Patch Splunk Enterprise CVE-2026-20253 by upgrading to 10.2.4, 10.0.7, or a later fixed release, then verify search, forwarding, apps, and access controls.
CISA KEV now lists Oracle PeopleSoft CVE-2026-35273. Apply Oracle mitigation guidance, restrict HTTP exposure, review logs, and plan patch work.
Update Langflow after CVE-2026-5027, rebuild deployed containers, restrict exposed AI app servers, and review files, logs, secrets, and workflow access.
Patch Ivanti Sentry to R10.5.2, R10.6.2, or R10.7.1 after CISA KEV listing, then review exposed gateways, administrator accounts, logs, mobile traffic, and customer access.
CISA added Arista EOS CVE-2026-7473 to KEV on June 9, 2026. Patch affected EOS switches, review VXLAN/GRE decapsulation exposure, and verify fabric behavior.
CISA added Cisco Catalyst SD-WAN Manager CVE-2026-20245 to KEV on June 9, 2026. Patch SD-WAN Manager, review edge configuration changes, and protect management access.
CISA added Chrome CVE-2026-11645 to KEV on June 9, 2026. Patch Chrome and Chromium-based admin browsers, restart, verify versions, and review risky sessions.
HAProxy 3.4 is a new LTS branch with dynamic backends, OpenTelemetry, TLS updates, ACME improvements, and reliability changes. Plan upgrades safely.
Broadcom published VMSA-2026-0004 for VMware Cloud Foundation Operations and Aria Operations. Patch fixed versions, review admin roles, and verify management workflows.
CISA added LiteLLM CVE-2026-42271 to KEV on June 8, 2026. Patch AI gateways, restrict exposed proxy access, rotate keys where needed, and verify routes.
