Organizations should prioritize patching the Cisco SSRF flaw immediately given public PoC availability, and apply kernel security updates to mitigate the Linux privilege escalation.

CVE Details & Remediation

How to read this report
Verified facts — NVD & CISA KEV Partially verified — awaiting NVD enrichment AI analysis — synthesis, verify before acting
Actionable · Verified facts
NVD-published · CISA KEV cross-checked

🛡️CVE-2026-45247 – Mirasvit Full Page Cache Warmer ✓ NVD

CVSS9.8 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS6% · P91
ActionPatch immediately

Remediation Steps

  1. Contact the vendor for patch availability and deployment instructions
  2. Review CISA Known Exploited Vulnerabilities catalog entry for product-specific mitigations
  3. Assess exposure of affected systems in your environment
  4. Plan deployment within security change management procedures

References:

🛡️CVE-2026-39987 – Marimo ✓ NVD

CVSS9.8 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS81% · P99
ActionPatch immediately
AffectedTechnology

Remediation Steps

  1. Apply the vendor patch for Marimo immediately
  2. Audit internet-exposed Marimo notebook instances and restrict access to trusted networks
  3. Review access logs for unauthorized changes to notebooks or credential extraction
  4. Rotate all cloud credentials and API keys stored in or accessible via Marimo instances
  5. Implement network segmentation to isolate notebook environments from sensitive systems

References:

🛡️CVE-2026-48172 – Litespeedtech Litespeed Cpanel Plugin ✓ NVD

CVSS9.8 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS8% · P92
ActionPatch immediately

Remediation Steps

  1. Apply the latest security patch from LiteSpeed for the cPanel Plugin immediately
  2. Verify that only authorized cPanel users have access to affected systems
  3. Review system logs for evidence of exploitation or unauthorized script execution
  4. Restrict cPanel administrative access to trusted networks where feasible

References:

🛡️CVE-2026-9082 – Drupal Drupal ✓ NVD

CVSS9.8 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS8% · P92
ActionPatch immediately

Remediation Steps

  1. Update all supported Drupal Core versions to the latest patched release immediately
  2. Review database query logs for evidence of SQL injection attempts
  3. Ensure database user accounts are restricted to minimum required privileges
  4. Monitor for malicious activity on systems running affected Drupal versions

References:

🛡️CVE-2026-0257 – Paloaltonetworks Pan-Os ✓ NVD

CVSS9.1 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS46% · P98
ActionPatch immediately
AffectedGovernment Technology Finance Transportation

Remediation Steps

  1. Apply the vendor security update for Paloaltonetworks Pan-Os as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

References:

🛡️CVE-2025-8088 – Rarlab Winrar ✓ NVD

CVSS8.8 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS11% · P93
ActionPatch immediately
AffectedTechnology Government

Remediation Steps

  1. Apply the vendor security update for Rarlab Winrar as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

References:

🛡️CVE-2025-48595 – Google Android ✓ NVD

CVSS8.4 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS0% · P61
ActionPatch immediately
AffectedTechnology Government

Remediation Steps

  1. Apply the vendor security update for Google Android as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

References:

🛡️CVE-2022-0492 – Linux Kernel ✓ NVD

CVSS7.8 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS29% · P97
ActionPatch immediately
AffectedTechnology Government

Remediation Steps

  1. Apply the latest Linux kernel security updates from your distribution
  2. Prioritize systems exposed to untrusted local users
  3. Verify kernel version post-patch to confirm remediation
  4. Test in non-production environments before deploying to critical systems

References:

🛡️CVE-2024-21182 – Oracle Weblogic Server ✓ NVD

CVSS7.5 NVD 3.1
StatusActive Exploit
Exploitation In the wild In CISA KEV
EPSS90% · P100
ActionPatch immediately
AffectedTechnology Government

Remediation Steps

  1. Apply the vendor security update for Oracle Weblogic Server as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

References:

🛡️CVE-2026-8206 – WordPress Kirki Plugin ✓ NVD

CVSS9.8 NVD 3.1
StatusUnder Review
ExploitationNo exploitation reported
EPSS0% · P30
ActionPatch within 48 hours
AffectedTechnology Government

Remediation Steps

  1. Apply the vendor security update for WordPress Kirki Plugin as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

References:

🛡️CVE-2026-8732 – WP Maps Pro (WordPress plugin) ✓ NVD

CVSS9.8 NVD 3.1
StatusUnder Review
ExploitationNo exploitation reported
EPSS0% · P27
ActionPatch within 48 hours
AffectedTechnology Government

Remediation Steps

  1. Apply the vendor security update for WP Maps Pro (WordPress plugin) as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

References:

🛡️CVE-2026-41089 – Microsoft Windows Server 2012 ✓ NVD

CVSS9.8 NVD 3.1
StatusUnder Review
ExploitationNo exploitation reported
EPSS0% · P26
ActionPatch within 48 hours
AffectedTechnology Government

Remediation Steps

  1. Apply the vendor security update for Microsoft Windows Server 2012 as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

References:

🛡️CVE-2026-20230 – Cisco Unified Communications Manager ✓ NVD

CVSS8.6 NVD 3.1
StatusPoC Available
Exploitation PoC published
EPSS0% · P5
ActionPatch within 48 hours
AffectedTechnology

Remediation Steps

  1. Apply the vendor patch from Cisco PSIRT immediately
  2. Restrict network access to Unified Communications Manager to trusted internal networks only
  3. Monitor for authentication logs indicating unauthorized file write attempts
  4. Validate systems are running patched versions before re-enabling external access

References:

🛡️CVE-2026-23479 – Redis Redis ✓ NVD

CVSS8.8 NVD 3.1
StatusUnder Review
ExploitationNo exploitation reported
EPSS0% · P28
ActionPatch this week
AffectedTechnology Energy Government

Remediation Steps

  1. Apply the vendor security update for Redis as a priority.
  2. Restrict network exposure of the affected service to trusted sources until patched.
  3. Review logs and detections for indicators of exploitation.
  4. Confirm fixed versions against the official vendor advisory before deploying.

References:

🤖 This vulnerability report was compiled by defend.network using AI-powered analysis of vulnerability databases, vendor advisories, and threat intelligence feeds. Always verify remediation steps through official vendor channels before implementing changes in production environments.

Get Vulnerability Priority Updates

Subscribe free and stay on top of critical patches.