U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog
ID: 9d8c6925-77c2-5328-9af5-4e6ff3cff9ac
STIX ID: report--9d8c6925-77c2-5328-9af5-4e6ff3cff9ac
Feed Name: Security Affairs
CISA added CVE-2026-48558, a critical (CVSS 10.0) SimpleHelp OIDC authentication-bypass flaw, to its Known Exploited Vulnerabilities catalog after researchers and responders observed active exploitation that can grant unauthenticated attackers technician-level access (sometimes bypassing MFA). The issue affects widely exposed SimpleHelp servers, has associated malware (TaskWeaver, Djinn Stealer), published IoCs, and carries high risk of lateral movement, data theft, and privileged compromise — agencies were ordered to remediate by July 2, 2026.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
