CISA added Cisco Catalyst SD-WAN Manager CVE-2026-20245 to KEV on June 9, 2026. Patch SD-WAN Manager, review edge configuration changes, and protect management access.
CISA added Chrome CVE-2026-11645 to KEV on June 9, 2026. Patch Chrome and Chromium-based admin browsers, restart, verify versions, and review risky sessions.
HAProxy 3.4 is a new LTS branch with dynamic backends, OpenTelemetry, TLS updates, ACME improvements, and reliability changes. Plan upgrades safely.
Broadcom published VMSA-2026-0004 for VMware Cloud Foundation Operations and Aria Operations. Patch fixed versions, review admin roles, and verify management workflows.
CISA added LiteLLM CVE-2026-42271 to KEV on June 8, 2026. Patch AI gateways, restrict exposed proxy access, rotate keys where needed, and verify routes.
CISA added Check Point Security Gateway CVE-2026-50751 to KEV on June 8, 2026. Patch affected VPN gateways, review IKEv1 exposure, audit logs, and verify remote access.
Advanced Custom Fields: Extended CVE-2026-8809 affects versions through 0.9.2.5. Update to 0.9.2.6 or newer, then review WordPress admin users and public user forms.
Kirki CVE-2026-8206 affects versions 6.0.0 through 6.0.6 and is reportedly under active attack. Update to 6.0.7 or newer, then review WordPress admin accounts.
Meta Business Agent is rolling out for WhatsApp Business. Here is the WordPress and WooCommerce checklist for setup, eligibility, handoff rules, privacy, testing, and on-site chat.
WooCommerce 10.9 beta 1 is available now. Test checkout performance, email logging, product editor beta warnings, swatches, variation galleries, and extension compatibility on staging.
