FACTUALRISK Cyber Intelligence
Mise à jour : 15 Jul 2026 · 00:03
← Accueil
🗞 Briefing
💥 Menaces
🛡 Vulnérabilités
📋 Conformité
📚 Guides
← Retour FactualRisk
Niveau CRITIQUE · 15 July 2026
🔴 23 vulnérabilités critiques — action immédiate requise
Mis à jour le 15 July 2026 · 00:03 UTC · 23 P0 · 14 P1 · 21 KEV exploités · 6 ransomware · 27 ITW · 137 vulnérabilités analysées · Voir le tableau complet →
?
P0 Critiques
Action immédiate
?
P1 Élevés
Sous 72h
?
KEV actifs
Exploités CISA ↗
?
Ransomware
?
Analysés
137
Findings total
💥 Incidents & Attaques récentes Tout voir →
💥
INFO Autre · BleepingComputer · 14 July 2026
Spanish Police take down €140 million cyber fraud ring, arrest four
💥
INFO Autre · KrebsOnSecurity · 14 July 2026
Microsoft Patches a Record 570 Security Flaws
💥
INFO Autre · BleepingComputer · 14 July 2026
Nearly 300 GitHub repos pose as legit software to push malware
📊 Top 5 types d'attaques
💥 Autre 25
⚡ Zero-Day 6
🦠 Ransomware 3
🎣 Phishing 2
🕵️ APT 2
📰 Actualités cyber du jour Tout voir →
BleepingComputer 14 Jul 2026
SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly released
The Hacker News 14 Jul 2026
Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
Microsoft shipped its largest Patch Tuesday on record today, and two of the fixes close holes that attackers are already exploiting. The release covers 622 of Microsoft's own CVEs by its Security Upda
BleepingComputer 14 Jul 2026
Spanish Police take down €140 million cyber fraud ring, arrest four
The Spanish Police dismantled a cybercrime and money-laundering organization that made €140 million ($160 million) from investment fraud and business email compromise (BEC) attacks. [...]
Krebs on Security 14 Jul 2026
Microsoft Patches a Record 570 Security Flaws
Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant
BleepingComputer 14 Jul 2026
Nearly 300 GitHub repos pose as legit software to push malware
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to distribute infostealer malware. [...]
SecurityWeek 14 Jul 2026
Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days
Two flaws in Active Directory and SharePoint Server have been exploited as zero-days, and a BitLocker bug was publicly disclosed. The post Microsoft Patches Record 622 Vulnerabilities, Including Tw
🎯 Cartographie risques CVSS × EPSS Zone rouge = critique
2468100.250.500.751.00ZONE CRITIQUECVE-2026-56155 CVSS=7.8 EPSS=0.000CVE-2026-56164 CVSS=5.3 EPSS=0.000CVE-2026-15409 CVSS=10.0 EPSS=0.000CVE-2026-15410 CVSS=7.2 EPSS=0.000CVE-2008-4128 CVSS=4.3 EPSS=0.000CVE-2026-56291 CVSS=9.8 EPSS=0.008CVE-2026-48939 CVSS=9.8 EPSS=0.015CVE-2026-48908 CVSS=9.8 EPSS=0.016CVE-2026-55255 CVSS=8.4 EPSS=0.006CVE-2026-56290 CVSS=9.8 EPSS=0.029CVE-2026-48282 CVSS=10.0 EPSS=0.286CVE-2026-45659 CVSS=8.8 EPSS=0.032CVE-2026-48558 CVSS=10.0 EPSS=0.012CVE-2026-12569 CVSS=9.8 EPSS=0.012CVE-2026-20230 CVSS=8.6 EPSS=0.417CVE-2025-67038 CVSS=9.8 EPSS=0.009CVE-2026-34910 CVSS=10.0 EPSS=0.786CVE-2026-34909 CVSS=10.0 EPSS=0.023CVE-2026-34908 CVSS=10.0 EPSS=0.025CVE-2026-20253 CVSS=9.8 EPSS=0.882CVE-2026-48907 CVSS=9.8 EPSS=0.804CVE-2026-10802 CVSS=4.3 EPSS=0.003GHSA-hgjx-r89m-m7v4 CVSS=9.9 EPSS=0.000CVE-2026-10801 CVSS=3.6 EPSS=0.001CVE-2026-54446 CVSS=8.1 EPSS=0.000CVE-2026-61549 CVSS=0.0 EPSS=0.000GHSA-7rx3-5wx3-5v76 CVSS=7.7 EPSS=0.000CVE-2026-61699 CVSS=8.1 EPSS=0.000CVE-2026-55608 CVSS=4.2 EPSS=0.000CVE-2026-55513 CVSS=5.4 EPSS=0.000CVE-2026-55512 CVSS=5.3 EPSS=0.000CVE-2026-54629 CVSS=7.5 EPSS=0.000CVE-2026-53603 CVSS=0.0 EPSS=0.000CVE-2026-44891 CVSS=7.5 EPSS=0.000CVE-2026-53604 CVSS=0.0 EPSS=0.000CVE-2026-54628 CVSS=8.6 EPSS=0.000GHSA-q3v2-xj35-9grx CVSS=4.9 EPSS=0.000GHSA-mqxv-9rm6-w8qc CVSS=0.0 EPSS=0.000GHSA-9hc2-hjx8-q6pv CVSS=9.6 EPSS=0.000CVE-2026-54448 CVSS=0.0 EPSS=0.003CVE-2026-54087 CVSS=7.6 EPSS=0.000CVE-2026-48681 CVSS=5.9 EPSS=0.006GHSA-pqg7-v6wh-3pfp CVSS=8.5 EPSS=0.000CVE-2026-41283 CVSS=9.9 EPSS=0.007CVE-2026-54335 CVSS=3.7 EPSS=0.000CVE-2026-10783 CVSS=2.5 EPSS=0.001CVE-2026-46447 CVSS=5.8 EPSS=0.003CVE-2026-50158 CVSS=7.7 EPSS=0.000CVE-2026-50157 CVSS=6.5 EPSS=0.000CVE-2026-54052 CVSS=9.9 EPSS=0.000CVE-2026-50141 CVSS=0.0 EPSS=0.002CVE-2026-10766 CVSS=3.6 EPSS=0.001CVE-2026-50006 CVSS=9.1 EPSS=0.000CVE-2026-7888 CVSS=0.0 EPSS=0.002CVE-2026-50131 CVSS=8.6 EPSS=0.003CVE-2026-50125 CVSS=7.5 EPSS=0.000CVE-2026-50018 CVSS=6.5 EPSS=0.000CVE-2026-50013 CVSS=7.5 EPSS=0.000CVE-2026-54250 CVSS=5.8 EPSS=0.001CVE-2025-61670 CVSS=3.3 EPSS=0.002CVE-2026-45710 CVSS=3.5 EPSS=0.000CVE-2026-44300 CVSS=0.0 EPSS=0.000CVE-2026-45263 CVSS=8.0 EPSS=0.000CVE-2026-45693 CVSS=7.5 EPSS=0.000CVE-2026-45262 CVSS=9.9 EPSS=0.000CVE-2026-52828 CVSS=0.0 EPSS=0.000CVE-2026-52827 CVSS=0.0 EPSS=0.000CVE-2026-52826 CVSS=0.0 EPSS=0.000CVE-2026-52825 CVSS=0.0 EPSS=0.000CVE-2026-52824 CVSS=0.0 EPSS=0.000CVE-2026-52823 CVSS=0.0 EPSS=0.000CVE-2026-52822 CVSS=0.0 EPSS=0.000CVE-2026-52821 CVSS=0.0 EPSS=0.000CVE-2026-52820 CVSS=0.0 EPSS=0.000CVE-2026-52819 CVSS=0.0 EPSS=0.000CVE-2026-49992 CVSS=0.0 EPSS=0.000GHSA-8f6j-263m-g72x CVSS=0.0 EPSS=0.000GHSA-xf7x-x43h-rpqh CVSS=7.5 EPSS=0.000CVE-2026-47677 CVSS=0.0 EPSS=0.000GHSA-7xw9-549r-8jrc CVSS=8.5 EPSS=0.000CVE-2026-61668 CVSS=8.1 EPSS=0.000CVE-2026-61667 CVSS=9.9 EPSS=0.000CVE-2026-59955 CVSS=7.5 EPSS=0.000CVE-2026-59954 CVSS=7.5 EPSS=0.000CVE-2024-29033 CVSS=7.5 EPSS=0.006CVE-2026-55372 CVSS=7.2 EPSS=0.000CVE-2026-54065 CVSS=8.7 EPSS=0.000CVE-2026-54064 CVSS=8.7 EPSS=0.000CVE-2026-6657 CVSS=6.1 EPSS=0.002CVE-2026-37462 CVSS=7.3 EPSS=0.003CVE-2026-7666 CVSS=3.1 EPSS=0.002CVE-2026-5241 CVSS=8.0 EPSS=0.005CVE-2026-47065 CVSS=9.8 EPSS=0.005CVE-2026-49259 CVSS=8.7 EPSS=0.000CVE-2026-48118 CVSS=8.2 EPSS=0.000CVE-2026-45579 CVSS=9.9 EPSS=0.000CVE-2026-45573 CVSS=6.4 EPSS=0.000CVE-2026-45572 CVSS=4.8 EPSS=0.000CVE-2026-45415 CVSS=6.0 EPSS=0.000CVE-2026-45414 CVSS=8.5 EPSS=0.000CVSSEPSSP0P1P2
CVSS = sévérité (0→10) · EPSS = probabilité exploitation (0→1)
Zone rouge : CVSS ≥ 7 et EPSS ≥ 0.5 — risque maximal immédiat.
