Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Kerberos KDC Server
1012552 - Identified Kerberos PKINIT AD CS Certificate Impersonation via Certipy
1012336* - Microsoft Windows Kerberos Security Feature Bypass Vulnerability (CVE-2025-29809)
Trend Micro Control Manager
1008760* - Control Manager SQL Injection Vulnerability (CVE-2017-11383)
1008589* - Control Manager cmdHandlerLicenseManager SQL Injection Vulnerability (CVE-2017-11384)
1008721* - Control Manager cmdHandlerStatusMonitor SQL Injection Vulnerability (CVE-2017-11385)
Web Server Common
1010697* - InterScan Messaging Security Virtual Appliance Widget Information Disclosure Vulnerability (CVE-2020-27019)
Web Server HTTPS
1008293* - Control Manager Download Multiple Directory Traversal Information Disclosure Vulnerabilities
1008857* - Control Manager Multiple SQL Injection Remote Code Execution Vulnerability (CVE-2018-3604)
1012461* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-55296)
Web Server Miscellaneous
1010627* - InterScan Web Security Virtual Appliance Buffer Overflow Vulnerability (CVE-2020-28578)
Web Server SharePoint
1012554 - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2026-32201)
Windows SMB Server
1012219* - Deep Security Agent Command Injection Vulnerability (CVE-2024-51503)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Kerberos KDC Server
1012552 - Identified Kerberos PKINIT AD CS Certificate Impersonation via Certipy
1012336* - Microsoft Windows Kerberos Security Feature Bypass Vulnerability (CVE-2025-29809)
Trend Micro Control Manager
1008760* - Control Manager SQL Injection Vulnerability (CVE-2017-11383)
1008589* - Control Manager cmdHandlerLicenseManager SQL Injection Vulnerability (CVE-2017-11384)
1008721* - Control Manager cmdHandlerStatusMonitor SQL Injection Vulnerability (CVE-2017-11385)
Web Server Common
1010697* - InterScan Messaging Security Virtual Appliance Widget Information Disclosure Vulnerability (CVE-2020-27019)
Web Server HTTPS
1008293* - Control Manager Download Multiple Directory Traversal Information Disclosure Vulnerabilities
1008857* - Control Manager Multiple SQL Injection Remote Code Execution Vulnerability (CVE-2018-3604)
1012461* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2025-55296)
Web Server Miscellaneous
1010627* - InterScan Web Security Virtual Appliance Buffer Overflow Vulnerability (CVE-2020-28578)
Web Server SharePoint
1012554 - Microsoft SharePoint Server Spoofing Vulnerability (CVE-2026-32201)
Windows SMB Server
1012219* - Deep Security Agent Command Injection Vulnerability (CVE-2024-51503)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
SNMP Server
1012537* - Net-SNMP Buffer Overflow Vulnerability (CVE-2025-68615)
SmarterTools SmarterMail
1012543* - SmarterTools SmarterMail Arbitrary File Upload Vulnerability (CVE-2025-52691)
Splunk Enterprise
1012550* - Splunk Enterprise Remote Code Execution Vulnerability (CVE-2024-36985)
Trend Micro InterScan Web Security Virtual Appliance
1010665* - InterScan Web Security Virtual Appliance Multiple Security Vulnerabilities
Trend Micro Mobile Security Server
1011957* - Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41176)
1011964* - Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41177)
Web Server Common
1010630* - InterScan Web Security Virtual Appliance Command Injection Vulnerability (CVE-2020-8605)
Web Server HTTPS
1012546 - BeyondTrust Remote Support Command Injection Vulnerability (CVE-2026-1731)
1012532* - FreePBX Endpoint Manager Command Injection Vulnerability (CVE-2025-64328)
1012535* - WordPress 'Eventin' Path Traversal Vulnerability (CVE-2025-47445)
1012528* - WordPress 'The Events Calendar' Plugin SQL Injection Vulnerability (CVE-2025-12197)
Web Server Miscellaneous
1004267* - InterScan Web Security Virtual Appliance Cross Site Request Forgery Vulnerability
1004258* - InterScan Web Security Virtual Appliance Multiple Vulnerabilities
1010626* - Interscan Web Security Virtual Appliance 'libuiauutil.so' Buffer Overflow Vulnerability (CVE-2020-28579)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
SNMP Server
1012537* - Net-SNMP Buffer Overflow Vulnerability (CVE-2025-68615)
SmarterTools SmarterMail
1012543* - SmarterTools SmarterMail Arbitrary File Upload Vulnerability (CVE-2025-52691)
Splunk Enterprise
1012550* - Splunk Enterprise Remote Code Execution Vulnerability (CVE-2024-36985)
Trend Micro InterScan Web Security Virtual Appliance
1010665* - InterScan Web Security Virtual Appliance Multiple Security Vulnerabilities
Trend Micro Mobile Security Server
1011957* - Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41176)
1011964* - Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41177)
Web Server Common
1010630* - InterScan Web Security Virtual Appliance Command Injection Vulnerability (CVE-2020-8605)
Web Server HTTPS
1012546 - BeyondTrust Remote Support Command Injection Vulnerability (CVE-2026-1731)
1012532* - FreePBX Endpoint Manager Command Injection Vulnerability (CVE-2025-64328)
1012535* - WordPress 'Eventin' Path Traversal Vulnerability (CVE-2025-47445)
1012528* - WordPress 'The Events Calendar' Plugin SQL Injection Vulnerability (CVE-2025-12197)
Web Server Miscellaneous
1004267* - InterScan Web Security Virtual Appliance Cross Site Request Forgery Vulnerability
1004258* - InterScan Web Security Virtual Appliance Multiple Vulnerabilities
1010626* - Interscan Web Security Virtual Appliance 'libuiauutil.so' Buffer Overflow Vulnerability (CVE-2020-28579)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Langflow
1012547 - Langflow Remote Code Execution Vulnerability (CVE-2026-0768)
Trend Micro Mobile Security Server
1011963* - Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41178)
1011746* - Mobile Security Server File Deletion Vulnerability (CVE-2023-32521 and CVE-2023-32522)
1011742* - Mobile Security Server Information Disclosure Vulnerability
Trend Micro OfficeScan
1002987* - OfficeScan CGI Parsing Buffer Overflow
Trend Micro OfficeScan Policy Server
1001834* - OfficeScan CGI Password Decryption Buffer Overflow
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Langflow
1012547 - Langflow Remote Code Execution Vulnerability (CVE-2026-0768)
Trend Micro Mobile Security Server
1011963* - Mobile Security Server Cross-Site Scripting Vulnerability (CVE-2023-41178)
1011746* - Mobile Security Server File Deletion Vulnerability (CVE-2023-32521 and CVE-2023-32522)
1011742* - Mobile Security Server Information Disclosure Vulnerability
Trend Micro OfficeScan
1002987* - OfficeScan CGI Parsing Buffer Overflow
Trend Micro OfficeScan Policy Server
1001834* - OfficeScan CGI Password Decryption Buffer Overflow
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Splunk Enterprise
1012550 - Splunk Enterprise Remote Code Execution Vulnerability (CVE-2024-36985)
Web Server HTTPS
1012545 - Alibaba Fastjson JNDI Injection Vulnerability (CVE-2025-70974)
1012544 - WordPress 'WUX Blog Editor' Remote Code Execution Vulnerability (CVE-2024-9932)
Web Server SharePoint
1012542 - Microsoft SharePoint Server SQL Injection Vulnerability (CVE-2026-20947) - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Splunk Enterprise
1012550 - Splunk Enterprise Remote Code Execution Vulnerability (CVE-2024-36985)
Web Server HTTPS
