Emerging BETA · EXPERIMENTAL RSS ↗
Emerging is a BETA feed that watches a curated set of trusted security-news outlets and links what they report to the 629 products IsItPatched tracks — often ahead of full NVD enrichment. Every item is attributed to its source and links out; IsItPatched never asserts its own findings here. Right now it surfaces 120 machine-linked reports, 19 describing active exploitation.
⚠ Items are machine-linked third-party reporting and may be wrong. Each shows its source and links out — we never assert our own findings here. Treat low-confidence items as leads, and always verify against the source and the vendor advisory.
120
linked reports · last 45 days
19
describing active exploitation
74
CVEs referenced
See news about the software you run Add your products to My Stack and Emerging flags reporting that hits them — a violet node on the graph, “you run this” on the feed.
Open My Stack → Sign in free → Wednesday 17 June
Hackers Abuse Cloud Logging Services to Evade Detection and Defender’s Visibility
27-Year-Old OpenBSD Vulnerability Allows Attackers to Bypass PAP Authentication Entirely
Hackers Use Fake Software Update Prompts to Steal Passwords and Crypto Wallet Data From macOS Users
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
No items match.
Unlock the full newsroom — free 115 more linked reports, the live Connections graph, filters, and “you run this” flags on software in your stack.
Sign in free → or RSS ↗ Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities
CVE-2026-35433 .NET Elevation of Privilege Vulnerability
CVE-2026-47636 Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability
CVE-2026-42828 Windows Projected File System Elevation of Privilege Vulnerability
Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack
Microsoft working on Defender patch for RoguePlanet zero-day
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
Python dev saved from disaster by intuition... and AI
New Rokarolla Android malware targets 217 banking, crypto apps
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence
CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability
CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability
CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP
Rockwell Automation RSLinx
Rockwell Automation FLEX I/O EtherNet/IP Adapters
Rockwell Automation FactoryTalk Analytics PavilionX
CISA Adds One Known Exploited Vulnerability to Catalog
CISA warns of another cPanel plugin flaw exploited in attacks
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
CISA Adds Two Known Exploited Vulnerabilities to Catalog
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities (Severity: MEDIUM)
CVE-2026-0250 GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway (Severity: MEDIUM)
Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability
Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
ZDI-26-360: MATE Desktop Atril Document Viewer EPUB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-359: Samsung rlottie Numeric Truncation Remote Code Execution Vulnerability
ZDI-26-358: Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability
ZDI-26-357: Allegra exportReport Directory Traversal Information Disclosure Vulnerability
ZDI-26-356: Apache HTTP Server mod_proxy_ajp Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI (Severity: MEDIUM)
Bug Bounty Research Triggers ServiceNow Security Alert
CVE-2026-0271 Prisma Access Agent: Local Privilege Escalation by Authorized Users (Severity: MEDIUM)
CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI) (Severity: MEDIUM)
CVE-2026-0270 Cortex XSOAR: Path Traversal Vulnerability (Severity: MEDIUM)
CVE-2026-0267 GlobalProtect App: Information Exposure Vulnerability on macOS (Severity: MEDIUM)
CVE-2026-0269 PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing (Severity: MEDIUM)
CVE-2026-0268 Prisma Access Agent: Local Authenticated VPN Enforcement Bypass on Linux (Severity: MEDIUM)
CVE-2026-0274 Cortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integration (Severity: HIGH)
CVE-2026-0266 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface (Severity: LOW)
Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
Langflow Vulnerability CVE-2026-5027 Exploited for Unauthenticated RCE
CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry
ZDI-26-355: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-328: ASUS MyASUS Origin Validation Error Local Privilege Escalation Vulnerability
GitLab patch release notes
GitLab Patch Release: 19.0.2, 18.11.5, 18.10.8
SVD-2026-0610: Third-Party Package Updates in Splunk Enterprise - June 2026
