A public proof-of-concept has been released for a critical flaw in libssh2 (CVE-2026-55200), the client-side SSH library embedded in curl, Git, PHP, backup agents, firmware updaters, and countless appliances. A malicious or compromised SSH server can send a crafted packet that corrupts memory on the connecting client, with no credentials or user interaction needed, potentially leading to code execution. Rated 9.2, the bug affects all versions through 1.11.1. The fix was merged into the source on June 12, but no tagged release exists yet, so distributions are backporting it. The hardest part is that libssh2 is often statically bundled, so package updates miss those copies entirely.
Attackers are actively exploiting a critical flaw in PTC Windchill and FlexPLM, product lifecycle management software widely used across automotive, aerospace, defense, and manufacturing to store designs, engineering data, and intellectual property. The bug (CVE-2026-12569) is an unsafe deserialization issue that lets an unauthenticated attacker run code remotely by sending a crafted request. PTC patched it in mid-June, but has since reported heightened activity, with attackers deploying JSP web shells for command execution and data theft. CISA added it to its Known Exploited Vulnerabilities catalog, the first-ever PTC product to be listed, with a federal deadline of June 28. PTC has published indicators of compromise.
Wiz Research found a high-severity flaw in Amazon Q Developer, Amazon's AI coding assistant, that let a malicious code repository run commands and steal a developer's cloud credentials simply by being opened. The bug (CVE-2026-12957) lay in how Amazon Q handled Model Context Protocol servers: it read an MCP configuration file from the open workspace and automatically launched the servers it defined. Because those servers run as local processes that inherit the developer's full environment, a single config file committed to a repo could reach AWS keys, cloud tokens, API secrets, and SSH agent sockets, turning a git clone into a full compromise. Amazon has patched the issue and published an advisory.
Researchers disclosed closely related Linux kernel flaws in the traffic-control subsystem that let an unprivileged local user gain root, and working exploits appeared within a day of disclosure. The main bug, nicknamed pedit COW (CVE-2026-46331), is an out-of-bounds write in the packet-editing action that corrupts shared page-cache memory; a related variant tracked as DirtyClone (CVE-2026-43503) was demonstrated by JFrog. Rather than touching files on disk, the exploit poisons the cached copy of a setuid root program like /bin/su in memory and runs the altered version as root, so file-integrity checks still pass. Exploitation needs the act_pedit module loadable and unprivileged user namespaces enabled, both common defaults on RHEL and Debian.
The curl project shipped its largest-ever security release, version 8.21.0, fixing 18 vulnerabilities, among them a flaw that had gone unnoticed for 25 years. That bug (CVE-2026-8932) lets an application reuse an existing connection even after its client certificate or key changed, allowing an authentication bypass; it affects software built on the libcurl library rather than the command-line tool. Other fixes address credential confusion, memory-corruption bugs, and improper host validation. Most are rated medium or low, but libcurl is embedded in an enormous range of products, from IoT devices to CI/CD pipelines and cars, so the practical reach is large and easy to overlook.
CISA has confirmed active exploitation of four critical flaws in Ubiquiti UniFi OS and Lantronix EDS5000 devices, adding them to its Known Exploited Vulnerabilities catalog with a June 26 deadline for federal agencies. Three UniFi OS bugs (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910), each rated 10.0, can be chained for unauthenticated remote code execution and root; attackers were seen creating rogue admin accounts. The Lantronix flaw (CVE-2025-67038) is an unauthenticated root command injection in the EDS5000 serial console server. Ubiquiti patched UniFi OS Server in version 5.0.8, and Lantronix in firmware 2.2.0.0R1. Compromised network appliances let attackers pivot deep into internal networks.
Researchers at XM Cyber detailed a macOS technique that lets an attacker with only standard user privileges disable enterprise security tools and call privileged functions, with no admin credentials, kernel exploit, or alerts. It abuses how macOS caches an application's code signature: once cached, the system keeps trusting the app even after an attacker modifies its components, letting a normal user impersonate trusted code and reach privileged XPC services by injecting into interface files. The team showed it disabling CrowdStrike Falcon and Kandji's MDM agent. CrowdStrike and Kandji have fixed their products, with Kandji assigning CVE-2026-39118, but XM Cyber frames the root cause as a flaw in macOS itself.
A flaw in Cisco Unified Communications Manager, the system that runs enterprise phone and call infrastructure, is now being exploited in attacks. The bug (CVE-2026-20230) is a server-side request forgery that lets an unauthenticated attacker send a crafted HTTP request to write files onto the underlying system, which can then be used to escalate to root and fully take over the server. Cisco patched it on June 3 and rates it critical; public exploit code has been available since, and security firms now see active exploitation attempts. The flaw is only exploitable when the WebDialer service is enabled, which is not the default.
Researchers at LucidBit Labs detailed an eight-year-old use-after-free flaw in the kernel of Samsung's KNOX security framework that affected a huge range of Galaxy devices, from the Galaxy S9 to the S25, across A-series and both Exynos and Qualcomm models. The bug (CVE-2026-20971) sits in a race between two KNOX components that verify process integrity, and a malicious app could exploit it to corrupt kernel memory and potentially take full control of the device. Samsung quietly fixed it in its January 2026 security update. Exploitation requires local access and some user interaction, but a lost, borrowed, or stolen phone makes that realistic.
Researchers at Novee disclosed Cordyceps, a systemic class of weaknesses in CI/CD pipelines, especially GitHub Actions workflows, that lets an attacker with nothing more than a free account hijack a project's build and release process. The danger is not a single bug but how workflows chain together: an untrusted pull request or comment feeds a low-privilege workflow whose output flows into a higher-privilege one, ending in stolen credentials, poisoned artifacts, or malicious releases. A scan of 30,000 repositories found over 300 fully exploitable, with fixes confirmed by Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. Standard scanners miss it because they check files in isolation.