🔴 Vulnérabilités P0 — Action immédiate requise Tableau complet →
CVE-2026-56155 (2026-07-14)NOUVEAUCVSS 7.8EPSS 0.0%KEVITW
Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability
Microsoft Active Directory Federation Services
CVE-2026-15409 (2026-07-14)NOUVEAUCVSS 10.0EPSS 0.0%KEVITW
SonicWall SMA1000 Appliances Server-Side Request Forgery Vulnerability
SonicWall SMA1000 Appliances
CVE-2026-15410 (2026-07-14)NOUVEAUCVSS 7.2EPSS 0.0%KEVITW
SonicWall SMA1000 Appliances Code Injection Vulnerability
SonicWall SMA1000 Appliances
CVE-2026-56291 (2026-07-10)NOUVEAUCVSS 9.8EPSS 0.8%KEVITW
Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability
Balbooa Forms
CVE-2026-48939 (2026-07-10)MAJCVSS 9.8EPSS 1.5%KEVITW
iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability
iCagenda iCagenda
CVE-2026-48908 (2026-07-07)MAJCVSS 9.8EPSS 1.6%KEVITW
JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability
JoomShaper SP Page Builder
CVE-2026-55255 (2026-07-07)MAJCVSS 8.4EPSS 0.6%KEVITW
Langflow Authorization Bypass Through User-Controlled Key Vulnerability
Langflow Langflow
CVE-2026-56290 (2026-07-07)MAJCVSS 9.8EPSS 2.9%KEVITW
Joomlack Page Builder Improper Access Control Vulnerability
Joomlack Page Builder
CVE-2026-48282 (2026-07-07)MAJCVSS 10.0EPSS 28.6%KEVITW
Adobe ColdFusion Path Traversal Vulnerability
Adobe ColdFusion
CVE-2026-45659 (2026-07-01)CVSS 8.8EPSS 3.2%KEVITW
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server
CVE-2026-48558 (2026-06-29)CVSS 10.0EPSS 1.2%KEVITW
SimpleHelp Authentication Bypass Vulnerability
SimpleHelp SimpleHelp
CVE-2026-12569 (2026-06-25)CVSS 9.8EPSS 1.2%KEVITW
PTC Windchill and FlexPLM Improper Input Validation Vulnerability
PTC Windchill and FlexPLM
CVE-2026-20230 (2026-06-25)CVSS 8.6EPSS 41.7%KEVITW
Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
Cisco Unified Communications Manager
CVE-2025-67038 (2026-06-23)CVSS 9.8EPSS 0.9%KEVITW
Lantronix EDS5000 Code Injection Vulnerability
Lantronix EDS5000
CVE-2026-34910 (2026-06-23)CVSS 10.0EPSS 78.6%KEVITW
Ubiquiti UniFi OS Improper Input Validation Vulnerability
Ubiquiti UniFi OS
🏭 Éditeurs les plus exposés
composer26
go25
pip22
Ubuntu16
rubygems11

L'écosystème

Digimoove ESN Paris — Cyber · Cloud · Automatisation IA · Observabilité NAIvigate Veille & formation IA FactualRisk est une marque de l'écosystème Digimoove