Microsoft publicó hoy su mayor actualización de seguridad hasta la fecha, y dos de las correcciones solucionan vulnerabilidades que los atacantes ya estaban explotando. La actualización cubre 622 vulnerabilidades propias de Microsoft, más del triple del máximo anterior de junio, que rondaba las 200.
Actualizaciones recientes de otras compañías
Otros proveedores que publicaron actualizaciones o avisos en mayo de 2026 incluyen:
Actualizaciones recientes de otras compañías
Otros proveedores que publicaron actualizaciones o avisos en mayo de 2026 incluyen:
- Adobe recently patched seven max-severity ColdFusion and Campaign flaws, including the ColdFusion flaw CVE-2026-48282, which was later exploited in attacks.
- BeyondTrust released security updates for two critical authentication bypass flaws in its Remote Support (RS) and Privileged Remote Access (PRA) software.
- Cisco released security updates for numerous products, including Cisco Identity Services Engine, Catalyst Center, and ClamAV. Cisco also confirmed that CVE-2026-20230, fixed in June, was actively exploited in attacks.
- Fortinet released security updates for numerous flaws in FortiOS, FortiSandbox, FortiPam, FortiSandbox, FortiSASE, and FortiProxy.
- Gitea released a security update for a critical auth bypass in the Gitea Docker image.
- Ivanti released security updates for two vulnerabilities in Ivanti Xtraction.
- Linux kernel maintainers released a patch for the Januscape vulnerability, a flaw that allows attackers to escape a virtual machine and execute arbitrary code on the host.
- NVIDIA released security updates for NVIDIA Triton Inference Server and NVIDIA TensorRT-LLM.
- Progress Software released security updates for a high-severity path traversal zero-day vulnerability that led to the emergency shutdown of ShareFile Storage Zone Controllers last week.
- Ubiquiti released security updates for vulnerabilities in UniFi OS, including a maximum-severity flaw that can be exploited in command injection attacks.
- U-Boot maintainers introduced patches to fix new flaws that could enable stealthy firmware attacks.
- SAP released the July security updates, which include fixes for four critical flaws in NetWeaver, Commerce Cloud, and AppRouter.
- VMware released security updates for VMware Avi Load Balancer, which include authentication bypasses and remote code execution flaws.
- Zimbra released security updates for a critical XSS vulnerability affecting the Classic Web Client in the Zimbra Collaboration suite.