Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2026070805075353 | Publication Time | 2026-07-08 17:16:54 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2026-07-08 17:16:54 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】CISA Added 2 Known Exploited Vulnerabilities to the KEV Catalog (2026/06/29-2026/07/05) |
|||
| [Content]
Forwarded from TWCERTCC Cybersecurity Alert TWCERTCC-200-202607-00000003 【CVE-2026-48558】SimpleHelp Authentication Bypass Vulnerability (CVSS v3.1: 10.0) 【CVE-2026-45659】Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 8.8) Information Sharing Level: WHITE (the intelligence content is information that may be publicly disclosed) |
|||
| [Affected Platform]
【CVE-2026-48558】Please refer to the affected versions listed by the official vendor https://simple-help.com/security/simplehelp-security-update-2026-05 【CVE-2026-45659】Please refer to the affected versions listed by the official vendor https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659 |
|||
|
[Recommended Actions] 【CVE-2026-48558】The official vendor has released a remediation update for the vulnerability. Please update to the relevant version https://simple-help.com/security/simplehelp-security-update-2026-05 【CVE-2026-45659】The official vendor has released a remediation update for the vulnerability. Please update to the relevant version https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659 |
|||
|
[Reference] |
|||