HomeIntelligenceBrief
VULNERABILITY BRIEF🟠 High Vulnerability

Cisco Talos Discloses 18 New CVEs in WolfSSL, GeoVision, and VTK‑DICOM

Cisco Talos reported 18 new vulnerabilities affecting WolfSSL, GeoVision, and VTK‑DICOM, all of which have been patched. The breadth of flaws underscores the need for continuous control mapping and audit‑ready evidence in SOC 2 programs.

LiveThreat™ Intelligence · 📅 July 10, 2026· 📰 blog.talosintelligence.com
🟠
Severity
High
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
2 recommended
📰
Source
blog.talosintelligence.com

WolfSSL, GeoVision, and VTK-DICOM Vulnerabilities Disclosed by Cisco Talos

What Happened – Cisco Talos’ research team announced 18 new security flaws: two improper‑input‑validation bugs (CVE‑2026‑28739, CVE‑2026‑25106) and an integer‑underflow (CVE‑2026‑33091) in the WolfSSL TLS library; fourteen distinct issues across GeoVision products covering 37 CVEs (including memory corruption, command injection, buffer overflows, privilege escalation, XSS, and weak‑encryption flaws); and a single vulnerability in the VTK‑DICOM component of the Visualization Toolkit. All have been patched by the respective vendors.

Why It Matters for Compliance & Audit Readiness

  • These flaws illustrate why a SOC 2‑aligned program must maintain continuous control mapping: each vulnerability maps to security principles (e.g., CC6.1 – “The entity implements logical access security”) and must be tracked from discovery through remediation.
  • Evidence of timely patching and verification (e.g., Snort IDS rule updates, vendor patch receipts) serves as audit‑ready documentation for the “Change Management” and “Vulnerability Management” criteria of the SOC 2 Trust Services Criteria.
  • Leveraging a control‑mapping platform (Verisq’s Control Mapping capability) lets you automatically correlate CVE remediation to the relevant controls, generate continuous evidence, and demonstrate due diligence to auditors.

Who Is Affected – Organizations that embed WolfSSL in IoT/embedded devices, deploy GeoVision surveillance or access‑control solutions, or use VTK‑DICOM for medical imaging or scientific visualization. Typical sectors: technology/SaaS, manufacturing, healthcare, and government.

Recommended Actions

  • Map each CVE to the corresponding SOC 2 control (e.g., CC6.1, CC7.2) in your compliance repository.
  • Validate patch deployment across all affected assets; capture vendor patch notes and internal change‑management tickets as audit evidence.
  • Deploy or update IDS/IPS signatures (Snort rules) to detect any attempted exploitation while patches are applied.
  • Review your vulnerability‑management policy to ensure it mandates continuous monitoring of third‑party open‑source components.

Source: Cisco Talos – WolfSSL, GeoVision, VTK vulnerabilities

Technical Notes

  • WolfSSL: CVE‑2026‑28739 & CVE‑2026‑25106 (improper input validation), CVE‑2026‑33091 (integer underflow).
  • GeoVision: 14 advisories, 37 CVEs ranging from memory corruption (CVE‑2026‑12488) to OS command injection (CVE‑2026‑12486) and privilege escalation (CVE‑2026‑42368).
  • VTK‑DICOM: single vulnerability (details pending in the advisory).
  • All vendors have released patches; Talos provides Snort rule sets for detection.
📰 Original Source
https://blog.talosintelligence.com/wolfssl-vulnerabilities/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →