THE latest cybersecurity report highlights an active exploit related to CVE-2026-28318, affecting SolarWinds Serv-U by causing uncontrolled resource consumption. Between June 1 and June 7, 2026, security teams identified 1,701 new vulnerabilities, emphasizing the urgent need for software patches. The CISA added five critical flaws to their catalog, including serious vulnerabilities in legacy systems and modern applications like Oracle WebLogic Server and the Linux kernel.
Additionally, new zero-day threats were identified in plugins such as Kirki for WordPress and Cisco Catalyst SD-WAN Manager. The report also noted 127 critical vulnerabilities, some scoring CVSS 10.0, urging network defenders to prioritize identity verification and aggressive patching.