Tag

#KEV

4 posts tagged #KEV.

Analysis · Jun 18, 2026 · Colten Anderson

Two Struts CVEs, one incomplete fix, and the enterprise Java visibility problem

CVE-2023-50164 and CVE-2024-53677 hit the same file upload component in Apache Struts, a year apart. The second arrived because the fix for the first didn't go far enough. The real exposure is organizations that don't know where Struts lives in their stack.
Analysis · May 17, 2026 · Colten Anderson

Three CitrixBleeds in 30 months is not a streak, it is a code surface

CVE-2026-3055 is the third pre-auth memory disclosure in NetScaler's authentication stack in 30 months. Citrix says they are unrelated. The endpoints, the class, and the exploitation tempo say otherwise.
Analysis · May 8, 2026 · Colten Anderson

Five critical Fortinet CVEs in 28 months is not a streak of bad luck

Three heap overflows, two auth bypasses, all pre-auth, all ransomware-linked. The pattern in FortiOS and FortiProxy is structural, and patching alone has not been enough to remove attacker access.
Analysis · May 6, 2026 · Colten Anderson

CrushFTP chose the narrative over its customers

CrushFTP tried to keep a CVSS 9.8 auth bypass quiet. The disclosure mess that followed, two CVEs, public PoC code, and CEO threats, helped attackers move faster.