SVD-2026-0609: Improper Access Control in Splunk Enterprise
SVD-2026-0608: Stored Cross-Site Scripting (XSS) through Classic Dashboard in Splunk Enterprise
SVD-2026-0607: Improper Input Validation through Classic Dashboard CSS in Splunk Enterprise
SVD-2026-0606: Improper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk Enterprise
SVD-2026-0605: Improper Input Validation through Classic Dashboards in Splunk Enterprise
SVD-2026-0604: Information Disclosure through External Content Restriction Bypass in Splunk Enterprise
SVD-2026-0603: Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
SVD-2026-0602: Server-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk Enterprise
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
CISA Adds Three Known Exploited Vulnerabilities to Catalog
ZDI-26-354: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-353: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-352: Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability
ZDI-26-351: Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-350: Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-26-349: Adobe Acrobat Pro DC Annots.api Use-After-Free Remote Code Execution Vulnerability
ZDI-26-348: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
ZDI-26-347: Adobe Acrobat Reader DC Multimedia Rendition Use-After-Free Remote Code Execution Vulnerability
ZDI-26-346: Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability
ZDI-26-345: Adobe Acrobat Reader DC Font Handling Use-After-Free Remote Code Execution Vulnerability
ZDI-26-344: Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)
Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer Enum
B&R PPT30 Operating System
NAVTOR NavBox
Cisco Webex Meetings Cross-Site Scripting Vulnerability
Linux Kernel vulnerability Dirty Frag
CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities (Severity: HIGH)
Zoom CISO: AI as a Security Enabler, Not Role-Replacer
CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities (Severity: MEDIUM)
CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)
CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation
Metasploit Wrap Up 05/29/2026
Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching (Severity: MEDIUM)
CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B) (Severity: MEDIUM)
CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability (Severity: MEDIUM)
CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface (Severity: MEDIUM)
CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing (Severity: HIGH)
Extending EOL/EOS Software Intelligence Across Containers, Kubernetes, and Modern Workloads
GitLab Patch Release: 18.9.8, 18.8.10, 18.7.7, 18.6.8, 18.5.7
GitLab Patch Release: 19.0.1, 18.11.4, 18.10.7
CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path
SVD-2026-0516: Third-Party Package Updates in Splunk Add-on for Tomcat App - May 2026
SVD-2026-0511: Third-Party Package Updates in Splunk AppDynamics Python Agent - May 2026
SVD-2026-0505: Third-Party Package Updates in Splunk Enterprise - May 2026
SVD-2026-0504: Denial of Service through coldToFrozen.sh Script in Splunk Enterprise
SVD-2026-0503: Sensitive Information Disclosure through Log Files in Splunk Enterprise
Cisco Catalyst SD-WAN Manager Vulnerabilities
Linux Kernel Vulnerability copy.fail - CVE-2026-31431
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
How this week’s reporting connects — 22 products, 43 CVEs and 15 sources. Lines are attributed links from the items above; positions are illustrative. Tap a node to open it. Violet = software in your stack.
In your stack Product CVE CVE (exploited) Source
Prefer the list? Switch back to . The graph is a visual aid; the timeline above carries every item with full attribution.
About this BETA
Emerging ingests only a hard-coded allow-list of trusted outlets — first-party vendor advisories (Microsoft MSRC, Cisco PSIRT, Fortinet, Palo Alto, Ivanti), security research (Google Project Zero, Rapid7, Qualys) and established reporting (CISA, Krebs on Security, BleepingComputer, The Hacker News, SecurityWeek, Dark Reading, The Register) — no open-web crawl, no social feeds, no user submissions. We store and show only a headline, the source, the time, an outbound link and (where available) a short own-words takeaway — never article text. Links between a report and a product or CVE are made by software and carry a confidence level; they can be wrong. This is an early experiment in linking breaking reporting to the software you actually run — tell us when we get a link wrong →.
Newest first · refreshes on every sync · sources retain all rights to their reporting. See our disclaimer.