Skip to main content

Overview

Cisco has published an advisory for a critical, actively exploited remote command execution vulnerability in Cisco AsyncOS Software for Cisco Secure Email Gateway (SEG) and Cisco Secure Email and Web Manager (SEWM). These appliances are commonly used by organisations to filter, inspect, and manage email security. The flaw could allow an unauthenticated remote attacker to execute arbitrary commands with root privileges.  

  • CVE-2025-20393: Cisco AsyncOS Spam Quarantine Remote Command Execution Vulnerability (CVSSv3.1 10.0). Affected versions: (SEG): 15.0.5-016, 15.5.4-012, 16.0.4-016; and (SEWM): 15.0.2-007, 15.5.4-007, 16.0.4-010.  

 

Modular DS has released a security update for its “Modular Connector” WordPress plugin following disclosure of a critical privilege escalation vulnerability. Modular DS is used to monitor, update, and manage multiple WordPress sites, meaning compromise can have high downstream impact. The vulnerability could allow unauthenticated attackers to bypass authentication checks and gain elevated privileges on affected WordPress sites.  

  • CVE-2026-23550: Modular DS Modular Connector Privilege Escalation via Permissive Route Matching (CVSSv3.1 10.0). Affected versions <= 2.5.1.  

 

Mozilla has issued security advisories to address memory safety vulnerabilities affecting Firefox and Thunderbird. Memory corruption issues may be exploitable to achieve arbitrary code execution under certain conditions. Users and organisations should prioritise updating to the latest releases, particularly on systems where browsers or mail clients are used to access untrusted content.  

  • CVE-2026-0892: Mozilla Firefox/Thunderbird Memory Safety Bugs Potentially Leading to Code Execution (CVSSv3.1 9.8). Affected versions: Firefox < 147 and Thunderbird < 147.  

 

Elastic has released security updates for Kibana addressing multiple vulnerabilities impacting Kibana connectors and Kibana Fleet. Kibana is widely used for security monitoring, logging, and operational analytics. The issues include a high-severity Google Gemini connector weakness that can enable arbitrary file disclosure and SSRF, plus several denial-of-service conditions.  

  • CVE-2026-0532: Kibana Google Gemini Connector SSRF and Arbitrary File Disclosure Vulnerability (CVSSv3.1 8.6). Affected versions: 8.15.0-8.19.9, 9.0.0-9.1.9 and 9.2.0-9.2.3.  
  • CVE-2026-0530: Kibana Fleet Uncontrolled Resource Allocation Denial of Service Vulnerability (CVSSv3.1 6.5). Affected versions: 7.10.0-7.17.29, 8.0.0-8.19.9, 9.0.0-9.1.9 and 9.2.0-9.2.3.  
  • CVE-2026-0531: Kibana Fleet Bulk Retrieval Resource Exhaustion Denial of Service Vulnerability (CVSSv3.1 6.5). Affected versions: 7.10.0-7.17.29, 8.0.0-8.19.9, 9.0.0-9.1.9 and 9.2.0-9.2.3.  
  • CVE-2026-0543: Kibana Email Connector Improper Input Validation Denial of Service Vulnerability (CVSSv3.1 6.5). Affected versions: 7.x: all versions, 8.0.0-8.19.9, 9.0.0-9.1.9 and 9.2.0-9.2.3. 

Recommended Action   

Organisations are encouraged to review the appropriate security advisory pages and apply the updates:   

Cisco - Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager 

Modular DS - Privilege Escalation in WordPress Modular DS Plugin - Patchstack 

Mozilla - Security Vulnerabilities fixed in Firefox 147 — Mozilla 

Elastic– Multiple Elastic Vulnerabilities Could Lead to File Theft and DoS 

If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting aCyber Concerns Online Reporting Form.  

Topics

  • Advisory
  • Vulnerability
  • Exploit
  • Patches and Updates