【Vulnerability Alert】CISA Added 6 Known Exploited Vulnerabilities to the KEV Catalog (2026/06/22–2026/06/28)
Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2026062903065555 | Publication Time | 2026-06-29 15:28:56 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2026-06-29 15:28:56 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】CISA Added 6 Known Exploited Vulnerabilities to the KEV Catalog (2026/06/22–2026/06/28) |
|||
| [Content]
Forwarded from TWCERTCC Security Advisory TWCERTCC-200-202606-00000018 【CVE-2025-67038】Lantronix EDS5000 Code Injection Vulnerability (CVSS v3.1: 9.8) 【CVE-2026-34910】Ubiquiti UniFi OS Improper Input Validation Vulnerability (CVSS v3.1: 10.0) 【CVE-2026-34909】Ubiquiti UniFi OS Path Traversal Vulnerability (CVSS v3.1: 10.0) 【CVE-2026-34908】Ubiquiti UniFi OS Improper Access Control Vulnerability (CVSS v3.1: 10.0) 【CVE-2026-12569】PTC Windchill and FlexPLM Improper Input Validation Vulnerability (CVSS v3.1: 9.8) 【CVE-2026-20230】Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability (CVSS v3.1: 8.6) Information Sharing Level: WHITE (the intelligence content is information that may be publicly disclosed) |
|||
| [Affected Platform]
【CVE-2025-67038】Please refer to the affected versions listed by the official source https://www.lantronix.com/technical-support/security-updates/vulnerability-disclosure-policy/vulnerability-library/cve-2025-67038-eds-5000-eds-3000/?_gl=1*11k48gn*_up*MQ..*_ga*NzY1MzgwNjcxLjE3ODI2OTc0Nzg.*_ga_M2G6RLT5L3*czE3ODI2OTc0NzckbzEkZzEkdDE3ODI2OTc1NTckajYwJGwwJGgw 【CVE-2026-34910】Please refer to the affected versions listed by the official source https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b 【CVE-2026-34909】Please refer to the affected versions listed by the official source https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b 【CVE-2026-34908】Please refer to the affected versions listed by the official source https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b 【CVE-2026-12569】Please refer to the affected versions listed by the official source https://www.ptc.com/en/support/article/CS473270 【CVE-2026-20230】Please refer to the affected versions listed by the official source https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW |
|||
|
[Recommended Actions] 【CVE-2025-67038】The official source has released a fix update for the vulnerability. Please update to the relevant version https://www.lantronix.com/technical-support/security-updates/vulnerability-disclosure-policy/vulnerability-library/cve-2025-67038-eds-5000-eds-3000/?_gl=1*11k48gn*_up*MQ..*_ga*NzY1MzgwNjcxLjE3ODI2OTc0Nzg.*_ga_M2G6RLT5L3*czE3ODI2OTc0NzckbzEkZzEkdDE3ODI2OTc1NTckajYwJGwwJGgw 【CVE-2026-34910】The official source has released a fix update for the vulnerability. Please update to the relevant version https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b 【CVE-2026-34909】The official source has released a fix update for the vulnerability. Please update to the relevant version https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b 【CVE-2026-34908】The official source has released a fix update for the vulnerability. Please update to the relevant version https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b 【CVE-2026-12569】The official source has released a fix update for the vulnerability. Please update to the relevant version https://www.ptc.com/en/support/article/CS473270 【CVE-2026-20230】The official source has released a fix update for the vulnerability. Please update to the relevant version |
|||
|
[Reference] |
|||
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw





