MITRE ATT&CK Mapping

Cisco Advisories Vulnerability Disclosure Cisco May 14

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN C...

T1556

Cisco Advisories →

Rapid7 Blog CVE Cisco Rapid7 May 14

CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)

Overview While researching a critical authentication bypass vulnerability, CVE-2026-20127, which was exploited in-the-wild, Rapid7 Labs discovered a new auth...

T1556 2 IOCs

Rapid7 Blog →

GBHackers CVE WordPress May 14

Critical WordPress Plugin Flaw Allows Unauthorized Access to Websites

A critical vulnerability in a widely used WordPress plugin has exposed more than 200,000 websites to potential takeover, raising urgent concerns across the s...

T1556 1 IOC

GBHackers →

CISA Advisories CVE Cisco May 14

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20182 Cisco Cat...

T1556 1 IOC

CISA Advisories →

The Hacker News CVE May 14

PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure

Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration fra...

T1556 1 IOC

The Hacker News →

CSO Online Vulnerability Disclosure GitHub May 14

PraisonAI vulnerability gets scanned within 4 hours of disclosure

A newly disclosed authentication bypass flaw in the open-source AI orchestration framework PraisonAI was probed by internet scanners less than four hours aft...

T1556

CSO Online →

SecurityWeek Vulnerability Disclosure May 14

Hackers Targeted PraisonAI Vulnerability Hours After Disclosure

The first exploitation attempts were observed less than four hours after the authentication bypass was publicly disclosed. The post Hackers Targeted PraisonA...

T1556

SecurityWeek →

Exploit Database General May 14

[webapps] ePati Antikor NGFW 2.0.1301 - Authentication Bypass

ePati Antikor NGFW 2.0.

T1556

Exploit Database →

Wordfence Blog Vulnerability Disclosure Intel WordPress May 13

200,000 WordPress Sites at Risk from Critical Authentication Bypass Vulnerability in Burst Statistics Plugin

On May 8, 2026, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, discovered a critical Authentication Bypass vulnerability ...

T1556

Wordfence Blog →

The Hacker News CVE May 11

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager...

T1556 1 IOC

The Hacker News →

GBHackers CVE May 11

cPanel and WHM Servers Targeted in Attacks Exploiting CVE-2026-41940

A critical authentication bypass vulnerability affecting cPanel and WHM servers, identified as CVE-2026-41940, is currently under active exploitation by a hi...

T1556 1 IOC

GBHackers →

Cisco Advisories Advisory Cisco May 6

Cisco Identity Services Engine Authentication Bypass Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to bypass authorization mechanisms or examine error messages t...

T1556

Cisco Advisories →

The Hacker News General Amazon May 4

Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass

Progress Software has released updates to address two security flaws in MOVEit Automation, including a critical bug that could result in an authentication by...

T1556

The Hacker News →

CISA Advisories Vulnerability Disclosure Apr 30

ABB Edgenius Management Portal

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the system node allowing the a...

T1556 2 IOCs

CISA Advisories →

Exploit Database Vulnerability Disclosure Apr 30

[webapps] FUXA 1.2.8 - Authentication Bypass + RCE Exploit

FUXA 1.2.

T1190 T1556

Exploit Database →

Rapid7 Blog CVE Apr 29

CVE-2026-41940: cPanel & WHM Authentication Bypass

Overview On April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products. In the cPanel...

T1556 1 IOC

Rapid7 Blog →

Zero Day Initiative CVE Apr 27

ZDI-26-300: Flowise AccountService resetPassword Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Flowise. Authentication is not required to exploit this vuln...

T1556 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 23

ZDI-26-298: Siemens SINEC NMS Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Siemens SINEC NMS. Authentication is not required to exploit...

T1556 1 IOC

Zero Day Initiative →

Cisco Advisories Vulnerability Disclosure Cisco Apr 16

Cisco Secure Web Appliance Authentication Bypass Vulnerability

A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacke...

T1556

Cisco Advisories →

Infosecurity Magazine CVE F5 Apr 15

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

Critical nginx-ui MCP authentication bypass CVE-2026-33032 actively exploited with CVSS 9.

T1556 1 IOC

Infosecurity Magazine →