Find notable cyber news and cases, enriched with sources, timelines, and signals.

Hewlett Packard Enterprise (HPE) security patch release for CVE-2026-23813

Security Patch Release
First reported
Last updated
Happening score
H score 69
1 unique sources, 1 articles

Summary

Hide ▲

HPE released security updates for Aruba Networking AOS-CX, closing multiple vulnerabilities including authentication and code execution issues on CX-series campus and data center switches. The highest-severity issue is CVE-2026-23813, a critical authentication bypass in the web-based management interface that could let an unauthenticated remote actor reset admin passwords. HPE says it is not aware of public exploit code or abuse in the wild, but administrators can apply temporary mitigations until patches are deployed.

Related Happenings

Kandji security patch release for CVE-2026-39118

Security Patch Release
H score17 First: 25.06.2026 14:00 Last: 25.06.2026 14:00 Sources 1

About this happening: Kandji fixed its **MDM agent** on **macOS** and assigned **CVE-2026-39118** after validation showed a trust issue that could let a standard user disable enterprise security contro...

JCE Pro 2.9.99.6 patch for CVE-2026-48907

Security Patch Release
H score46 First: 17.06.2026 13:09 Last: 17.06.2026 13:09 Sources 1

About this happening: **JCE security team** released **JCE Pro 2.9.99.6** in **early June 2026** to fix **CVE-2026-48907** in the **Widget Factory Joomla Content Editor (JCE) plugin**. The update addre...

SimpleHelp security update for CVE-2026-48558

Security Patch Release
H score65 First: 15.06.2026 23:06 Last: 15.06.2026 23:06 Sources 1

About this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...

Check Point security patch release for CVE-2026-50751

Security Patch Release
H score48 First: 08.06.2026 16:05 Last: 08.06.2026 16:05 Sources 1

About this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...

SolarWinds Serv-U advisory and mitigations for CVE-2026-28318

Advisory/Mitigation
H score52 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...

Timeline

  1. 10.03.2026 19:30 2 articles · 4mo ago

    HPE patches Aruba AOS-CX authentication bypass

    Mitigation Patch Update

    Hewlett Packard Enterprise (HPE) releases security updates for Aruba Networking AOS-CX on CX-series campus and data center switch devices, fixing multiple vulnerabilities that include CVE-2026-23813, a critical authentication bypass in the web-based management interface that could let an unauthenticated remote actor bypass authentication and, in some cases, reset admin passwords. HPE also provides temporary mitigations that restrict management traffic, disable unnecessary HTTP(S) interfaces, and enforce Control Plane Access Control Lists (ACLs) while patches are deployed.

    Show sources
  2. 10.03.2026 19:30 1 articles · 4mo ago

    HPE says no public exploit code targets Aruba AOS-CX flaws

    Technical Analysis Update

    HPE states that it is not aware of any public discussion or exploit code targeting these specific vulnerabilities as of the advisory release date, and says it has not found publicly available proof-of-concept code or evidence that attackers are abusing the vulnerabilities in the wild.

    Show sources