Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical Security Updates Released for Major Software

Critical Security Updates Released for Major Software

Posted on July 15, 2026 By CWS

Major software firms have rolled out essential security patches to address critical vulnerabilities in their products. Mozilla, Google, Adobe, and Broadcom have issued updates to mitigate potential security threats, aiming to safeguard users against exploitation.

Firefox and Chrome Receive Critical Fixes

Mozilla has launched updates for Firefox to fix two significant vulnerabilities. Identified as CVE-2026-15718 and CVE-2026-15719, these flaws concern the JavaScript: WebAssembly component and the DOM: Navigation component, respectively. Mozilla has confirmed the availability of exploit codes but noted the absence of active attacks. The fixes are part of Firefox version 152.0.6.

Google has also patched 15 security issues in Chrome, including two critical use-after-free vulnerabilities related to the Ozone component. These vulnerabilities (CVE-2026-15764 and CVE-2026-15765) could have allowed remote attackers to execute code on Linux systems. The updates are available in Chrome version 150.0.7871.124/.125 for Windows and Mac, and version 150.0.7871.124 for Linux.

Adobe Updates Address Multiple Critical Vulnerabilities

Adobe has released security updates for 88 vulnerabilities affecting several of its products, such as ColdFusion, Commerce, Experience Manager, and Illustrator. Notably, eight critical flaws in ColdFusion could lead to arbitrary code execution and privilege escalation. These have been resolved in ColdFusion 2025 Update 11 and ColdFusion 2023 Update 22.

Additional vulnerabilities fixed in Adobe Commerce and Magento Open Source include file upload issues and improper output encoding, both of which could result in privilege escalation and code execution. Adobe Experience Manager has also been updated to address critical vulnerabilities that could facilitate server-side request forgery and XML external entity attacks.

VMware Avi Load Balancer Secured Against Critical Flaw

Broadcom has released a vital patch for a critical vulnerability in VMware Avi Load Balancer (CVE-2026-47865), which was discovered by Filip Waeytens of the NATO Cyber Security Centre. This vulnerability could allow unauthorized access to the Avi Control plane, posing a significant security risk.

While none of these vulnerabilities have been detected in active exploitation, it is crucial for organizations to implement these updates promptly. Cyber attackers frequently exploit known vulnerabilities, emphasizing the importance of maintaining up-to-date security measures.

In conclusion, these updates reflect the ongoing efforts of software companies to protect their users from evolving cyber threats. Keeping software current is essential to minimize the risk of exploitation and ensure system integrity.

The Hacker News Tags:Adobe, Chrome, CVE, Cybersecurity, Firefox, Patches, security updates, software updates, VMware, Vulnerabilities

Post navigation

Previous Post: Malicious Game Cheats Give Hackers Remote Access to PCs
Next Post: Windows Bind Link Exploits Bypass EDR Detection

Related Posts

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors The Hacker News
Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China The Hacker News
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability The Hacker News
Insights from 160 Million Attack Simulations Insights from 160 Million Attack Simulations The Hacker News
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction The Hacker News
Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Critical Windows RDP Vulnerabilities Addressed by Microsoft
  • Cursor Flaw Risks Code Execution Vulnerability
  • New Windows Vulnerability PoC Released Post Patch Update
  • Dell Patches Critical PowerProtect Flaws Allowing Remote Access
  • Windows Bind Link Exploits Bypass EDR Detection

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Critical Windows RDP Vulnerabilities Addressed by Microsoft
  • Cursor Flaw Risks Code Execution Vulnerability
  • New Windows Vulnerability PoC Released Post Patch Update
  • Dell Patches Critical PowerProtect Flaws Allowing Remote Access
  • Windows Bind Link Exploits Bypass EDR Detection

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark