VulncastBriefing archive

Daily Brief - 2026-07-01

· 5 vulnerabilities · 7 min listen

▶ Listen to this briefing

CVE-2026-10109

critical · CVSS 9.8 · IBM Db2

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling.

  • Remote Code Execution
  • database
  • drda protocol

CVE-2026-14044

Google Chrome

Use after free in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

  • Use-After-Free
  • Sandbox Escape
  • web browser

CVE-2026-48315

critical · CVSS 9.3 · Adobe ColdFusion

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.

  • Improper Input Validation
  • Remote Code Execution
  • web application
  • coldfusion

CVE-2026-58138

critical · CVSS 9.8 · Orkes Conductor

Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to authentication. Attackers can exploit unsandboxed GraalVM evaluators configured with HostAccess.ALL or allowAllAccess(true) through INLINE, LAMBDA, DO_WHILE, and SWITCH task types to invoke arbitrary system commands via Java reflection or direct subprocess calls.

  • Remote Code Execution
  • Arbitrary Code Execution
  • web application
  • java
  • graalvm

CVE-2026-9132

GitHub GitHub Enterprise Server

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range and rendered the resulting diff without verifying that the requesting user was authorized to view the target repository. Exploitation required an authenticated account on the instance with read access to at least one repository to use as the comparison base. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.21 and was fixed in versions 3.17.17, 3.18.11, 3.19.8, and 3.20.4. This vulnerability was reported via the GitHub Bug Bounty program.

  • Broken Access Control
  • Information Disclosure
  • web application