Microsoft’s April 2026 Patch Tuesday delivers a heavy set of fixes: 168 vulnerabilities across Windows, Office, Azure components and developer tools. The release includes one confirmed actively exploited zero-day in SharePoint Server (CVE-2026-32201) and a publicly disclosed elevation-of-privilege flaw in Microsoft Defender (CVE-2026-33825). Beyond those high-visibility issues, eight vulnerabilities are rated Critical — most of them Remote Code Execution (RCE)
Tag: vulnerability management
Urgent Patching Required: Multiple VMware Aria Vulnerabilities Enable Remote Code Execution and Privilege Escalation
VMware’s Aria Operations — a cornerstone for many organizations’ cloud and infrastructure management — was thrust into the spotlight this week after Broadcom published VMSA-2026-0001, detailing three significant vulnerabilities. These flaws range from command injection that can lead to full remote code execution, to stored cross-site scripting that enables administrative actions, and a privilege escalation path from vCenter to Aria