HomeIntelligenceBrief
BREACH BRIEF

Vulnerability Brief — June 03, 2026

6 items in DIGEST_VULN digest.

LiveThreat™ Intelligence · 📅 June 03, 2026

⚠️ LiveThreat Vulnerability Brief — Jun 03, 2026

📊 6 vulnerabilities & exploits tracked impacting the supply chain

━━━━━━━━━━━━━━━━━━━━━━

💥 Critical Kirki Plugin Flaw (CVE‑2026‑8206) Enables WordPress Admin Account Hijack

A privilege‑escalation vulnerability in the Kirki visual‑builder plugin (CVE‑2026‑8206) is being actively exploited to hijack WordPress admin accounts. The flaw…

🔗 https://www.livethreat.ai/intelligence/critical-kirki-flaw-exploited-to-hijack-wordpress-admin-accounts-28013

💥 High‑Severity Privilege‑Escalation in Android Framework (CVE‑2025‑48595) Actively Exploited – June 2026 Patch Update

Google’s June 2026 Android security bulletin patches 124 flaws, including CVE‑2025‑48595, a privilege‑escalation vulnerability in the Framework component that i…

🔗 https://www.livethreat.ai/intelligence/google-june-2026-android-update-patches-124-flaws-one-actively-exploited-27932

💥 Gamaredon Exploits WinRAR Path‑Traversal (CVE‑2025‑8088) to Deploy GammaWorm & GammaSteel Targeting Ukrainian Entities

Gamaredon is leveraging CVE‑2025‑8088 in WinRAR to drop the GammaPhish HTA payload, which installs the data‑theft worm GammaWorm and the lateral‑movement tool G…

🔗 https://www.livethreat.ai/intelligence/gamaredon-exploits-winrar-to-deliver-gammaworm-and-gammasteel-against-ukraine-27933

💥 Active Exploitation of Oracle WebLogic Server (CVE‑2024‑21182) Triggers CISA KEV Listing

Oracle WebLogic Server (CVE‑2024‑21182) is now listed in the CISA Known Exploited Vulnerabilities catalog, confirming active attacks. The unauthenticated RCE ca…

🔗 https://www.livethreat.ai/intelligence/oracle-weblogic-cve-2024-21182-added-to-kev-catalog-after-active-exploitation-27934

💥 Google Patches Critical Android Framework Zero‑Day in June 2026 Update

Google’s June 2026 Android security update patches a zero‑day framework vulnerability that was actively exploited, along with several critical system bugs. Ente…

🔗 https://www.livethreat.ai/intelligence/google-patches-android-zero-day-vulnerability-in-june-2026-security-update-27912

💥 Critical Remote Access Vulnerability in Oracle WebLogic Server (CVE‑2024‑21182) Added to CISA KEV Catalog

🔗 https://www.livethreat.ai/intelligence/u-s-cisa-adds-oracle-weblogic-flaw-to-its-known-exploited-vulnerabilities-catalog-28000

━━━━━━━━━━━━━━━━━━━━━━

🛡️ How many of your vendors are running these affected systems?

📖 View all → https://www.livethreat.ai/vulnerabilities

🔔 Follow LiveThreat for daily TPRM intelligence

#Cybersecurity #ThreatIntel #TPRM #InfoSec #VendorRisk #BreachWatch #DoNotBeLarry #VerisqAI #LiveThreat

Monitor Your Vendor Risk with LiveThreat™

Get automated breach alerts, security scorecards, and intelligence briefs when your vendors are compromised.

Start Free Trial → Learn About Scorecards
← All Intelligence Briefs Breach Watch Feed →