(TLP CLEAR) Weekly Vulnerabilities to Prioritize – June 4, 2026
Created: Thursday, June 4, 2026 - 16:14
Categories: Cybersecurity, Security Preparedness
The below vulnerabilities have been identified by WaterISAC analysts as important for water and wastewater utilities to prioritize in their vulnerability management efforts. WaterISAC shares critical vulnerabilities that affect widely used products and may be under active exploitation. WaterISAC draws additional awareness in alerts and advisories when vulnerabilities are confirmed to be impacting, or have a high likelihood of impacting, water and wastewater utilities. Members are encouraged to regularly review these vulnerabilities, many of which are often included in CISA’s Known Exploited Vulnerabilities (KEV) Catalog.
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
CVSS v3.1: 7.8
CVE: CVE-2026-0257
Description: See WaterISAC’s notification regarding this vulnerability. Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues. CISA added these vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Source: https://security.paloaltonetworks.com/CVE-2026-0257
Oracle WebLogic Server Unspecified Vulnerability
CVSS 3.1: 7.5
CVEs: CVE-2024-21182
Description: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CISA added these vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Original Source: https://www.oracle.com/security-alerts/cpujul2024.html
Linux Kernel Improper Authentication Vulnerability
CVSS 3.1: 7.8
CVEs: CVE-2022-0492
Description: A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. CISA added these vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Original Source: https://bugzilla.redhat.com/show_bug.cgi?id=2051505
Android Framework Integer Overflow Vulnerability
CVSS: N/A
CVE: CVE-2025-48595
Description: In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. CISA added these vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Source: https://source.android.com/docs/security/bulletin/2026/2026-06-01
Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability
CVSS 3.1: 9.8CVEs: CVE-2026-45247Description: Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted call to PHP’s native unserialize() function combined with gadget chains available in Magento and its dependencies to execute arbitrary code on the server. CISA added these vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Original Source: https://sansec.io/research/mirasvit-cache-warmer-object-injection