Hewlett Packard Enterprise (HPE) security patch release for CVE-2026-23813
Security Patch Release
Summary
Hide ▲
Show ▼
HPE released security updates for Aruba Networking AOS-CX, closing multiple vulnerabilities including authentication and code execution issues on CX-series campus and data center switches. The highest-severity issue is CVE-2026-23813, a critical authentication bypass in the web-based management interface that could let an unauthenticated remote actor reset admin passwords. HPE says it is not aware of public exploit code or abuse in the wild, but administrators can apply temporary mitigations until patches are deployed.
Related Happenings
Kandji security patch release for CVE-2026-39118
Security Patch Release
H score17
First: 25.06.2026 14:00
Last: 25.06.2026 14:00
Sources 1
About this happening:
Kandji fixed its **MDM agent** on **macOS** and assigned **CVE-2026-39118** after validation showed a trust issue that could let a standard user disable enterprise security contro...
Kandji security patch release for CVE-2026-39118
Security Patch ReleaseAbout this happening: Kandji fixed its **MDM agent** on **macOS** and assigned **CVE-2026-39118** after validation showed a trust issue that could let a standard user disable enterprise security contro...
JCE Pro 2.9.99.6 patch for CVE-2026-48907
Security Patch Release
H score46
First: 17.06.2026 13:09
Last: 17.06.2026 13:09
Sources 1
About this happening:
**JCE security team** released **JCE Pro 2.9.99.6** in **early June 2026** to fix **CVE-2026-48907** in the **Widget Factory Joomla Content Editor (JCE) plugin**. The update addre...
JCE Pro 2.9.99.6 patch for CVE-2026-48907
Security Patch ReleaseAbout this happening: **JCE security team** released **JCE Pro 2.9.99.6** in **early June 2026** to fix **CVE-2026-48907** in the **Widget Factory Joomla Content Editor (JCE) plugin**. The update addre...
SimpleHelp security update for CVE-2026-48558
Security Patch Release
H score65
First: 15.06.2026 23:06
Last: 15.06.2026 23:06
Sources 1
About this happening:
**SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
SimpleHelp security update for CVE-2026-48558
Security Patch ReleaseAbout this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
Check Point security patch release for CVE-2026-50751
Security Patch Release
H score48
First: 08.06.2026 16:05
Last: 08.06.2026 16:05
Sources 1
About this happening:
**Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
Check Point security patch release for CVE-2026-50751
Security Patch ReleaseAbout this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
SolarWinds Serv-U advisory and mitigations for CVE-2026-28318
Advisory/Mitigation
H score52
First: 06.06.2026 11:14
Last: 06.06.2026 11:14
Sources 1
About this happening:
**SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...
SolarWinds Serv-U advisory and mitigations for CVE-2026-28318
Advisory/MitigationAbout this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...
Timeline
-
10.03.2026 19:30 2 articles · 4mo ago
HPE patches Aruba AOS-CX authentication bypass
Mitigation Patch UpdateHewlett Packard Enterprise (HPE) releases security updates for Aruba Networking AOS-CX on CX-series campus and data center switch devices, fixing multiple vulnerabilities that include CVE-2026-23813, a critical authentication bypass in the web-based management interface that could let an unauthenticated remote actor bypass authentication and, in some cases, reset admin passwords. HPE also provides temporary mitigations that restrict management traffic, disable unnecessary HTTP(S) interfaces, and enforce Control Plane Access Control Lists (ACLs) while patches are deployed.
Show sources
- HPE warns of critical AOS-CX flaw allowing admin password resets — www.bleepingcomputer.com — 10.03.2026 19:30
- HPE warns of critical AOS-CX flaw allowing admin password resets — www.bleepingcomputer.com — 10.03.2026 19:30
-
10.03.2026 19:30 1 articles · 4mo ago
HPE says no public exploit code targets Aruba AOS-CX flaws
Technical Analysis UpdateHPE states that it is not aware of any public discussion or exploit code targeting these specific vulnerabilities as of the advisory release date, and says it has not found publicly available proof-of-concept code or evidence that attackers are abusing the vulnerabilities in the wild.
Show sources
- HPE warns of critical AOS-CX flaw allowing admin password resets — www.bleepingcomputer.com — 10.03.2026 19:30