Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

Ivanti, Fortinet, SAP, Broadcom, and n8n released security fixes on 2026-05-18 for flaws that could enable authentication bypass, remote code execution, SQL injection, and privilege escalation. The roundup includes Ivanti Xtraction CVE-2026-8043, FortiAuthenticator/FortiSandbox vulnerabilities, SAP S/4HANA and SAP Commerce cloud issues, VMware Fusion CVE-2026-41702, and five n8n vulnerabilities. Fixes landed in versions including 2026.2, 6.5.7/6.6.9/8.0.3, 4.4.9/5.0.2/5.0.6, 26H1, and 1.123.32/1.123.43.

Related Happenings

Pretalx version 2026.1.0 security update for CVE-2026-41241

Security Patch Release
First: 27.05.2026 17:30 Last: 27.05.2026 17:30 Sources 1

About this happening: **Pretalx** released **version 2026.1.0** to patch **CVE-2026-41241**, a **stored XSS** flaw that could compromise organizer accounts in conference deployments. The update closes...

Open Happening

Drupal core security update for CVE-2026-9082

Security Patch Release
First: 22.05.2026 16:14 Last: 22.05.2026 16:14 Sources 1

About this happening: **Drupal** released security updates for **CVE-2026-9082**, a highly critical SQL injection flaw affecting **PostgreSQL**-backed sites, and urged administrators to **upgrade immed...

Open Happening

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Open Happening

NGINX rewrite-rule workaround for CVE-2026-42945

Advisory/Mitigation
First: 14.05.2026 18:43 Last: 14.05.2026 18:43 Sources 1

About this happening: **F5** issued a **workaround** for vulnerable **NGINX rewrite rules**, reducing exposure to **CVE-2026-42945** for operators who cannot upgrade immediately. The guidance replaces...

Open Happening

Linux distros patch release for Fragnasia (CVE-2026-46300)

Security Patch Release
First: 14.05.2026 10:34 Last: 14.05.2026 10:34 Sources 1

About this happening: Linux distros are rolling out **patches** for **CVE-2026-46300**, a high-severity kernel flaw that can let unprivileged local attackers gain **root** on vulnerable Linux systems....

Open Happening

Timeline

  1. 18.05.2026 13:54 2 articles · 9d ago

    Multi-vendor security fixes for Ivanti, Fortinet, SAP, Broadcom, and n8n

    Initial Disclosure

    Ivanti, Fortinet, SAP, Broadcom, and n8n released security fixes for vulnerabilities that could enable authentication bypass, remote code execution, SQL injection, information disclosure, and local privilege escalation. The patched issues include CVE-2026-8043 in Ivanti Xtraction; CVE-2026-44277 in FortiAuthenticator; CVE-2026-26083 in FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS; CVE-2026-34260 in SAP S/4HANA; CVE-2026-34263 in SAP Commerce cloud configuration; CVE-2026-41702 in VMware Fusion; and five n8n flaws affecting xml2js-based XML parsing, prototype pollution, workflow modification, and Git node CLI flag injection.

    Show sources
    Open in new tab