The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them. I don’t vouch for any links in this list: follow them with caution.

CVE-2026-50656 NEW

• Severity: 7.8 HIGH
• Impacted Products: Microsoft Defender
• Description: Microsoft Defender is affected by a race condition vulnerability that allows an attacker to escalate privileges to SYSTEM level. This flaw enables the execution of arbitrary code or unauthorized actions on the affected Windows system.
• Remediation:
  • Microsoft Defender Elevation of Privilege Vulnerability
• More Info: NVD - CVE-2026-50656
• PoC:
  • https://github.com/0xBlackash/CVE-2026-50656

CVE-2026-47729 NEW

• Severity: 6.5 MEDIUM
• Impacted Products: Squid
• Description: Squid is affected by an out-of-bounds read vulnerability in its FTP gateway component that allows for the disclosure of sensitive information from unrelated transactions. This flaw occurs when a client accesses a malicious or misbehaving FTP server through the Squid gateway.
• Remediation:
  • oss-sec: Squid CVE-2026-47729 and CVE-2026-50012
  • [SECURITY] [DSA 6360-1] squid security update
  • SQUID-2026:4 Memory disclosure in FTP gateway · Advisory · squid-cache/squid · GitHub
• More Info: NVD - CVE-2026-47729
• PoC:
  • https://github.com/0xBlackash/CVE-2026-47729

CVE-2026-45447 NEW

• Severity: 9.8 CRITICAL
• Impacted Products: OpenSSL
• Description: OpenSSL is affected by a use-after-free vulnerability in its PKCS#7 verification logic that can lead to remote code execution. This occurs when processing specially crafted messages containing an empty ASN.1 SET in the digestAlgorithms field.
• Remediation:
  • Security Bulletin: Multiple Vulnerabilities in IBM Operator for PostgreSQL
  • [R2] Tenable Identity Exposure Version 3.93.5 Fixes Multiple Vulnerabilities - Security Advisory | Tenable®
  • OpenSSL Security Advisory [9th June 2026]
• More Info: NVD - CVE-2026-45447
• PoC:
  • https://github.com/HORKimhab/CVE-2026-45447
  • https://github.com/0xBlackash/CVE-2026-45447

CVE-2026-33017

• Severity: 9.8 CRITICAL
• Impacted Products: Langflow versions prior to 1.9.0
• Description: Langflow is affected by an unauthenticated remote code execution vulnerability in its public flow build endpoint. An attacker can exploit this by submitting a crafted HTTP POST request containing malicious Python code within node definitions.
• Remediation:
  • https://github.com/langflow-ai/langflow/commit/73b6612e3ef25fdae0a752d75b0fabd47328d4f0
• More Info: NVD - CVE-2026-33017
• PoC:
  • https://github.com/rootdirective-sec/CVE-2026-33017-Lab
  • https://github.com/z4yd3/PoC-CVE-2026-33017
  • https://github.com/advisories/GHSA-vwmf-pq79-vjvx

CVE-2026-20245

• Severity: 7.8 HIGH
• Impacted Products: Cisco Catalyst SD-WAN Manager
• Description: Cisco Catalyst SD-WAN Manager is affected by a command injection vulnerability in its command-line interface (CLI) that allows an authenticated, local attacker to execute arbitrary commands with root privileges. The issue stems from insufficient validation of user-supplied input when processing files uploaded to the system.
• Remediation:
  • Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability
  • Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
• More Info: NVD - CVE-2026-20245
• PoC:
  • https://github.com/fevar54/CVE-2026-20245---Cisco-SD-WAN-Privilege-Escalation-Exploit
  • https://github.com/0xBlackash/CVE-2026-20245
  • https://github.com/HORKimhab/CVE-2026-20245

CVE-2026-55200 NEW

• Severity: 8.1 HIGH
• Impacted Products: libssh2 1.11.1
• Description: libssh2 is affected by an out-of-bounds write vulnerability in the ssh2_transport_read() function that allows for remote code execution. This flaw exists due to a failure to enforce upper bounds on the packet_length field during SSH packet processing.
• Remediation:
  • oss-sec: libssh2: CVE-2026-55200 (critical), CVE-2025-15661 (high), CVE-2026-55199 (high)
  • [SECURITY] [DSA 6365-1] libssh2 security update
  • exploitarium/libssh2-cve-2026-55200-poc at main · bikini/exploitarium · GitHub
• More Info: NVD - CVE-2026-55200
• PoC:
  • https://github.com/0xBlackash/CVE-2026-55200

CVE-2026-53753 NEW

• Severity: 9.8 CRITICAL
• Impacted Products: unclecode crawl4ai < 0.4.247
• Description: unclecode crawl4ai is affected by an Abstract Syntax Tree (AST) sandbox escape vulnerability in versions prior to 0.4.247 that allows for remote code execution. This flaw exists because user-supplied strings in computed fields are passed to a vulnerable evaluation function with insufficient input validation.
• Remediation:
  • AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API · Advisory · unclecode/crawl4ai · GitHub
• More Info: NVD - CVE-2026-53753
• PoC:
  • https://github.com/unclecode/crawl4ai/security/advisories/GHSA-qxjp-w3pj-48m7
  • https://github.com/unclecode/crawl4ai/pull/1855

