ohio_k12_help_logo-xparent1-300x85
Login
ohio_k12_help_logo-xparent1-300x85
Login
Login

Cyber Security News

CIS Security Advisories

CIS Security News

CISA News

ISACA SmartBrief

RSS Cyber Security Advisories – MS-ISAC
  • Multiple Vulnerabilities in Cisco Catalyst SD-WAN Products Could Allow for Authentication Bypass 2026-02-26
    Multiple vulnerabilities have been discovered in Cisco Catalyst SD-WAN products, the most severe of which could allow for authentication bypass. Cisco Catalyst SD-WAN (formerly Viptela) is a secure, cloud-delivered software-defined WAN architecture that optimizes application performance by intelligently routing traffic over any combination of transport links (MPLS, broadband, LTE). Successful exploitation of the most severe […]
  • A Vulnerability in Dell RecoverPoint for Virtual Machines Could Allow for Arbitrary Code Execution 2026-02-18
    A vulnerability has been discovered in Dell RecoverPoint for Virtual Machines which could allow for arbitrary code execution. Dell RecoverPoint for Virtual Machines is an enterprise-grade solution for VMware Virtual Machines (VMs) enabling local, remote, and concurrent local and remote replication with continuous cyber resilience for on premises recovery to any point-in time (PiT).Successful exploitation […]
  • A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 2026-02-18
    A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of the vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create […]
  • Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Authentication Bypass 2026-02-10
    Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager, the most severe of which could allow for authentication bypass. Ivanti Endpoint Manager is a client-based unified endpoint management software. Successful exploitation of the most severe of these vulnerabilities could a remote unauthenticated attacker to leak specific stored credential data.
  • Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution 2026-02-10
    Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution.FortiAuthenticator is a centralized identity and access management (IAM) solution that secures network access by managing user identities, Multi-Factor Authentication (MFA), and certificate management.FortiClientEMS is a centralized management platform for deploying, configuring, monitoring, and enforcing security policies […]
  • Critical Patches Issued for Microsoft Products, February 10, 2026 2026-02-10
    Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; […]
  • Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2026-02-10
    Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe After Effects is a digital effects, motion graphics, and compositing application.Adobe Audition is a comprehensive toolset that includes multitrack, waveform, and spectral display for creating, mixing, editing, and restoring audio content.Adobe Bridge is a creative asset […]
  • Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution 2026-01-30
    Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile which could allow for remote code execution. Ivanti Endpoint Manager Mobile is a mobile management software engine that enables IT to set policies for mobile devices, applications and content. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the […]
  • Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Arbitrary Code Execution 2026-01-28
    Multiple vulnerabilities have been discovered in SolarWinds Web Help Desk, the most severe of which could allow for arbitrary code execution. SolarWinds Web Help Desk (WHD) is a web-based software that provides IT help desk and asset management functionality, allowing IT teams to manage service requests, track IT assets, and offer self-service options to end-users. […]
  • A Vulnerability in Microsoft Office Could Allow for Security Feature Bypass 2026-01-27
    A vulnerability has been discovered in Microsoft Office which could allow for a security feature bypass. Microsoft Office is a suite of applications designed to help with productivity and completing common tasks on a computer. You can create and edit documents containing text and images, work with data in spreadsheets and databases, and create presentations […]
RSS Blog Feed – Center for Internet Security
RSS All CISA Advisories
  • Johnson Controls, Inc. Frick Controls Quantum HD 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities can lead to pre-authentication remote code execution, information leak or denial of service. The following versions of Johnson Controls, Inc. Frick Controls Quantum HD are affected: Frick Controls Quantum HD
    CISA
  • EV2GO ev2go.io 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to impersonate charging stations, hijack sessions, suppress or misroute legitimate traffic to cause large-scale denial of service, and manipulate data sent to the backend. The following versions of EV2GO ev2go.io are affected: ev2go.io vers:all/* (CVE-2026-24731, CVE-2026-25945, CVE-2026-20895, CVE-2026-22890) CVSS Vendor Equipment Vulnerabilities v3 9.4 […]
    CISA
  • SWITCH EV swtchenergy.com 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to impersonate charging stations, hijack sessions, suppress or misroute legitimate traffic to cause large-scale denial of service, and manipulate data sent to the backend. The following versions of SWITCH EV swtchenergy.com are affected: swtchenergy.com vers:all/* (CVE-2026-27767, CVE-2026-25113, CVE-2026-25778, CVE-2026-27773) CVSS Vendor Equipment Vulnerabilities v3 […]
    CISA
  • Mobility46 mobility46.se 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. The following versions of Mobility46 mobility46.se are affected: mobility46.se vers:all/* (CVE-2026-27028, CVE-2026-26305, CVE-2026-27647, CVE-2026-22878) CVSS Vendor Equipment Vulnerabilities v3 9.4 Mobility46 Mobility46 mobility46.se Missing Authentication for Critical Function, […]
    CISA
  • CloudCharge cloudcharge.se 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to impersonate charging stations, hijack sessions, suppress or misroute legitimate traffic to cause large-scale denial of service, and manipulate data sent to the backend. The following versions of CloudCharge cloudcharge.se are affected: cloudcharge.se vers:all/* (CVE-2026-20781, CVE-2026-25114, CVE-2026-27652, CVE-2026-20733) CVSS Vendor Equipment Vulnerabilities v3 9.4 […]
    CISA
  • EV Energy ev.energy 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. The following versions of EV Energy ev.energy are affected: ev.energy vers:all/* (CVE-2026-27772, CVE-2026-24445, CVE-2026-26290, CVE-2026-25774) CVSS Vendor Equipment Vulnerabilities v3 9.4 EV Energy EV Energy ev.energy Missing Authentication […]
    CISA
  • Copeland XWEB and XWEB Pro 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication, cause a denial-of-service condition, cause memory corruption, and execute arbitrary code. The following versions of Copeland XWEB and XWEB Pro are affected: XWEB 300D PRO
    CISA
  • Pelco, Inc. Sarix Pro 3 Series IP Cameras 2026-02-26
    View CSAF Summary Successful exploitation of this vulnerability could allow attackers to gain unauthorized access to sensitive device data, bypass surveillance controls, and expose facilities to privacy breaches, operational risks, and regulatory compliance issues. The following versions of Pelco, Inc. Sarix Pro 3 Series IP Cameras are affected: Sarix Professional IMP 3 Series
    CISA
  • Yokogawa CENTUM VP R6, R7 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to terminate the software stack process, cause a denial-of-service condition, or execute arbitrary code. The following versions of Yokogawa CENTUM VP R6, R7 are affected: Vnet/IP Interface Package for CENTUM VP R6 (VP6C3300)
    CISA
  • Chargemap chargemap.com 2026-02-26
    View CSAF Summary Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. The following versions of Chargemap chargemap.com are affected: chargemap.com vers:all/* (CVE-2026-25851, CVE-2026-20792, CVE-2026-25711, CVE-2026-20791) CVSS Vendor Equipment Vulnerabilities v3 9.4 Chargemap Chargemap chargemap.com Missing Authentication for Critical Function, […]
    CISA
RSS ISACA SmartBrief on Cybersecurity
Ohio Department of Education & Workforce
MS-ISAC
CIS-Logo
Management Council Logo