Vulnerability Summary for the Week of June 8, 2026

2026-06-15 17:06

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source Info
AdguardTeam–AdGuardHome	AdGuard Home, when started with the –glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path construction within the authglinet middleware. Attackers can craft a request with a traversal payload in the Admin-Token header to redirect file reads to arbitrary paths.	2026-06-08	9.4	CVE-2026-41448
Adobe–Acrobat Reader	Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2026-06-09	7.8	CVE-2026-47911
Adobe–Acrobat Reader	Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2026-06-09	7.8	CVE-2026-47912
Adobe–Acrobat Reader	Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2026-06-09	7.8	CVE-2026-47913
Adobe–Acrobat Reader	Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2026-06-09	7.8	CVE-2026-47914
Adobe–Acrobat Reader	Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2026-06-09	7.8	CVE-2026-47915
Adobe–Acrobat Reader	Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2026-06-09	7.8	CVE-2026-47916
Adobe–Acrobat Reader	Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.	2026-06-09	7.8	CVE-2026-47917
Adobe–Acrobat Reader	Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the curre […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Bulletins Read the original article: Vulnerability Summary for the Week of June 8, 2026 Share this: Facebook X LinkedIn Like this: Like Loading… Related Tags: Bulletins EN Post navigation ← Delinea and Cyera integrate for data-aware identity security Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer → Search for: Pages Advertising Contact Legal and Contact information Opt-out preferences Privacy Policy Social Media Telegram Channel Recent Posts The NCSC Patch Wave Is Coming. Do You Know Where Your Risk Lives? June 15, 2026 Critical Microsoft 365 Copilot Vulnerability Allows Attackers to Steal Data in One Click June 15, 2026 Anthropic Updated Privacy Policy to Include Identity Verification for Claude Users June 15, 2026 SHADOWBYT3$ Allegedly Claim Breach of Nintendo, Stealing Sensitive Data June 15, 2026 DPAPISnoop Tool Extracts CREDHIST Hashes for Offline Windows Credential Recovery June 15, 2026 Microsoft Site Showing Warning Following Certificate Expiry June 15, 2026 Feds snooze as US datacenter law set to lapse with no replacement in site June 15, 2026 Ransomware Revenues Climb as Criminal Networks Expand and Adapt like unwanted vines June 15, 2026 Hackers Steal Encrypted Password Vaults in Dashlane Attack June 15, 2026 Hackers Exploit Fake Claude Code Installers and Install Malware June 15, 2026 WeedHack Malware Infects Over 116,000 Minecraft Players Through Fake Mods and Cheats June 15, 2026 Attackers Hijack Popular WordPress Plugins to Deploy Backdoors June 15, 2026 Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited June 15, 2026 Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks June 15, 2026 Microsoft site throwing warnings after someone forgot to renew cert June 15, 2026 China-linked spies backdoored authentication stack to stay hidden for years June 15, 2026 One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes June 15, 2026 Cybersecurity experts blast US government for restricting Anthropic’s AI models June 15, 2026 China-nexus group linked to multiyear campaign targeting US, Canadian medical research June 15, 2026 IT Security News Hourly Summary 2026-06-15 18h : 5 posts June 15, 2026 Copyright © 2026 IT Security News. All Rights Reserved. The Magazine Basic Theme by bavotasan.com. Manage Consent To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions. Functional Functional Always active The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network. Preferences Preferences The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user. Statistics Statistics The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you. Marketing Marketing The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes. Manage options Manage services Manage {vendor_count} vendors Read more about these purposes View preferences {title} {title} {title}