SecurityWeek

Cisco Warns of Available PoC for Critical Unified CM Vulnerability

Cisco warns of public PoC targeting CVE-2026-20230, a high-severity SSRF vulnerability in Unified CM and Unified CM SME.
Bleeping Computer

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...
Tech Times

Cisco Unified CM SSRF Flaw CVE-2026-20230: Public Exploit Code Opens Path to Root

Cisco Unified Communications Manager vulnerability CVE-2026-20230 allows unauthenticated attackers to gain root access via ...
CSOonline

Commvault warns of critical Command Center flaw

Commvault is warning customers of a critical vulnerability affecting Command Center, a web-based management console for its data protection and backup offerings. The flaw, tracked as CV-2025-34028, ...
Bleeping Computer

Cisco warns of critical Unified CM flaw with PoC exploit code

Cisco has released security updates to patch a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges. Cisco Unified CM (formerly known as ...
Dark Reading

Microsoft Patches 4 SSRF Flaws in Separate Azure Cloud Services

Microsoft has fixed vulnerabilities in four separate services of its Azure cloud platform, two of which could have allowed attackers to perform a server-side request forgery (SSRF) attack — and thus ...
CSOonline

SSRF attacks explained and how to defend against them

Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. The name itself implies that a request that should have otherwise been made ...