Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apache Nifi
1012576 - Apache NiFi Remote Code Execution Vulnerability (CVE-2023-34468)
GhostCMS
1012577 - Ghost CMS SQL Injection Vulnerability (CVE-2026-26980)
Oracle PeopleSoft PIA
1012580 - Oracle PeopleSoft PeopleTools SSRF Vulnerability
Web Application Common
1012573 - Apache Nifi Missing Authorization Vulnerability (CVE-2026-39816)
Web Application PHP Based
1012574 - WordPress 'StoryChief' Plugin Unauthenticated RCE (CVE-2025-7441)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apache Nifi
1012576 - Apache NiFi Remote Code Execution Vulnerability (CVE-2023-34468)
GhostCMS
1012577 - Ghost CMS SQL Injection Vulnerability (CVE-2026-26980)
Oracle PeopleSoft PIA
1012580 - Oracle PeopleSoft PeopleTools SSRF Vulnerability
Web Application Common
1012573 - Apache Nifi Missing Authorization Vulnerability (CVE-2026-39816)
Web Application PHP Based
1012574 - WordPress 'StoryChief' Plugin Unauthenticated RCE (CVE-2025-7441)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
IRC Client Common
1012569 - Unrealircd Command Execution Vulnerability (CVE-2010-2075)
Langflow
1012551* - Langflow Remote Code Execution Vulnerability (CVE-2026-33017)
LiteLLM
1012558* - BerryAI LiteLLM SQL Injection Vulnerability (CVE-2026-42208)
OfficeScan
1002843* - OfficeScan 'cgiRecvFile.exe' Buffer Overflow
1010039* - OfficeScan Directory Traversal Vulnerability (CVE-2019-18187)
Owntone-Server
1012570* - Owntone-Server Recursive Buffer Overflow Vulnerability (CVE-2025-44560)
Solr Service
1012571 - Apache Solr Input Validation Vulnerability (CVE-2026-22444)
Trend Micro Control Manager
1004890* - Control Manager 'CmdProcessor.exe' Remote Code Execution Vulnerability
Web Server HTTPS
1012548 - WordPress 'Advanced Forms' Plugin Remote Code Execution Vulnerability (CVE-2025-13486)
1012566 - WordPress 'Ninja Forms' Plugin Arbitrary File Upload Vulnerability (CVE-2026-0740)
Web Server Miscellaneous
1012572 - Adobe Commerce Improper Input Validation (CVE-2025-54236)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
IRC Client Common
1012569 - Unrealircd Command Execution Vulnerability (CVE-2010-2075)
Langflow
1012551* - Langflow Remote Code Execution Vulnerability (CVE-2026-33017)
LiteLLM
1012558* - BerryAI LiteLLM SQL Injection Vulnerability (CVE-2026-42208)
OfficeScan
1002843* - OfficeScan 'cgiRecvFile.exe' Buffer Overflow
1010039* - OfficeScan Directory Traversal Vulnerability (CVE-2019-18187)
Owntone-Server
1012570* - Owntone-Server Recursive Buffer Overflow Vulnerability (CVE-2025-44560)
Solr Service
1012571 - Apache Solr Input Validation Vulnerability (CVE-2026-22444)
Trend Micro Control Manager
1004890* - Control Manager 'CmdProcessor.exe' Remote Code Execution Vulnerability
Web Server HTTPS
1012548 - WordPress 'Advanced Forms' Plugin Remote Code Execution Vulnerability (CVE-2025-13486)
1012566 - WordPress 'Ninja Forms' Plugin Arbitrary File Upload Vulnerability (CVE-2026-0740)
Web Server Miscellaneous
1012572 - Adobe Commerce Improper Input Validation (CVE-2025-54236)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Apex Central MsgReceiver
1012525* - Apex Central Remote Code Execution Vulnerability (CVE-2025-69258)
OfficeScan
1012561 - Apex One Management Console Multiple Directory Traversal Vulnerabilities (CVE-2025-71210 & CVE-2025-71211)
1012568 - TrendAI Apex One Server Directory Traversal Vulnerability
Owntone-Server
1012570 - Owntone-Server Recursive Buffer Overflow Vulnerability (CVE-2025-44560)
WSO2
1012549* - WSO2 Multiple Products Arbitrary File Upload Vulnerability (CVE-2025-3125)
Web Server Common
1012560 - Zhiyuan OA platform Arbitrary File Upload Vulnerability (CVE-2025-34040)
Web Server HTTPS
1011773* - Apex Central SQL Injection Vulnerability (CVE-2023-32529)
1012546* - BeyondTrust Remote Support Command Injection Vulnerability (CVE-2026-1731)
1012567 - Nginx Buffer Overflow Vulnerability (CVE-2026-42945)
cPanel
1012556* - cPanel WHM Authentication Bypass Vulnerability (CVE-2026-41940)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Apex Central MsgReceiver
1012525* - Apex Central Remote Code Execution Vulnerability (CVE-2025-69258)
OfficeScan
1012561 - Apex One Management Console Multiple Directory Traversal Vulnerabilities (CVE-2025-71210 & CVE-2025-71211)
1012568 - TrendAI Apex One Server Directory Traversal Vulnerability
Owntone-Server
1012570 - Owntone-Server Recursive Buffer Overflow Vulnerability (CVE-2025-44560)
WSO2
1012549* - WSO2 Multiple Products Arbitrary File Upload Vulnerability (CVE-2025-3125)
Web Server Common
1012560 - Zhiyuan OA platform Arbitrary File Upload Vulnerability (CVE-2025-34040)
Web Server HTTPS
1011773* - Apex Central SQL Injection Vulnerability (CVE-2023-32529)
1012546* - BeyondTrust Remote Support Command Injection Vulnerability (CVE-2026-1731)
1012567 - Nginx Buffer Overflow Vulnerability (CVE-2026-42945)
cPanel
1012556* - cPanel WHM Authentication Bypass Vulnerability (CVE-2026-41940)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
LiteLLM
1012558 - BerryAI LiteLLM SQL Injection Vulnerability (CVE-2026-42208)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
LiteLLM
1012558 - BerryAI LiteLLM SQL Injection Vulnerability (CVE-2026-42208)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Mail Server Common
1012562 - Microsoft Word Remote Code Execution Vulnerability (CVE-2026-40364)
Server CLDAP
1012563 - Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)
Web Server HTTPS
1012564 - Microsoft Exchange Server Cross-Site Scripting Vulnerability (CVE-2026-42897)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Mail Server Common
1012562 - Microsoft Word Remote Code Execution Vulnerability (CVE-2026-40364)
Server CLDAP
1012563 - Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)
Web Server HTTPS
1012564 - Microsoft Exchange Server Cross-Site Scripting Vulnerability (CVE-2026-42897)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Langflow
1012551 - Langflow Remote Code Execution Vulnerability (CVE-2026-33017)
Web Client HTTPS
1012375* - Apex Central Deserialization Of Untrusted Data Vulnerability (CVE-2025-49220)
Web Server Common
1012559 - Microsoft Windows LNK Spoofing Vulnerability (CVE-2026-32202)
Web Server HTTPS
1011944* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52326)
1011953* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52327)
1011952* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52328)
1011951* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52330)
1011967* - Apex Central File Upload Vulnerability (CVE-2023-52324)
1011943* - Apex Central Local File Inclusion Vulnerability (CVE-2023-52325)
1012371* - Apex Central Local File Inclusion Vulnerability (CVE-2025-47865)
1012372* - Apex Central Local File Inclusion Vulnerability (CVE-2025-47867)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Langflow
1012551 - Langflow Remote Code Execution Vulnerability (CVE-2026-33017)
Web Client HTTPS
1012375* - Apex Central Deserialization Of Untrusted Data Vulnerability (CVE-2025-49220)
Web Server Common
1012559 - Microsoft Windows LNK Spoofing Vulnerability (CVE-2026-32202)
Web Server HTTPS
1011944* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52326)
1011953* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52327)
1011952* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52328)
1011951* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-52330)
1011967* - Apex Central File Upload Vulnerability (CVE-2023-52324)
1011943* - Apex Central Local File Inclusion Vulnerability (CVE-2023-52325)
1012371* - Apex Central Local File Inclusion Vulnerability (CVE-2025-47865)
1012372* - Apex Central Local File Inclusion Vulnerability (CVE-2025-47867)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Server HTTPS
1012555 - Wordpress 'Motors' Theme Elevation of Privilege Vulnerability (CVE-2025-4322)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Server HTTPS
1012555 - Wordpress 'Motors' Theme Elevation of Privilege Vulnerability (CVE-2025-4322)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
cPanel
1012556 - cPanel WHM Authentication Bypass Vulnerability (CVE-2026-41940)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
cPanel
1012556 - cPanel WHM Authentication Bypass Vulnerability (CVE-2026-41940)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1010214* - Identified ApexOne Backup Folder Access
Langflow
1012547* - Langflow Remote Code Execution Vulnerability (CVE-2026-0768)
Trend Micro Control Manager
1008799* - Control Manager 'cmdHandlerFileHandling' Directory Traversal Remote Code Execution Vulnerability (CVE-2017-11389)
Trend Micro ServerProtect EarthAgent
1011312* - Identified Usage Of ServerProtect Static Credential
WSO2
1012549 - WSO2 Multiple Products Arbitrary File Upload Vulnerability (CVE-2025-3125)
Web Client Internet Explorer/Edge
1001426* - Microsoft Internet Explorer OfficeScan Client ActiveX Control Buffer Overflow
Web Server HTTPS
1011349* - Apex Central And Control Manager Remote Code Execution Vulnerability (CVE-2022-26871)
1011768* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011766* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32532)
1011767* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)
1011810* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32535)
Web Server SharePoint
1012542* - Microsoft SharePoint Server SQL Injection Vulnerability (CVE-2026-20947) - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1010214* - Identified ApexOne Backup Folder Access
Langflow
1012547* - Langflow Remote Code Execution Vulnerability (CVE-2026-0768)
Trend Micro Control Manager
1008799* - Control Manager 'cmdHandlerFileHandling' Directory Traversal Remote Code Execution Vulnerability (CVE-2017-11389)
Trend Micro ServerProtect EarthAgent
1011312* - Identified Usage Of ServerProtect Static Credential
WSO2
1012549 - WSO2 Multiple Products Arbitrary File Upload Vulnerability (CVE-2025-3125)
Web Client Internet Explorer/Edge
1001426* - Microsoft Internet Explorer OfficeScan Client ActiveX Control Buffer Overflow
Web Server HTTPS
1011349* - Apex Central And Control Manager Remote Code Execution Vulnerability (CVE-2022-26871)
1011768* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32531)
1011766* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32532)
1011767* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32533)
1011810* - Apex Central Cross-Site Scripting Vulnerability (CVE-2023-32535)
Web Server SharePoint
1012542* - Microsoft SharePoint Server SQL Injection Vulnerability (CVE-2026-20947) - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Kerberos KDC Server
1012552 - Identified Kerberos PKINIT AD CS Certificate Impersonation via Certipy
1012336* - Microsoft Windows Kerberos Security Feature Bypass Vulnerability (CVE-2025-29809)
Trend Micro Control Manager
1008760* - Control Manager SQL Injection Vulnerability (CVE-2017-11383)
1008589* - Control Manager cmdHandlerLicenseManager SQL Injection Vulnerability (CVE-2017-11384)
1008721* - Control Manager cmdHandlerStatusMonitor SQL Injection Vulnerability (CVE-2017-11385)
Web Server Common
1010697* - InterScan Messaging Security Virtual Appliance Widget Information Disclosure Vulnerability (CVE-2020-27019)
Web Server HTTPS
1008293* - Control Manager Download Multiple Directory Traversal Information Disclosure Vulnerabilities
1008857* - Control Manager Multiple SQL Injection Remote Code Execution Vulnerability (CVE-2018-3604)
1012461* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-55296)
Web Server Miscellaneous
1010627* - InterScan Web Security Virtual Appliance Buffer Overflow Vulnerability (CVE-2020-28578)
Web Server SharePoint
1012554 - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2026-32201)
Windows SMB Server
1012219* - Deep Security Agent Command Injection Vulnerability (CVE-2024-51503)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Kerberos KDC Server
1012552 - Identified Kerberos PKINIT AD CS Certificate Impersonation via Certipy
1012336* - Microsoft Windows Kerberos Security Feature Bypass Vulnerability (CVE-2025-29809)
Trend Micro Control Manager
1008760* - Control Manager SQL Injection Vulnerability (CVE-2017-11383)
1008589* - Control Manager cmdHandlerLicenseManager SQL Injection Vulnerability (CVE-2017-11384)
1008721* - Control Manager cmdHandlerStatusMonitor SQL Injection Vulnerability (CVE-2017-11385)
Web Server Common
1010697* - InterScan Messaging Security Virtual Appliance Widget Information Disclosure Vulnerability (CVE-2020-27019)
Web Server HTTPS
1008293* - Control Manager Download Multiple Directory Traversal Information Disclosure Vulnerabilities
1008857* - Control Manager Multiple SQL Injection Remote Code Execution Vulnerability (CVE-2018-3604)
1012461* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-55296)
Web Server Miscellaneous
1010627* - InterScan Web Security Virtual Appliance Buffer Overflow Vulnerability (CVE-2020-28578)
Web Server SharePoint
1012554 - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2026-32201)
Windows SMB Server
1012219* - Deep Security Agent Command Injection Vulnerability (CVE-2024-51503)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.