Critical Vulnerabilities and Exploits Targeting Cisco, Canvas, and Microsoft Systems

Critical Vulnerabilities and Exploits Targeting Cisco, Canvas, and Microsoft Systems

First seen 15 May 2026, 22:53 UTC Scworld 100% similarity 72.9

Article Content

Browse articles
ThreatCluster

A series of critical vulnerabilities have emerged, including CVE-2026-20182, which allows unauthenticated attackers to gain admin access to Cisco Catalyst SD-WAN Controllers. ShinyHunters defaced the Canvas LMS login page, claiming to have 275 million records from around 9,000 educational institutions. An XSS flaw in on-prem Exchange is being exploited via crafted emails, affecting Outlook Web Access users. Two unpatched Windows zero-days have been disclosed, including YellowKey, which bypasses BitLocker encryption, and GreenPlasma, which escalates privileges. Additionally, malicious npm package updates have compromised OpenAI employee laptops, exposing limited internal credentials. Microsoft has addressed 118 vulnerabilities, but no emergency patches were issued this month. The time-to-exploit for vulnerabilities in AI infrastructure is now effectively zero, highlighting the urgency for immediate action.

Key Points: • CVE-2026-20182 allows unauthenticated admin access on Cisco devices, with active exploitation reported. • Canvas LMS was defaced by ShinyHunters, claiming to possess 275 million records from educational institutions. • Critical XSS vulnerabilities in Microsoft Exchange are being actively exploited through crafted emails.

ThreatCluster AI

Timeline

2026-05-14
CVE-2026-20182 published
A max-severity authentication bypass for Cisco Catalyst SD-WAN Controllers was disclosed.
Scworld
2026-05-14
CVE-2026-20182 added to CISA KEV
CISA included CVE-2026-20182 in its Known Exploited Vulnerabilities catalog due to active exploitation.
Scworld
2026-05-15
Canvas LMS defaced
ShinyHunters defaced the Canvas LMS login page, claiming access to 275 million records from 9,000 institutions.
Scworld
2026-05-15
XSS flaw in Exchange exploited
An XSS vulnerability in on-prem Exchange is being exploited via crafted emails, affecting OWA users.
Scworld
2026-05-15
Two unpatched Windows zero-days disclosed
Anonymous researcher revealed YellowKey and GreenPlasma, both of which have no fixes available yet.
Scworld

Community

Browse all →