InfoSecBulletin Cybersecurity for mankind
Microsoft’s January 2026 updates address 114 vulnerabilities, including critical remote code execution bugs in Office apps and Windows services like LSASS.
This Patch Tuesday fixes critical vulnerabilities that allow remote code execution and several privilege escalation problems that could let attackers take over systems.
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges
By infosecbulletin
/ Wednesday , June 10 2026
A security expert shared a new Microsoft Defender vulnerability called "RoguePlanet" only hours after Microsoft fixed two earlier problems in...
Read More
Microsoft June Patches 200 Vulnerabilities including 3 zero days
By infosecbulletin
/ Wednesday , June 10 2026
Microsoft's June 2026 Patch Tuesday updates fix about 200 security flaws found in the company's products. None of the flaws fixed...
Read More
World’s first wind power underwater data center is now live
By infosecbulletin
/ Tuesday , June 9 2026
The first business underwater data center run by offshore wind has started working near Shanghai. Submerged 10 metres under the...
Read More
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts
By infosecbulletin
/ Tuesday , June 9 2026
Broadcom has revealed three stored cross-site scripting (XSS) flaws that affect VMware Cloud Foundation Operations and some other products. They...
Read More
CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the WildÂ
By infosecbulletin
/ Tuesday , June 9 2026
Check Point Research found that CVE-2026-50751, a serious flaw in Check Point Remote Access VPN and Mobile Access, is being...
Read More
AI-designed First ‘universal vaccine’ tested in humans
By infosecbulletin
/ Monday , June 8 2026
AI helped to make a new kind of vaccine that can protect people from many types of viruses and stop...
Read More
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%
By infosecbulletin
/ Sunday , June 7 2026
The world's first prefabricated computing power center base officially began operation on Saturday in Qingdao City, east China's Shandong Province,...
Read More
Hacker now exploits recently patched SolarWinds Serv-U flaw
By infosecbulletin
/ Saturday , June 6 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that hackers are using a newly fixed serious SolarWinds Serv-U...
Read More
Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass
By infosecbulletin
/ Friday , June 5 2026
Trend Micro’s Deep Security Agent for Linux has a design flaw. This issue lets a local attacker, who does not...
Read More
Ransomware Crisis Deepens: 4,089 Victims Hit Across 121 Countries in 2026
By infosecbulletin
/ Friday , June 5 2026
According to the latest ransomware numbers from 2026, cybercrime is still a big worry worldwide. In 2026, 4,089 groups have...
Read More
The number of bugs in each vulnerability category is listed below:
| Vulnerability Type | Count |
|---|---|
| Remote Code Execution | 22 |
| Denial of Service | 2 |
| Elevation of Privilege | 57 |
| Information Disclosure | 22 |
| Security Feature Bypass | 3 |
| Spoofing | 5 |
| Tampering | 3 |
| Total | 114 |
Zero-Day Vulnerabilities:
CVE-2026-20805 has high-severity flaws in Desktop Windows Manager that can expose information. CVE-2026-21265 relates to digital media handling that can lead to privilege escalation, often used in chained attacks. CVE-2023-31096 seems to be a backported or related fix included in cumulative updates.
| CVE ID | Component | Type | Severity | Key Notes |
|---|---|---|---|---|
| CVE-2026-20805 | Desktop Windows Manager | Information Disclosure | Important (High per Check Point) | Allows unauthorized access to sensitive data; patched January 13, 2026 ​ |
| CVE-2026-21265 | Windows Digital Media | Elevation of Privilege | Not specified | Enables local privilege escalation ​ |
| CVE-2023-31096 | Unknown (legacy) | Zero-day (contextual) | Not specified | Included in January 2026 updates despite earlier assignment |
Click here for the full list.
