logo

U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog

ID: 9d8c6925-77c2-5328-9af5-4e6ff3cff9ac

STIX ID: report--9d8c6925-77c2-5328-9af5-4e6ff3cff9ac

Feed Name: Security Affairs

Threat Score
90/100

Date Published: 2026-06-30

Date Updated: 2026-07-02

Author: Pierluigi Paganini

...
...

CISA added CVE-2026-48558, a critical (CVSS 10.0) SimpleHelp OIDC authentication-bypass flaw, to its Known Exploited Vulnerabilities catalog after researchers and responders observed active exploitation that can grant unauthenticated attackers technician-level access (sometimes bypassing MFA). The issue affects widely exposed SimpleHelp servers, has associated malware (TaskWeaver, Djinn Stealer), published IoCs, and carries high risk of lateral movement, data theft, and privileged compromise — agencies were ordered to remediate by July 2, 2026.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.