Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical Security Patches Released by Ivanti, Fortinet, and SAP

Critical Security Patches Released by Ivanti, Fortinet, and SAP

Posted on May 18, 2026 By CWS

Several leading technology firms, including Ivanti, Fortinet, n8n, SAP, and VMware, have issued crucial security patches to address vulnerabilities that could be exploited for unauthorized code execution and other malicious activities. These updates aim to protect systems from potential exploitation by threat actors.

The most significant of these is a critical vulnerability in Ivanti’s Xtraction software, identified as CVE-2026-8043, which carries a CVSS score of 9.6. This flaw could allow attackers to gain unauthorized access to sensitive information and launch client-side attacks. Ivanti has emphasized the importance of upgrading to version 2026.2 to mitigate these risks.

Fortinet and SAP Address Critical Vulnerabilities

Fortinet has released advisories for two major vulnerabilities affecting FortiAuthenticator and FortiSandbox, with CVSS scores of 9.1. These issues, CVE-2026-44277 and CVE-2026-26083, could permit unauthorized code execution through improper access control and missing authorization checks. Users are advised to update to the latest versions to secure their systems.

In addition, SAP has resolved two critical vulnerabilities in its S/4HANA and Commerce Cloud products, identified as CVE-2026-34260 and CVE-2026-34263, both with a CVSS score of 9.6. These flaws, involving SQL injection and missing authentication checks, could lead to malicious code execution and unauthorized configuration changes.

VMware and n8n Release Security Fixes

Broadcom has addressed a high-severity vulnerability in VMware Fusion, known as CVE-2026-41702, which could result in privilege escalation. The patch, available in version 26H1, resolves a Time-of-check Time-of-use (TOCTOU) vulnerability that could allow local non-administrative users to elevate privileges.

n8n, a workflow automation tool, has also patched five critical vulnerabilities, including CVE-2026-42231 and CVE-2026-42232, which involve prototype pollution and remote code execution. Users are encouraged to update to the latest versions to safeguard against these threats.

Ongoing Patch Management Practices

Other major vendors, such as Adobe, Microsoft, and Google, have also been actively releasing security updates to address various vulnerabilities. These efforts underscore the importance of maintaining up-to-date software to protect against the ever-evolving threat landscape.

Staying informed and promptly applying security patches is crucial for organizations to defend against potential cyber threats. With the increasing complexity and frequency of attacks, continuous vigilance and timely updates remain essential components of robust cybersecurity strategies.

The Hacker News Tags:authentication bypass, Cybersecurity, Fortinet, Ivanti, n8n, Onapsis, patch management, privilege escalation, remote code execution, SAP, security updates, Software Security, SQL injection, VMware Fusion, Vulnerabilities

Post navigation

Previous Post: Malicious npm Packages Compromise Security
Next Post: OpenClaw Vulnerabilities Enable Sandbox Escape, Backdoor Access

Related Posts

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats The Hacker News
CISA Identifies Exploited Wing FTP Vulnerability CISA Identifies Exploited Wing FTP Vulnerability The Hacker News
Notepad++ Secures Update Process Against Malware Threat Notepad++ Secures Update Process Against Malware Threat The Hacker News
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks The Hacker News
Malicious Chrome Extension Compromises User Searches Malicious Chrome Extension Compromises User Searches The Hacker News
CISA Alerts on LiteSpeed Plugin Vulnerability CISA Alerts on LiteSpeed Plugin Vulnerability The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • India Cracks Down on Apps Disabling E-Rickshaws
  • Hackers Exploit SEO to Mislead AI with Malicious Codes
  • North Korea-Linked npm Packages Pose Threat to Developers
  • Urgent Update Advised for Apache ActiveMQ Vulnerabilities
  • Major Cybersecurity Incidents: Canadian Hacker, ATM Fraud

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • India Cracks Down on Apps Disabling E-Rickshaws
  • Hackers Exploit SEO to Mislead AI with Malicious Codes
  • North Korea-Linked npm Packages Pose Threat to Developers
  • Urgent Update Advised for Apache ActiveMQ Vulnerabilities
  • Major Cybersecurity Incidents: Canadian Hacker, ATM Fraud

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark