Pre-Auth

vulnerabilities 2026-04-21
Quest KACE SMA CVE-2025-32975: CVSS 10.0 SSO Auth Bypass Added to CISA KEV as Admin Takeover Campaign Continues
CISA added CVE-2025-32975 — a CVSS 10.0 SSO authentication bypass in Quest KACE Systems Management Appliance — to the KEV catalog on April 20, 2026. Federal agencies must patch by May 4. Exploitation has been in progress since March.
quest kace-sma authentication-bypass cisa-kev cve-2025-32975 pre-auth active-exploitation endpoint-management
vulnerabilities 2026-04-15
CVE-2026-21643: Pre-Auth SQL Injection in FortiClient EMS 7.4.4 Under Active Exploitation — CISA Deadline Tomorrow
Critical pre-authentication SQL injection in Fortinet FortiClient EMS 7.4.4 is being actively exploited. CISA KEV remediation deadline is April 16, 2026.
fortinet forticlient-ems sql-injection cisa-kev cve-2026-21643 pre-auth active-exploitation
vulnerabilities 2026-04-02 Critical
Oracle Identity Manager Pre-Auth RCE: CVE-2026-21992 Emergency Patch
Oracle issued an out-of-band emergency fix for CVE-2026-21992, a CVSS 9.8 unauthenticated RCE in Oracle Identity Manager's REST WebServices component affecting versions 12.2.1.4.0 and 14.1.2.1.0.
oracle identity-manager rce pre-auth cve-2026-21992 iam fusion-middleware

Quest KACE SMA CVE-2025-32975: CVSS 10.0 SSO Auth Bypass Added to CISA KEV as Admin Takeover Campaign Continues