This Week in Security - Week 20, May 2026

Weekly security intelligence digest covering the most critical vulnerabilities, threats, and breach news from the past week.

🚨 Critical: CISA Known Exploited Vulnerabilities

These vulnerabilities are being actively exploited in the wild. Immediate action required.

CVE-2026-42208: BerriAI LiteLLM SQL Injection Vulnerability

Vendor/Product: BerriAI LiteLLM

Description: BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy’s database and potentially modify it, leading to unauthorised access to the proxy and the credentials it manages.

Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA Due Date: 2026-05-11 ⚠️ Deadline is today

Reference: CVE-2026-42208 - NVD

Expert take: This one stands out because of what LiteLLM is: a proxy layer that sits between your applications and multiple AI model APIs, managing routing, rate limiting, and credentials for services like OpenAI, Anthropic, Azure OpenAI, and others. A SQL injection vulnerability in that proxy means an attacker can read the database — and the credentials it stores. That’s not just a data breach, that’s potentially your entire AI API key inventory being exposed. If your org is using LiteLLM in any capacity — especially in a shared or multi-tenant setup — treat this as a credentials rotation event, not just a patching task. Patch today, then audit what API keys were stored in the proxy and rotate anything that could have been accessed.

CVE-2026-6973: Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability

Vendor/Product: Ivanti Endpoint Manager Mobile (EPMM)

Description: Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.

Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA Due Date: 2026-05-10 ⚠️ Deadline has passed

Reference: CVE-2026-6973 - NVD

Expert take: Ivanti EPMM has now appeared on the KEV list multiple times — Week 16 covered CVE-2026-1340, and here it is again. At some point, repeated appearances on the active exploitation list have to trigger a broader conversation about whether this product belongs in your environment at all. This specific CVE requires authenticated admin access to exploit, which is a slightly higher bar than unauthenticated RCE — but CISA still pushed a four-day patch deadline to federal agencies, which tells you how seriously they’re treating it (see the news section below). If you’re running EPMM and haven’t patched CVE-2026-1340 from April yet, both need to be addressed immediately. And if this product keeps showing up here, the risk conversation is overdue.

CVE-2026-0300: Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability

Vendor/Product: Palo Alto Networks PAN-OS

Description: Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.

Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Until the vendor releases an official fix, the following workaround should be implemented: restrict User-ID Authentication Portal access to only trusted zones, or disable User-ID Authentication Portal if not required.

CISA Due Date: 2026-05-09 ⚠️ Deadline has passed

Reference: CVE-2026-0300 - NVD

Expert take: Unauthenticated RCE with root privileges on a Palo Alto firewall is about as bad as it gets for network security infrastructure. The device that’s supposed to protect your perimeter becomes the entry point. The Captive Portal service is enabled in many environments for guest network access or bring-your-own-device authentication — and it’s often internet-facing by design. If you can’t patch immediately, CISA’s own guidance is clear: restrict Captive Portal access to trusted zones only, or disable it entirely if you’re not actively using it. The deadline was Friday — if this hasn’t been addressed yet, it needs to be the first thing on the list Monday morning. Also worth checking: is your PAN-OS management interface internet-accessible? If yes, that’s a separate conversation.

📰 This Week’s Security News

NVIDIA confirms GeForce NOW data breach affecting Armenian users

NVIDIA has confirmed that GeForce NOW user information has been exposed in a data breach.

Expert take: The geographic scope here — specifically Armenian users — is unusual and suggests either a targeted regional attack or that the breach affected infrastructure serving that market specifically. NVIDIA has confirmed the incident, so this isn’t a claim without verification. The data at risk in a gaming cloud service typically includes account details, payment information, and usage history. For most enterprise security teams the direct risk is low, but it’s worth flagging if any employees use corporate email addresses for personal gaming accounts — that’s how breach data becomes a credential stuffing vector against your org. More broadly, this is another reminder that consumer-facing platforms operated by large technology vendors are not inherently more secure than smaller targets.

Trellix source code breach claimed by RansomHouse hackers

The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion.

Expert take: Trellix is a cybersecurity vendor — formerly McAfee Enterprise and FireEye — and a breach of their source code repository is significant for anyone who uses their products. When attackers have access to source code, they can study the implementation for undisclosed vulnerabilities and build exploits before any patches exist. RansomHouse’s proof-of-intrusion leak suggests this is real, not just a claim. If your org uses any Trellix products — endpoint security, XDR, network detection — monitor Trellix’s security advisories closely over the coming weeks. Undisclosed vulnerabilities discovered through stolen source code tend to surface as zero-days. This is also a good reminder that your security vendors are part of your attack surface too.

CISA gives feds four days to patch Ivanti flaw exploited as zero-day

CISA has given U.S. federal agencies four days to secure their networks against a high-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.

Expert take: A four-day federal patching mandate from CISA is not routine. Standard BOD 22-01 timelines are typically 14 days for critical vulnerabilities. Four days means CISA has intelligence that active exploitation is widespread and the risk of delay is high. Even if your org isn’t a federal agency, the same urgency applies — if attackers are actively exploiting this against government networks, they’re using the same tooling against everyone else too. The zero-day classification means it was being exploited before a patch was publicly available, which means some environments were compromised before they even had the chance to respond. If you’re running Ivanti EPMM, this week’s window is already closing.

✅ What You Should Do This Week

Today: Patch CVE-2026-42208 (LiteLLM) — deadline is today, then rotate any API keys stored in the proxy
Past deadline — act now: Patch CVE-2026-6973 (Ivanti EPMM) — zero-day exploitation confirmed, CISA issued a four-day federal mandate
Past deadline — act now: Patch CVE-2026-0300 (PAN-OS) — if patch isn’t possible, disable or restrict Captive Portal to trusted zones immediately
Ivanti EPMM: If CVE-2026-1340 from Week 16 hasn’t been patched yet, do both together now
Trellix users: Subscribe to Trellix security advisories and watch for zero-day disclosures in coming weeks
Credential hygiene: If employees use corporate emails for personal accounts (NVIDIA, gaming platforms), flag credential stuffing risk
Verify: Check your systems against the CISA KEV catalog
Audit: Verify MFA is enforced for all privileged accounts — particularly on any MDM or remote access platforms
Backup: Test your disaster recovery procedures

📬 Stay Updated

Subscribe to receive weekly security digests directly in your inbox.

Questions or feedback? Contact us

GRC Vitrix provides cloud security and compliance intelligence for financial services professionals. This digest is curated from publicly available sources including CISA, Microsoft MSRC, and industry news.

🚨 Critical: CISA Known Exploited Vulnerabilities#

CVE-2026-42208: BerriAI LiteLLM SQL Injection Vulnerability#

CVE-2026-6973: Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability#

CVE-2026-0300: Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability#

📰 This Week’s Security News#

NVIDIA confirms GeForce NOW data breach affecting Armenian users#

Trellix source code breach claimed by RansomHouse hackers#

CISA gives feds four days to patch Ivanti flaw exploited as zero-day#

✅ What You Should Do This Week#

📬 Stay Updated#