CVE-2026-46331 NEW

• Severity: 7.8 HIGH
• Impacted Products: Linux kernel
• Description: The Linux kernel is affected by an out-of-bounds write vulnerability in the traffic control packet editing (pedit) subsystem. This flaw allows a local attacker to corrupt page cache memory, potentially leading to privilege escalation or a system crash.
• Remediation:
  • Important: kernel security, bug fix, and enhancement update
  • Important: kernel security, bug fix, and enhancement update
  • Important: kernel-rt security, bug fix, and enhancement update
• More Info: NVD - CVE-2026-46331
• PoC:
  • https://github.com/0xBlackash/CVE-2026-46331
  • https://github.com/HORKimhab/CVE-2026-46331

CVE-2026-46243 NEW

• Severity: 7.1 HIGH
• Impacted Products: Linux Kernel, cifs-utils
• Description: The Linux Kernel and cifs-utils are affected by a local privilege escalation vulnerability where the cifs.upcall helper incorrectly trusts user-supplied key descriptions. An unprivileged attacker can exploit this flaw to execute arbitrary code with root privileges.
• Remediation:
  • Important: kernel security update
  • Important: kernel-rt security update
  • Important: kernel security update
• More Info: NVD - CVE-2026-46243
• PoC:
  • https://github.com/MrForkBomb/CIFSwitch-Checker-CVE-2026-46243

CVE-2026-45504 NEW

• Severity: 8.8 HIGH
• Impacted Products: Microsoft Exchange Server
• Description: Microsoft Exchange Server is affected by a Server-Side Request Forgery (SSRF) vulnerability that allows an authenticated attacker to escalate privileges and access unauthorized data. This flaw enables a user to gain access to other mailboxes or read arbitrary files from the server.
• Remediation:
  • Microsoft Exchange Server Elevation of Privilege Vulnerability
  • Microsoft KB 5094139
  • Microsoft KB 5094140
• More Info: NVD - CVE-2026-45504
• PoC:
  • https://github.com/hawktrace/CVE-2026-45504

CVE-2026-42530 NEW

• Severity: 8.1 HIGH
• Impacted Products: NGINX Open Source
• Description: NGINX Open Source is affected by a use-after-free vulnerability in the ngx_http_v3_module when configured to use the HTTP/3 QUIC module. A remote, unauthenticated attacker, along with conditions beyond their control, can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream, potentially leading to a denial of service or arbitrary code execution.
• Remediation:
  • RHSA-2026:20351 - Security Advisory - Red Hat Customer Portal
  • Out-of-band Security Notification (June 17, 2026)
  • NGINX ngx_http_v3_module vulnerability CVE-2026-42530
• More Info: NVD - CVE-2026-42530
• PoC:
  • https://github.com/v4ltonn/CVE-2026-42530
  • https://github.com/HORKimhab/CVE-2026-42530
  • https://github.com/0xBlackash/CVE-2026-42530

CVE-2020-1938

• Severity: 9.8 CRITICAL
• Impacted Products: Apache Tomcat
• Description: A vulnerability exists within the AJP Connector in Tomcat because the default configuration allows AJP connections to have higher trust and it is also enabled to listen on all configured IP addresses. Apache wrote that the risks were previously documented and they recommended steps to disable the Connector if it wasn’t required.
• Remediation:
  • 6153231
  • 6202740
  • 6208608
• More Info: NVD - CVE-2020-1938
• PoC:
  • https://github.com/duckpigdog/Tomcat-AJP-CVE-2020-1938
  • https://www.exploit-db.com/exploits/48143
  • https://www.exploit-db.com/exploits/49039

CVE-2026-8461 NEW

• Severity: 8.8 HIGH
• Impacted Products: FFmpeg
• Description: FFmpeg is affected by a heap out-of-bounds write vulnerability in the MagicYUV decoder within the libavcodec library, which can lead to remote code execution or denial of service. This flaw is triggered when the application processes specially crafted media files containing misaligned slice height parameters.
• Remediation:
  • [SECURITY] [DSA 6361-1] ffmpeg security update
  • #23159 - avcodec/magicyuv: reject slice_height misaligned with chroma vshift - FFmpeg/FFmpeg - FFmpeg Forgejo
• More Info: NVD - CVE-2026-8461
• PoC:
  • https://github.com/0xBlackash/CVE-2026-8461
  • https://github.com/anyanything/CVE-2026-8461-PoC
  • https://github.com/HORKimhab/CVE-2026-8461

CVE-2026-20182 NEW

• Severity: 10.0 CRITICAL
• Impacted Products: Cisco Catalyst SD-WAN Controller, Cisco Catalyst SD-WAN Manager
• Description: Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager are affected by an authentication bypass vulnerability in the peering authentication mechanism. This flaw allows a remote, unauthenticated attacker to gain administrative access and manipulate network configurations.
• Remediation:
  • Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
• More Info: NVD - CVE-2026-20182
• PoC:
  • https://github.com/HORKimhab/CVE-2026-20182
  • https://github.com/fangbarristerbar/CVE-2026-20182-POC
  • https://github.com/portbuster1337/CVE-2026-20182

CVE-2026-20127

• Severity: 10.0 CRITICAL
• Impacted Products: Cisco Catalyst SD-WAN Controller, Cisco Catalyst SD-WAN Manager
• Description: Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager are affected by an authentication bypass vulnerability in the peering authentication mechanism. This flaw allows an unauthenticated remote attacker to gain administrative privileges and manipulate network configurations by sending crafted requests to the system.
• Remediation:
  • Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
• More Info: NVD - CVE-2026-20127
• PoC:
  • https://github.com/Dimchuk/CVE-2026-20127-chain

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.