Patch Splunk Enterprise CVE-2026-20253 by upgrading to 10.2.4, 10.0.7, or a later fixed release, then verify search, forwarding, apps, and access controls.
CISA KEV now lists Oracle PeopleSoft CVE-2026-35273. Apply Oracle mitigation guidance, restrict HTTP exposure, review logs, and plan patch work.
Update Langflow after CVE-2026-5027, rebuild deployed containers, restrict exposed AI app servers, and review files, logs, secrets, and workflow access.
Patch Ivanti Sentry to R10.5.2, R10.6.2, or R10.7.1 after CISA KEV listing, then review exposed gateways, administrator accounts, logs, mobile traffic, and customer access.
Update UpdraftPlus free to 1.26.5+ or Premium to 2.26.5+, then verify backups, remote management, admin users, and restore points safely.
Track the public Microsoft Defender RoguePlanet zero-day report, keep June 2026 Windows updates and Defender updates current, and harden admin workstations safely.
Update Everest Forms to 3.4.8 or newer after CVE-2026-3296 and CVE-2026-5478, then review forms, uploads, users, and site files safely.
Microsoft published the June 2026 Security Updates on June 9. Plan Windows, Server, IIS, RDS, Hyper-V, domain controller, and admin workstation patching with verification.
CISA added Arista EOS CVE-2026-7473 to KEV on June 9, 2026. Patch affected EOS switches, review VXLAN/GRE decapsulation exposure, and verify fabric behavior.
CISA added Cisco Catalyst SD-WAN Manager CVE-2026-20245 to KEV on June 9, 2026. Patch SD-WAN Manager, review edge configuration changes, and protect management access.
