ohio_k12_help_logo-xparent1-300x85
Login
ohio_k12_help_logo-xparent1-300x85
Login
Login

Cyber Security News

CIS Security Advisories

CIS Security News

CISA News

ISACA SmartBrief

RSS Cyber Security Advisories – MS-ISAC
  • Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution 2026-01-30
    Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile which could allow for remote code execution. Ivanti Endpoint Manager Mobile is a mobile management software engine that enables IT to set policies for mobile devices, applications and content. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the […]
  • Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Arbitrary Code Execution 2026-01-28
    Multiple vulnerabilities have been discovered in SolarWinds Web Help Desk, the most severe of which could allow for arbitrary code execution. SolarWinds Web Help Desk (WHD) is a web-based software that provides IT help desk and asset management functionality, allowing IT teams to manage service requests, track IT assets, and offer self-service options to end-users. […]
  • A Vulnerability in Microsoft Office Could Allow for Security Feature Bypass 2026-01-27
    A vulnerability has been discovered in Microsoft Office which could allow for a security feature bypass. Microsoft Office is a suite of applications designed to help with productivity and completing common tasks on a computer. You can create and edit documents containing text and images, work with data in spreadsheets and databases, and create presentations […]
  • A Vulnerability in Cisco Unified Communications Products Could Allow for Remote Code Execution 2026-01-21
    A vulnerability has been discovered in Cisco Unified Communications Products which could allow for remote code execution. Cisco Unified Communications (UC) Products are an integrated suite of IP-based hardware and software that combine voice, video, messaging, and data into a single platform. Successful exploitation of this vulnerability could allow for remote code execution as root, […]
  • Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2026-01-14
    Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe Bridge is a creative asset manager that lets you preview, organize, edit, and publish multiple creative assets quickly and easily.Adobe Dreamweaver is a web design integrated development environment (IDE) that is used to develop and design […]
  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2026-01-14
    Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; […]
  • Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution 2026-01-13
    Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. FortiSandbox is an advanced threat detection solution from Fortinet that uses sandboxing to analyze suspicious files and network traffic for advanced threats like zero-day malware and ransomware.FortiWeb is a web application firewall (WAF) that protects web applications […]
  • Critical Patches Issued for Microsoft Products, January 13, 2026 2026-01-13
    Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; […]
  • Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2026-01-13
    Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.Mozilla Thunderbird ESR is a version […]
  • A Vulnerability in WatchGuard Fireware OS Could Allow for Arbitrary Code Execution. 2025-12-23
    A vulnerability has been discovered in WatchGuard Fireware OS, which could allow for unauthenticated arbitrary code execution. WatchGuard Fireware is the proprietary operating system that powers WatchGuard's Firebox appliances. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on the system. 
RSS Blog Feed – Center for Internet Security
RSS All CISA Advisories
  • Hitachi Energy XMC20 2026-02-05
    View CSAF Summary Hitachi Energy is aware of a vulnerability that affects XMC20 product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. Note: This is […]
    CISA
  • Ilevia EVE X1 Server 2026-02-05
    View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary shell commands and the disclosure of sensitive system information. The following versions of Ilevia EVE X1 Server are affected: EVE X1
    CISA
  • CISA Adds Two Known Exploited Vulnerabilities to Catalog 2026-02-05
    CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-11953 React Native Community CLI OS Command Injection Vulnerability CVE-2026-24423 SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the […]
    CISA
  • o6 Automation GmbH Open62541 2026-02-05
    View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition and memory corruption. The following versions of o6 Automation GmbH Open62541 are affected: Open62541 >=1.5-rc1|=1.5-rc1|
    CISA
  • Hitachi Energy FOX61x 2026-02-05
    View CSAF Summary Hitachi Energy is aware of a vulnerability that affects FOX61x product versions listed in this document. Successful exploitation of this vulnerability can lead to forgery attacks potentially causing impact on confidentiality, integrity and availability for the product. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. Note: This is […]
    CISA
  • Mitsubishi Electric MELSEC iQ-R Series 2026-02-05
    View CSAF Summary Successful exploitation of this vulnerability may allow an attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause a denial-of-service condition on the affected product. The following versions of Mitsubishi Electric MELSEC iQ-R Series are affected: MELSEC iQ-R […]
    CISA
  • TP-Link Systems Inc. VIGI Series IP Camera 2026-02-05
    View CSAF Summary Successful exploitation of this vulnerability could result in unauthorized users gaining administrative access to affected closed circuit television cameras. The following versions of TP-Link Systems Inc. VIGI Series IP Camera are affected: VIGI Cx45 Series Models C345, C445
    CISA
  • CISA Adds Four Known Exploited Vulnerabilities to Catalog 2026-02-03
    CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2019-19006 Sangoma FreePBX Improper Authentication Vulnerability CVE-2021-39935 GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability CVE-2025-40551 SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability CVE-2025-64328 Sangoma FreePBX OS Command Injection Vulnerability  These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) […]
    CISA
  • Avation Light Engine Pro 2026-02-03
    View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to take full control of the device. The following versions of Avation Light Engine Pro are affected: Light Engine Pro vers:all/* (CVE-2026-1341) CVSS Vendor Equipment Vulnerabilities v3 9.8 Avation Avation Light Engine Pro Missing Authentication for Critical Function Background Critical Infrastructure Sectors: Commercial […]
    CISA
  • Mitsubishi Electric FREQSHIP-mini for Windows 2026-02-03
    View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to, modify, delete, or destroy information stored on the system where the affected product is installed, or cause a denial-of-service condition on the affected system. The following versions of Mitsubishi Electric FREQSHIP-mini for Windows are affected: FREQSHIP-mini for Windows […]
    CISA
RSS ISACA SmartBrief on Cybersecurity
Ohio Department of Education & Workforce
MS-ISAC
CIS-Logo
Management Council Logo