The Zero-Day Dispatch: Weekly Threat Intelligence Briefing (May 18 – May 24, 2026)

Weekly briefing (May 18–24, 2026) reporting 1,134 new vulnerabilities with 114 critical disclosures and nine vulnerabilities observed in active exploitation; notable issues include a CVSS 10.0 privilege escalation in the LiteSpeed cPanel plugin (CVE-2026-48172), a critical Drupal SQL injection (CVE-2026-9082), a Ghost CMS data exposure (CVE-2026-26980), hard-coded credentials in Four-Faith routers (CVE-2024-9643), an NGINX rewrite-module flaw (CVE-2026-42945), and a recurring VM2 sandbox escape (CVE-2026-47208), plus CISA KEV additions that include legacy 2008–2010 vulnerabilities; defenders are urged to patch immediately, isolate or decommission legacy systems, and audit edge devices.