Deep Security Center

RULE UPDATE: 26-034 (July 14, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Oracle E-Business Suite Web Interface
1012600 - Oracle E-Business Suite Payments Authentication Bypass Vulnerability (CVE-2026-46817)


Web Server Common
1012590 - Apache Ofbiz Code Injection Vulnerability (CVE-2026-46586)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-033 (July 9, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Server HTTPS
1012598 - ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability (CVE-2026-9775)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-032 (July 7, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Splunk Enterprise
1012595 - Splunk Enterprise Authentication Bypass Vulnerability (CVE-2026-20253)


Web Application PHP Based
1012574* - WordPress 'StoryChief' Plugin Unauthenticated RCE (CVE-2025-7441)


Web Server HTTPS
1012597 - Allegra Directory Traversal Information Disclosure Vulnerability (CVE-2026-11442)


Web Server Miscellaneous
1012572* - Adobe Commerce Improper Input Validation (CVE-2025-54236)
1012579* - Crawl4AI Hooks Code Execution Vulnerability (CVE-2026-26216)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-031 (June 30, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Oracle PeopleSoft PIA
1012585* - Oracle PeopleSoft Untrusted Data Deserialization Vulnerability (ZDI-CAN-31817)


Web Server Common
1012596 - Microsoft Exchange Server HTTP NTLM Password Spray


Web Server HTTPS
1012575 - WordPress 'Starter Templates' Plugin real_mimes Arbitrary File Upload (CVE-2025-13065)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-030 (June 25, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

OfficeScan
1012561* - Apex One Management Console Multiple Directory Traversal Vulnerabilities (CVE-2025-71210 & CVE-2025-71211)


Web Server Common
1012594 - CMS Made Simple News Module SQL Injection Vulnerability (CVE-2019-9053)


Web Server HTTPS
1012593 - Progress Software Kemp LoadMaster (CVE-2026-8037)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-029 (June 23, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Server Common
1012589 - Control Web Panel Command Injection Vulnerability (CVE-2025-67888)
1012578 - Fuxa Path Traversal Vulnerability (CVE-2026-25895)
1012559* - Microsoft Windows LNK Spoofing Vulnerability (CVE-2026-32202)


Web Server HTTPS
1012592 - Allegra Cross-Site Scripting Authentication Bypass Vulnerability(CVE-2026-11443)
1012588 - Drupal Core SQL Injection Vulnerability (CVE-2026-9082)


Web Server Miscellaneous
1012398* - XWiki SQL Injection Vulnerability (CVE-2025-32969)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-028 (June 18, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Server HTTPS
1012586 - Apache HTTP Server Remote Code Execution Vulnerability (CVE-2026-23918)
1012587 - IceWarp Path Traversal (CVE-2026-2493)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-027 (June 16, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Git Push
1012584 - GitHub Enterprise Server Command Injection Vulnerability (CVE-2026-3854)


Oracle PeopleSoft PIA
1012580* - Oracle PeopleSoft PeopleTools SSRF Vulnerability (CVE-2026-35273)
1012585 - Oracle PeopleSoft Untrusted Data Deserialization Vulnerability (ZDI-CAN-31817)


Web Server Common
1012560* - Zhiyuan OA platform Arbitrary File Upload Vulnerability (CVE-2025-34040)


Web Server HTTPS
1012583 - Netsweeper WebAdmin Portal Remote Code Execution Vulnerability (CVE-2020-13167)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-026 (June 11, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

ActiveMQ OpenWire
1012565 - Apache ActiveMQ Improper Input Validation Vulnerability (CVE-2026-34197)


Mail Server Common
1012562* - Microsoft Word Remote Code Execution Vulnerability (CVE-2026-40364)


Web Server Common
1012582 - Taiga Insecure Deserialization Vulnerability (CVE-2025-62368)


Web Server IIS
1012581 - HTTP.sys Denial of Service Vulnerability (CVE-2026-49160)


Web Server Miscellaneous
1012579 - Crawl4AI Hooks Code Execution Vulnerability (CVE-2026-26216)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 26-025 (June 9, 2026)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Apache Nifi
1012576 - Apache NiFi Remote Code Execution Vulnerability (CVE-2023-34468)


GhostCMS
1012577 - Ghost CMS SQL Injection Vulnerability (CVE-2026-26980)


Oracle PeopleSoft PIA
1012580 - Oracle PeopleSoft PeopleTools SSRF Vulnerability


Web Application Common
1012573 - Apache Nifi Missing Authorization Vulnerability (CVE-2026-39816)


Web Application PHP Based
1012574 - WordPress 'StoryChief' Plugin Unauthenticated RCE (CVE-2025-7441)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.