1012545 - Alibaba Fastjson JNDI Injection Vulnerability (CVE-2025-70974)
1012544 - WordPress 'WUX Blog Editor' Remote Code Execution Vulnerability (CVE-2024-9932)
Web Server SharePoint
1012542 - Microsoft SharePoint Server SQL Injection Vulnerability (CVE-2026-20947) - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Figma MCP Server
1012529* - Framelink Figma MCP Server Remote Code Execution Vulnerability (CVE-2025-15061)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Figma MCP Server
1012529* - Framelink Figma MCP Server Remote Code Execution Vulnerability (CVE-2025-15061)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Amazon Client
1012374* - AWS RequestId
Microsoft Configuration Manager
1012519* - Microsoft Configuration Manager Elevation of Privilege Vulnerability (CVE-2025-55320) - 1
Redis Server
1012520* - Redis Remote Code Execution Vulnerability (CVE-2025-49844)
SmarterTools SmarterMail
1012543 - SmarterTools SmarterMail Arbitrary File Upload Vulnerability (CVE-2025-52691)
Web Server HTTPS
1012535* - WordPress 'Eventin' Path Traversal Vulnerability (CVE-2025-47445)
1012541 - WordPress 'LA-Studio Element Kit for Elementor' Plugin Elevation of Privilege Vulnerability (CVE-2026-0920)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Amazon Client
1012374* - AWS RequestId
Microsoft Configuration Manager
1012519* - Microsoft Configuration Manager Elevation of Privilege Vulnerability (CVE-2025-55320) - 1
Redis Server
1012520* - Redis Remote Code Execution Vulnerability (CVE-2025-49844)
SmarterTools SmarterMail
1012543 - SmarterTools SmarterMail Arbitrary File Upload Vulnerability (CVE-2025-52691)
Web Server HTTPS
1012535* - WordPress 'Eventin' Path Traversal Vulnerability (CVE-2025-47445)
1012541 - WordPress 'LA-Studio Element Kit for Elementor' Plugin Elevation of Privilege Vulnerability (CVE-2026-0920)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Telnet Server
1012523* - Telnetd GNU InetUtils Authentication Bypass Vulnerability (CVE-2026-24061)
Web Server Adobe ColdFusion
1012509* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2025-43566)
Web Server HTTPS
1012532 - FreePBX Endpoint Manager Command Injection Vulnerability (CVE-2025-64328)
1012528 - WordPress 'The Events Calendar' Plugin SQL Injection Vulnerability (CVE-2025-12197)
1012535 - WordPress 'Themewinter Eventin' Path Traversal Vulnerability (CVE-2025-47445)
Web Server Nagios
1012481* - Nagios XI Command Injection Vulnerability (CVE-2025-34227)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Telnet Server
1012523* - Telnetd GNU InetUtils Authentication Bypass Vulnerability (CVE-2026-24061)
Web Server Adobe ColdFusion
1012509* - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2025-43566)
Web Server HTTPS
1012532 - FreePBX Endpoint Manager Command Injection Vulnerability (CVE-2025-64328)
1012528 - WordPress 'The Events Calendar' Plugin SQL Injection Vulnerability (CVE-2025-12197)
1012535 - WordPress 'Themewinter Eventin' Path Traversal Vulnerability (CVE-2025-47445)
Web Server Nagios
1012481* - Nagios XI Command Injection Vulnerability (CVE-2025-34227)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Figma MCP Server
1012529 - Framelink Figma MCP Server Remote Code Execution Vulnerability (CVE-2025-15061)
Web Server HTTPS
1012515* - GeoServer XML External Entity Vulnerability (CVE-2025-58360)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Figma MCP Server
1012529 - Framelink Figma MCP Server Remote Code Execution Vulnerability (CVE-2025-15061)
Web Server HTTPS
1012515* - GeoServer XML External Entity Vulnerability (CVE-2025-58360)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Ivanti Avalanche
