PatchDayAlert
Subscribe →

For sysadmins

You got handed the patch list. We do the triage.

Every morning the security team forwards a fresh KEV update and walks away. You’re the one who has to figure out what to do. PatchDayAlert reads the advisories first, calls each one, and lands in your inbox before standup.

You get the CVE triage cheat sheet, a one-page printable, in the welcome email. The weekly digest lands every Wednesday. Free, unsubscribe anytime.

What you get

  1. 01

    Plain-English summary per CVE.

    What’s broken, who’s at risk, how to check, what to patch. No CVSS jargon dumps.

  2. 02

    One verdict per item.

    Patch now, patch this week, track, or doesn’t apply. The verdict is the answer.

  3. 03

    Exploited-in-wild flagged first.

    CISA KEV updates sit at the top of the digest in red, ahead of high-CVSS items nobody’s actually attacking.

  4. 04

    Around four minutes to read.

    Short enough to clear before coffee. Long enough to be useful.

A sample of today’s digest

What today’s lead call looks like in your inbox.

A typical issue carries five to seven CVEs, one or two tagged Patch now, the rest sorted by urgency. The intro tells you the standout. The footer lists what didn’t make the cut.

Patch this week From JUN 17 · Nº040
CVE-2026-12289 8.8 Mozilla Firefox

An attacker can escalate privileges through the WebRender graphics component in Firefox and Thunderbird.

The call: Update Firefox to 152 (or ESR 140.12 / ESR 115.37) and Thunderbird to 152 (or ESR 140.12) through your package manager or Mozilla's update channel.

Sources: NVD Read the full call

Recent issues you could have triaged in five minutes:

Nº040 JUN 17

Firefox sandbox escape, a Dell RCE, and a Pacemaker crasher walk into your queue

CVE-2026-12289 lets attackers break out of Firefox/Thunderbird's WebRender sandbox (CVSS 8.8). Dell OpenManage and Pacemaker CIB also carry 8.6+ bugs, plus a command injection in Galaxy NG and a TLS bypass between Harvester and Rancher.

5 CVEs
0 Crit
0 KEV
4 min
Nº039 JUN 16

WordPress RCE at 9.8 unauthed, Defender privesc unpatched, OpenSSL nonce fail

A PHP Object Injection in a Salesforce/CF7 WordPress plugin needs no login and scores CVSS 9.8. Microsoft Defender's Malware Protection Engine has a local-to-SYSTEM escalation (CVSS 7.8) with no fix shipped yet. OpenSSL silently ignores IVs in AES-OCB mode, breaking encryption guarantees.

5 CVEs
1 Crit
0 KEV
4 min
Nº038 JUN 15
Exploited

PeopleSoft takeover exploited in the wild, plus a 9.1 CMS forgery bug in OpenSSL

An unauthenticated PeopleSoft PeopleTools compromise (CVE-2026-35273) is already being exploited. Also: a CVSS 9.1 CMS AuthEnvelopedData forgery affecting OpenSSL, Node.js, and QEMU (CVE-2026-34182), a Zoom mobile privilege escalation, a public exploit for a Revo Uninstaller kernel driver, and a SQLite FTS5 heap overflow.

5 CVEs
1 Crit
1 KEV
4 min

Get the cheat sheet and the digest

CVE triage for sysadmins in five minutes.

What to patch now. What can wait. What you can ignore.

  1. 01 The CVE triage cheat sheet, a one-page printable decision tree, in the welcome email.
  2. 02 The weekly digest, one email every Wednesday, around four minutes to read.

Free. Unsubscribe anytime.