THE article discusses the detection of four critical vulnerabilities in cybersecurity: 1. CVE-2026-56155 (Microsoft Active Directory Federation Services): Insufficient access control. 2. CVE-2026-56164 (Microsoft SharePoint Server): Missing authentication for crucial functions. 3. CVE-2026-15409 (SonicWall SMA1000): Server-side request forgery. 4. CVE-2026-15410 (SonicWall SMA1000): Code injection.
The focus also shifts to RabbitMQ, which has patched two significant flaws allowing authentication bypass. One flaw allows a man-in-the-middle attack that forges OAuth2 tokens, while the other lets attackers present fake client certificates to bypass authentication. The vulnerabilities were scored 9.2 and 9.1 on the CVSS scale, indicating urgent attention is needed. RabbitMQ has no known attacks in the wild, but users are advised to update to patched versions and set valid CA bundles as interim measures.