Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Zoom security patch release for CVE-2026-22844

Security Patch Release
First reported
Last updated
Happening score
H score 27
1 unique sources, 1 articles

Summary

Hide ▲

Zoom and GitLab released security updates on 2026-01-21 to fix flaws that could lead to remote code execution, denial-of-service, and 2FA bypass across Zoom Node MMRs and GitLab CE/EE. Zoom's most severe fix is CVE-2026-22844, a 9.9 CVSS command-injection flaw in Zoom Node Multimedia Routers (MMRs) before 5.2.1716.0. GitLab also patched multiple CE/EE vulnerabilities, including CVE-2025-13927, CVE-2025-13928, and CVE-2026-0723. Customers were told to update Zoom Node MMRs and apply the fixed GitLab releases to reduce exposure.

Related Happenings

NGINX rewrite-rule workaround for CVE-2026-42945

Advisory/Mitigation
First: 14.05.2026 18:43 Last: 14.05.2026 18:43 Sources 1

About this happening: **F5** issued a **workaround** for vulnerable **NGINX rewrite rules**, reducing exposure to **CVE-2026-42945** for operators who cannot upgrade immediately. The guidance replaces...

Open Happening

Exim security patch release for CVE-2026-45185

Security Patch Release
First: 13.05.2026 23:23 Last: 13.05.2026 23:23 Sources 1

About this happening: **Exim** released **version 4.99.3** to fix **CVE-2026-45185**, closing a **remote-code-execution risk** in affected mail servers. The patch applies to **Exim versions before 4.99...

Open Happening

Nginx-ui 2.3.4 patch for CVE-2026-33032

Security Patch Release
First: 15.04.2026 16:00 Last: 15.04.2026 16:00 Sources 1

About this happening: **nginx-ui maintainers** shipped **version 2.3.4** to fix **CVE-2026-33032**, closing a critical security gap for **MCP-enabled** deployments. The patch matters because the flaw c...

Latest development: 15.04.2026 17:45

After Pluto Security disclosed the issue in **March 2026**, the maintainers shipped **version 2.3.4** to address **CVE-2026-33032**. The patch closed the vulnerability in the product's **AI (MCP) integration** before broader exploitation details were reported.

Open Happening

Apache ActiveMQ Classic CVE-2026-34197 patch release

Security Patch Release
First: 08.04.2026 12:15 Last: 08.04.2026 12:15 Sources 1

About this happening: **Apache ActiveMQ Classic** patched **CVE-2026-34197**, a **remote code execution** flaw that lets an attacker abuse the **Jolokia API** to run OS commands. Users running the brok...

Open Happening

CISA orders FCEB GitLab patching under BOD 22-01

Public Sector Action
First: 04.02.2026 17:42 Last: 04.02.2026 17:42 Sources 1

About this happening: **CISA** ordered **FCEB agencies** to patch **GitLab CE/EE** against **CVE-2021-39935**, forcing remediation of an **actively exploited SSRF flaw** within **three weeks**. The dea...

Open Happening

Timeline

  1. 21.01.2026 17:42 2 articles · 4mo ago

    Zoom and GitLab release security updates for multiple flaws

    Mitigation Patch Update

    Zoom releases a patch for CVE-2026-22844 in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0, and GitLab releases fixes for Community Edition (CE) and Enterprise Edition (EE) flaws including CVE-2025-13927, CVE-2025-13928, CVE-2026-0723, CVE-2025-13335, and CVE-2026-1102. The affected issues can lead to remote code execution, denial-of-service (DoS), or a bypass of two-factor authentication (2FA), and Zoom advises customers using Zoom Node Meetings, Hybrid, or Meeting Connector deployments to update to the latest available MMR version.

    Show sources
    Open in new tab