CISA adds SimpleHelp CVE-2026-48558 to KEV after OIDC bypass exploited
CISA added the SimpleHelp OIDC auth bypass (CVSS 10) to KEV on June 29. ~14,000 servers are internet-exposed; 5.5.16 and 6.0 RC2 shipped the fix on June 9.
CISA added the SimpleHelp OIDC auth bypass (CVSS 10) to KEV on June 29. ~14,000 servers are internet-exposed; 5.5.16 and 6.0 RC2 shipped the fix on June 9.