1012411* - Ivanti Avalanche Enterprise Service Arbitrary File Upload Vulnerability (CVE-2021-42125)
MindsDB
1012534 - MindsDB Path Traversal Vulnerability (CVE-2025-68472)
Oracle E-Business Suite Web Interface
1012464* - Oracle E-Business Suite Server-Side Request Forgery Vulnerability (CVE-2025-61882 and CVE-2025-61884)
SNMP Server
1012537 - Net-SNMP Buffer Overflow Vulnerability (CVE-2025-68615)
SmarterTools SmarterMail
1012539 - SmarterTools SmarterMail Authentication Bypass Vulnerability (CVE-2026-23760)
Web Application PHP Based
1012526 - Wordpress 'News and Blog Designer Bundle' Plugin Local File Inclusion Vulnerability (CVE-2025-14502)
Web Server Common
1012536 - IOTSuite SQL Injection Vulnerability (CVE-2025-52694)
Web Server HTTPS
1012314* - Cacti CRLF Injection Vulnerability (CVE-2025-24367)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Ivanti Avalanche
1012411* - Ivanti Avalanche Enterprise Service Arbitrary File Upload Vulnerability (CVE-2021-42125)
MindsDB
1012534 - MindsDB Path Traversal Vulnerability (CVE-2025-68472)
Oracle E-Business Suite Web Interface
1012464* - Oracle E-Business Suite Server-Side Request Forgery Vulnerability (CVE-2025-61882 and CVE-2025-61884)
SNMP Server
1012537 - Net-SNMP Buffer Overflow Vulnerability (CVE-2025-68615)
SmarterTools SmarterMail
1012539 - SmarterTools SmarterMail Authentication Bypass Vulnerability (CVE-2026-23760)
Web Application PHP Based
1012526 - Wordpress 'News and Blog Designer Bundle' Plugin Local File Inclusion Vulnerability (CVE-2025-14502)
Web Server Common
1012536 - IOTSuite SQL Injection Vulnerability (CVE-2025-52694)
Web Server HTTPS
1012314* - Cacti CRLF Injection Vulnerability (CVE-2025-24367)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Configuration Manager
1012519 - Microsoft Configuration Manager Elevation of Privilege Vulnerability (CVE-2025-55320) - 1
Redis Server
1012520 - Redis Remote Code Execution Vulnerability (CVE-2025-49844)
Web Application PHP Based
1012530 - WordPress 'Service Finder Bookings' Plugin Privilege Escalation Vulnerability (CVE-2025-23970)
Web Server Adobe ColdFusion
1012404* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)
Web Server HTTPS
1012521* - HPE OneView Remote Code Execution Vulnerability (CVE-2025-37164)
1012527 - WordPress 'GreenShift - Animation and Page Builder Blocks' Plugin Arbitrary File Upload Vulnerability (CVE-2025-3616)
Webmin
1012479* - Webmin Cross-Site Scripting Vulnerability (CVE-2020-8821)
Zoho ManageEngine AssetExplorer_SupportCenter Plus_ADManager Plus
1012517* - Zoho ManageEngine Analytics Plus SQL Injection Vulnerability (CVE-2025-9428)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Microsoft Configuration Manager
1012519 - Microsoft Configuration Manager Elevation of Privilege Vulnerability (CVE-2025-55320) - 1
Redis Server
1012520 - Redis Remote Code Execution Vulnerability (CVE-2025-49844)
Web Application PHP Based
1012530 - WordPress 'Service Finder Bookings' Plugin Privilege Escalation Vulnerability (CVE-2025-23970)
Web Server Adobe ColdFusion
1012404* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)
Web Server HTTPS
1012521* - HPE OneView Remote Code Execution Vulnerability (CVE-2025-37164)
1012527 - WordPress 'GreenShift - Animation and Page Builder Blocks' Plugin Arbitrary File Upload Vulnerability (CVE-2025-3616)
Webmin
1012479* - Webmin Cross-Site Scripting Vulnerability (CVE-2020-8821)
Zoho ManageEngine AssetExplorer_SupportCenter Plus_ADManager Plus
1012517* - Zoho ManageEngine Analytics Plus SQL Injection Vulnerability (CVE-2025-9428)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.