New Google vulnerability: Learn about zero-day CVE-2022-3075 in Chorme web browser  | Fix now >> 

The CyberRisk Summit on-demand: Watch the latest #CRS anytime, anywhere | Watch now  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

CVE-2022-26136 and CVE-2022-26137 – fixing the Atlassian vulnerabilities

Atlassian makes the headlines again. After the disclosure of Confluence’s Romote-code execution vulnerability (CVE-2022-26134), Atlassian has released multiple security advisories of critical vulnerabilities. Together with the CVE-2022-26138 announcement, an advisory for two vulnerabilities – CVE-2022-26136 and CVE-2022-26137 – was also released. While CVE-2022-26134 and CVE-2022-26138 affect only the Confluence app, these new CVEs affect multiple… Continue reading CVE-2022-26136 and CVE-2022-26137 – fixing the Atlassian vulnerabilities

How to fix CVE-2022-26138 in Atlassian

Atlassian is urging users to take action on a critical vulnerability found in its Questions for Confluence app – one of three major bugs announced last week.  With Confluence in use across millions of systems for project management and collaboration needs, a critical vulnerability in the product has the potential to cause huge damage if… Continue reading How to fix CVE-2022-26138 in Atlassian