Tag: code injection

a man sitting in front of a computer monitor
Security

CISA orders federal patching by July 17, 2026 after two chained SonicWall SMA1000 zero-days (CVE-2026-15409, CVE-2026-15410)

SonicWall’s SMA1000 appliances are the subject of active exploitation via two linked zero-days: an unauthenticated SSRF (CVE-2026-15409) and an authenticated code-injection (CVE-2026-15410). The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added both to its Known Exploited Vulnerabilities list and set a federal remediation deadline of July 17, 2026 — a signal that agencies must patch […]

admin