Citrix Zero-Day

Mandiant Exposes Ongoing Exploits Against Citrix Users Citrix Exploits

Mandiant Exposes Ongoing Exploits Against Citrix Users

Do Son November 2, 2023

Experts from the cybersecurity firm Mandiant have discerned an active exploitation of a vulnerability within Citrix’s NetScaler...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-48558CVSS 10.0
SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
Admin intelCISA KEV📅 Added to KEV: Jun 29, 2026📅 Updated: Jun 29, 2026
CVE-2026-46817CVSS 9.8
Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
Admin intel📅 Updated: Jun 29, 2026
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
Admin intel📅 Updated: Jun 25, 2026
CVE-2026-12569
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
CISA KEV📅 Added to KEV: Jun 25, 2026
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
CISA KEV📅 Added to KEV: Jun 23, 2026
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CISA KEV📅 Added to KEV: Jun 23, 2026
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CISA KEV📅 Added to KEV: Jun 23, 2026
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CISA KEV📅 Added to KEV: Jun 23, 2026