Patch self-hosted LangGraph deployments for SQLite, msgpack, and Redis checkpointer flaws, then review checkpoint stores, secrets, network access, and AI workflows.
Patch WebinarIgnition CVE-2026-40797 by updating to 4.09.86 or newer, reviewing webinar registrations and users, clearing cache, and verifying webinar flows.
JoomSport versions through 5.7.7 are affected by recent unauthenticated SQL injection CVEs. Update WordPress sites to 5.7.8 or newer.
Ghost CMS CVE-2026-26980 is fixed in 6.19.1. Patch Ghost, rotate Admin API credentials, inspect content, and treat WAF coverage as temporary mitigation.
CISA now lists Drupal CVE-2026-9082 in KEV. Patch PostgreSQL-backed Drupal sites first, then update Symfony and Twig dependencies across supported Drupal 10 and 11 sites.
CVE-2026-2993 affects AIWU / AI Copilot – Content Generator through 1.4.17. Disable or remove it, review data, and rotate connected keys.
Update BetterDocs Pro to 3.7.1 or newer for CVE-2026-4348, then review public documentation sites and hosted WordPress accounts safely.
