Bastion Codex – Weekly Defender Brief (2026-06-15)
This weekly defender brief summarizes vulnerability movement observed over the past 7 and 30 days.
The goal is simple: highlight signal that matters to frontline defenders — patch workload pressure, severity shifts, and KEV movement.
Bastion Codex – Weekly Defender Brief
Week of 2026-06-15
Executive Snapshot
- 1952 CVEs observed in the last 7 days
- 164 Critical
- 814 High
- 8 KEV-listed vulnerabilities in last 30 days
Week-over-Week Movement
- Total CVEs: 1952 (from 0 to 1952, n/a)
- Critical: 164 (from 0 to 164, n/a)
- High: 814 (from 0 to 814, n/a)
- Medium: 655 (from 0 to 655, n/a)
- Low: 50 (from 0 to 50, n/a)
- Unknown: 269 (from 0 to 269, n/a)
Defender Takeaways
- Elevated volume of Critical vulnerabilities this week. Prioritize external-facing asset review.
- Recently added KEV vulnerabilities detected. Review CISA remediation timelines.
- High severity volume suggests increased patch workload. Focus on internet-exposed services first.
Severity Breakdown (7 Days)
- Critical: 164
- High: 814
- Medium: 655
- Low: 50
- Unknown: 269
Top Vendors (30 Days)
- Cisco: 2
- Arista: 1
- Check Point: 1
- Google: 1
- Ivanti: 1
- LiteSpeed: 1
- Oracle: 1
Top Products (30 Days)
- Catalyst SD-WAN Manager: 2
- Chromium V8: 1
- Extensible Operating System: 1
- PeopleSoft Enterprise PeopleTools: 1
- Security Gateway: 1
- Sentry: 1
- cPanel Plugin: 1
Priority Watchlist (Top 10)
- CVE-2026-10520 | CVSS: 10.0 | KEV: True | An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user
- CVE-2018-1273 | CVSS: 9.8 | KEV: True | Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerabilit
- CVE-2025-59718 | CVSS: 9.8 | KEV: True | A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, Forti
- CVE-2026-24858 | CVSS: 9.8 | KEV: True | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.
- CVE-2026-35273 | CVSS: 9.8 | KEV: True | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported v
- CVE-2026-50751 | CVSS: 9.3 | KEV: True | A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated r
- CVE-2026-0257 | CVSS: 9.1 | KEV: True | Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to
- CVE-2026-42271 | CVSS: 8.8 | KEV: True | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.74.2 to before version 1.83.7, two endp
- CVE-2026-11645 | CVSS: 8.8 | KEV: True | Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a san
- CVE-2026-54420 | CVSS: 8.5 | KEV: True | LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP
Generated via Bastion Codex pipeline at 2026-06-15T22:29:19.191053+00:00