$ today-brief --date 2026-06-14
[VERDICT: GUARDED]

No review-now item passed evidence gates. Treat today as monitor/background unless new exploitation evidence arrives. Highest-scored item: A bug in the login redirect route in Apache Airflow allowed authenticated use….

Background

  • A bug in the login redirect route in Apache Airflow allowed authenticated use… β€” score 15 β€” exploit status none β€” CVE CVE-2026-40961 β€” flags: no_exploitation_signal β€” KQL: MDE exposure: devices with CVE-2026-40961. Evidence: nvd.

  • SOPlanning does not enforce authorization for backup functionalities.Β An unau… β€” score 15 β€” exploit status none β€” CVE CVE-2026-40543 β€” flags: no_exploitation_signal β€” KQL: MDE exposure: devices with CVE-2026-40543. Evidence: nvd.

  • Privilege chaining issue exists in ServerView Agents for Windows V11.60.04 an… β€” score 15 β€” exploit status none β€” CVE CVE-2026-32325 β€” flags: no_exploitation_signal β€” KQL: MDE exposure: devices with CVE-2026-32325. Evidence: nvd.

  • Incorrect permission assignment for critical resource issue exists in ServerV… β€” score 15 β€” exploit status none β€” CVE CVE-2026-27788 β€” flags: no_exploitation_signal β€” KQL: MDE exposure: devices with CVE-2026-27788. Evidence: nvd.

  • A flaw was found in Clair. The fetcher component makes outbound HTTP requests… β€” score 15 β€” exploit status none β€” CVE CVE-2026-10517 β€” flags: no_exploitation_signal β€” KQL: MDE exposure: devices with CVE-2026-10517. Evidence: nvd.

← 2026-06-13: Monitor: No confirmed active exploitation in configured … 2026-06-15: Monitor: No confirmed active exploitation in configured … β†’ $ history