Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

ConnectWise Automate security update (CVE-2025-11492, CVE-2025-11493)

Security Patch Release
First reported
Last updated
Happening score
H score 36
2 unique sources, 2 articles

Summary

Hide ▲

ConnectWise released a security update for Automate after fixing CVE-2025-11492 and CVE-2025-11493, closing flaws that could let attackers intercept or tamper with sensitive communications and update traffic. Cloud instances were already updated to Automate 2025.9, while on-prem deployments were told to install the new release as soon as possible. The bulletin did not mention active exploitation, but it warned the issues have a higher risk of being targeted by exploits in the wild.

Related Happenings

Splunk Enterprise security update for CVE-2026-20253

Security Patch Release
H score42 First: 13.06.2026 16:23 Last: 13.06.2026 16:23 Sources 1

About this happening: **Splunk** released **security updates** for **CVE-2026-20253**, fixing a critical **Splunk Enterprise** flaw that could enable unauthenticated file operations and **remote code e...

Open Happening

Redis security patch release for CVE-2026-23479

Security Patch Release
H score24 First: 03.06.2026 16:47 Last: 03.06.2026 16:47 Sources 1

About this happening: **Redis** released patched minor versions on **May 5** to fix **CVE-2026-23479**, a **use-after-free** in **blocking-client code** that can lead to **arbitrary OS command executio...

Open Happening

Drupal core security update for CVE-2026-9082

Security Patch Release
H score74 First: 22.05.2026 16:14 Last: 22.05.2026 16:14 Sources 1

About this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...

Open Happening

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
H score45 First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
H score55 First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Open Happening

Timeline

  1. 17.10.2025 22:29 3 articles · 8mo ago

    ConnectWise releases Automate security update

    Mitigation Patch Update

    ConnectWise released a security update for ConnectWise Automate to fix CVE-2025-11492 (9.6) and CVE-2025-11493 (8.8), reducing risk that agents configured for HTTP instead of HTTPS could expose commands, credentials, and update payloads to adversary-in-the-middle (AitM) interception or modification. The update also addressed missing checksum or digital-signature integrity verification for update packages and integrations, with cloud-based instances moved to Automate 2025.9 and on-premise administrators told to install the new release as soon as possible.

    Show sources
    Open in new tab