CISA KEV · Refreshed daily

CVE Intelligence

Actively exploited vulnerabilities from CISA's Known Exploited Vulnerabilities catalog — with IT Intel's analysis of real-world impact and specific remediation steps.

Updated June 22, 2026

Critical

CVE-2026-20253Splunk · Splunk Enterprise

Patch Splunk Enterprise now

A missing authentication vulnerability in Splunk Enterprise's PostgreSQL sidecar service endpoint could allow unauthenticated users to create or truncate arbitrary files. This vulnerability is particularly concerning due to its potential for exploitation by attackers. Organizations should take immediate action to protect their systems.

High

CVE-2026-48907Widget Factory · Joomla Content Editor

Update Joomla Content Editor immediately

An improper access control vulnerability in the Widget Factory Joomla Content Editor allows unauthenticated users to upload and execute PHP code. This vulnerability poses a significant risk to organizations using the affected editor. Immediate action is necessary to prevent potential attacks.

Medium

CVE-2026-54420LiteSpeed · cPanel Plugin

Mitigate LiteSpeed cPanel Plugin vulnerability

A UNIX symbolic link following vulnerability in the LiteSpeed cPanel plugin could allow users with FTP or web shell access to exploit the vulnerability. Although the attack vector is somewhat limited, organizations should still take steps to mitigate the vulnerability.

High

CVE-2026-20262Cisco · Catalyst SD-WAN Manager

Patch Cisco Catalyst SD-WAN Manager now

A directory or path traversal vulnerability in the Cisco Catalyst SD-WAN Manager allows authenticated, remote attackers to create or overwrite files on the affected system. This vulnerability poses a significant risk to organizations using the affected manager.

Critical

CVE-2026-35273Oracle · PeopleSoft Enterprise PeopleToolsRansomware

Update Oracle PeopleSoft Enterprise PeopleTools

A missing authentication for critical function vulnerability in Oracle PeopleSoft Enterprise PeopleTools could allow unauthenticated attackers to take over the affected system. This vulnerability is particularly concerning due to its potential for exploitation by attackers.

Critical

CVE-2026-10520Ivanti · Sentry

Patch Ivanti Sentry immediately

An OS command injection vulnerability in Ivanti Sentry could allow remote, unauthenticated users to achieve root-level remote code execution. This vulnerability poses an extremely high risk to organizations using the affected appliance.

High

CVE-2026-11645Google · Chromium V8

Update Google Chromium V8

An out-of-bounds read and write vulnerability in Google Chromium V8 could allow remote attackers to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability affects multiple web browsers that utilize Chromium.

Medium

CVE-2026-7473Arista · Extensible Operating System

Mitigate Arista Extensible Operating System vulnerability

An incomplete comparison with missing factors vulnerability in the Arista Extensible Operating System could allow attackers to exploit the vulnerability when the switch incorrectly decapsulates and forwards unexpected tunneled packets.