Skip to main content
FailleWeb — Your daily watch on web application security
FailleWeb Web security flaws, every day
CVE WordPress Frameworks Browsers Servers Best practices
Category · 7 articles

CVE

A catalogue of CVE vulnerabilities impacting web applications. Detailed analyses, CVSS scores, affected products, attack vectors and available fixes.

Cisco Unified CM: CVE-2026-20230 SSRF already exploited CVE
24 juin 2026 ·BleepingComputer · 4 min

Cisco Unified CM: CVE-2026-20230 SSRF already exploited

Cisco Unified CM fixes CVE-2026-20230, a high-severity SSRF flaw already being exploited that could expose internal services.

Read the article
PTC Windchill: critical RCE exploited, CISA mandates patching CVE
27 juin 2026 ·The Hacker News · 4 min

PTC Windchill: critical RCE exploited, CISA mandates patching

CISA is warning about a critical PTC Windchill RCE flaw already being exploited via web shells. Exposed servers must be patched without delay.

Read the article
FatFs: 7 flaws affect millions of embedded devices CVE
4 juillet 2026 ·The Hacker News · 5 min

FatFs: 7 flaws affect millions of embedded devices

Seven vulnerabilities in FatFs expose millions of embedded devices to memory corruption, crashes, and possible code execution.

Read the article
libssh2 CVE-2026-55200: Public PoC for a Critical Flaw CVE
29 juin 2026 ·The Hacker News · 4 min

libssh2 CVE-2026-55200: Public PoC for a Critical Flaw

A public PoC targets libssh2 via a malicious SSH server and can trigger client-side memory corruption. Update quickly.

Read the article
SharePoint: May RCE now actively exploited CVE
3 juillet 2026 ·BleepingComputer · 4 min

SharePoint: May RCE now actively exploited

CISA warns that a Microsoft SharePoint RCE flaw, patched in May, is now being actively exploited. Admins and CISOs should verify exposure and apply the patch.

Read the article
Oracle E-Business Suite: CVE-2026-46817 actively exploited CVE
30 juin 2026 ·The Hacker News · 4 min

Oracle E-Business Suite: CVE-2026-46817 actively exploited

Oracle E-Business Suite is targeted by CVE-2026-46817, a critical flaw actively exploited that could compromise the financial application.

Read the article
SharePoint CVE-2026-45659: Active RCE, CISA Sounds the Alarm CVE
2 juillet 2026 ·The Hacker News · 4 min

SharePoint CVE-2026-45659: Active RCE, CISA Sounds the Alarm

The RCE flaw CVE-2026-45659 in Microsoft SharePoint Server is now being actively exploited. Admins and CISOs must patch without delay.

Read the article