Monitor: No confirmed active exploitation in configured sources

$ today-brief --date 2026-06-12

[VERDICT: GUARDED]

No review-now item passed evidence gates. Treat today as monitor/background unless new exploitation evidence arrives. Highest-scored item: Ukrainian national pleads guilty to role in Conti ransomware operation.

Monitor

These are notable but currently lack active-exploitation evidence in configured sources.

Ukrainian national pleads guilty to role in Conti ransomware operation — score 35 — exploit status none — flags: no_primary_source, no_exploitation_signal. Evidence: Ukrainian national pleads guilty to role in Conti ransomware operation.
phpBB forum fixes auth bypass bug lurking for a decade — score 33 — exploit status none — flags: no_primary_source, no_exploitation_signal. Evidence: phpBB forum fixes auth bypass bug lurking for a decade.
A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected… — score 25 — exploit status none — CVE CVE-2026-10187 — flags: no_exploitation_signal — KQL: MDE exposure: devices with CVE-2026-10187. Evidence: nvd.
Maine disables data breach notification portal after fake disclosures — score 25 — exploit status none — flags: no_primary_source, no_exploitation_signal. Evidence: Maine disables data breach notification portal after fake disclosures.
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit — score 25 — exploit status none — flags: no_primary_source, no_exploitation_signal. Evidence: Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit.

Background

A security vulnerability has been detected in code-projects Online Hospital M… — score 20 — exploit status none — CVE CVE-2026-10186 — flags: no_exploitation_signal — KQL: MDE exposure: devices with CVE-2026-10186. Evidence: nvd.
A weakness has been identified in SourceCodester Hospitals Patient Records Ma… — score 20 — exploit status none — CVE CVE-2026-10185 — flags: no_exploitation_signal — KQL: MDE exposure: devices with CVE-2026-10185. Evidence: nvd.
A security flaw has been discovered in SourceCodester Hospitals Patient Recor… — score 20 — exploit status none — CVE CVE-2026-10184 — flags: no_exploitation_signal — KQL: MDE exposure: devices with CVE-2026-10184. Evidence: nvd.
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataG… — score 20 — exploit status none — CVE CVE-2026-49490 — flags: no_exploitation_signal — KQL: MDE exposure: devices with CVE-2026-49490. Evidence: nvd.
OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDi… — score 20 — exploit status none — CVE CVE-2026-49489 — flags: no_exploitation_signal — KQL: MDE exposure: devices with CVE-2026-49489. Evidence: nvd.

← 2026-06-11: Review Now: Iranian-Affiliated Cyber Actors Exploit … 2026-06-13: Monitor: No confirmed active exploitation in configured … → $ history