THREE critical vulnerabilities have been identified: CVE-2026-58644 in Microsoft SharePoint, and two instances of CVE-2026-25089 affecting Fortinet FortiSandbox, which involve command injection risks. Notably, Red Hat has reported a critical flaw in Red Hat OpenShift AI, tracked as CVE-2026-15378, which scores 9.3 on the CVSS scale. This vulnerability allows remote attackers to execute a blind SSRF (Server-Side Request Forgery) that can read local files.
Although no active exploitation has been confirmed, the potential for attackers to access sensitive metadata and credentials makes this flaw urgent. Red Hat advises users to implement egress controls and apply patches as soon as they are released for their systems.