Cyber Risk Brief: 1 June 2026

Disclaimer:This brief is governance commentary for leadership and risk teams, not incident notification, public attribution, legal advice, or quantitative risk analysis. Threat prioritization, framework mappings, attribution, and risk-zone groupings are informational only. Validate all technical claims against vendor advisories and internal telemetry before operational response.

Threat Intelligence Summary

Today's register spans two actively-exploited vulnerabilities and three exploitation-imminent threats across identity infrastructure, web platforms, AI tooling, and developer toolchains. T1 (CVE-2026-41089) is a pre-authentication Windows Netlogon RCE under active exploitation by threat actors confirmed by Belgium's Centre for Cybersecurity, threatening domain controllers on all supported Windows Server versions. T2 (CVE-2026-8732) is an unauthenticated WordPress admin-creation flaw with over 3,600 attacks blocked in 24 hours and a patch in hand. T3 (CVE-2026-40933) carries a public exploit for an OS command injection in the Flowise AI-workflow platform. T4 (CVE-2026-46243) is a Linux kernel CIFS local privilege escalation with a working PoC. T5 is an unpatched Gogs Git zero-day with a Metasploit module and no vendor fix in sight.

Critical

9.8

CVE-2026-41089 · CVSS 3.1 (Microsoft CNA) · active exploitation confirmed · CCB

An unauthenticated stack-based buffer overflow in Windows Netlogon allows remote code execution on domain controllers across all supported Windows Server versions. The Centre for Cybersecurity Belgium confirms active exploitation in the wild; Microsoft issued the patch in May 2026 Patch Tuesday.

CVE-2026-41089 · Windows Server 2012 R2–2025 · Active Directory · domain controller · IMMEDIATE

BleepingComputer ↗Follow T1

Critical

9.8

CVE-2026-8732 · CVSS 3.1 (Wordfence CNA) · 3,600+ attacks/24h · patch v6.1.1 available

Unauthenticated attackers are actively creating rogue administrator accounts on WordPress sites running WP Maps Pro ≤ 6.1.0 via an unprotected AJAX endpoint. BleepingComputer reports over 3,600 attacks blocked in a single 24-hour window. Patch v6.1.1 is available.

CVE-2026-8732 · WordPress · WP Maps Pro ≤ 6.1.0 · unauthenticated admin creation · active exploitation · IMMEDIATE

The Hacker News ↗Follow T2

Critical

9.9

CVE-2026-40933 · CVSS 3.1 (GitHub CNA) · public PoC · AI-workflow platform RCE

Public exploit code enables any authenticated Flowise user to execute arbitrary OS commands on the server, compromising all connected LLM API keys, databases, and AI pipelines. Obsidian Security published a working PoC that delivers a reverse shell via malicious chatflow import. Flowise 3.1.0 contains the fix.

CVE-2026-40933 · Flowise < 3.1.0 · MCP stdio adapter · OS command injection · LLM workflow · AI platform · IMMEDIATE

SecurityWeek ↗Follow T3

High

7.8

CVE-2026-46243 · CVSS 3.1 (CISA-ADP) · PoC published · local privilege escalation to root

A Linux kernel flaw in the CIFS subsystem allows any unprivileged local user to gain root on multiple major enterprise distributions by default. Discoverer Asim Viladi Oglu Manizada published a working PoC; upstream kernel fix commit 3da1fdf is queued for stable.

CVE-2026-46243 · Linux kernel · cifs-utils · CentOS Stream 9 · Rocky Linux 9 · AlmaLinux 9 · Kali · SLES 15 · local root · IMMEDIATE

BleepingComputer ↗Follow T4

Critical

0-day

No CVE assigned · CVSS 9.4 per Rapid7/SecurityWeek · Metasploit module public · no patch

Any authenticated user on a default-configured Gogs instance can achieve full server RCE by injecting --exec shell payloads into branch names passed to git rebase. Rapid7 published a Metasploit module automating the entire chain; over 2,400 instances are internet-exposed per Shadowserver. No vendor patch as of 2026-06-01.

Gogs · argument injection · zero-day · self-hosted Git · Metasploit · developer infrastructure · source code · NO_PATCH

SecurityWeek ↗Follow T5

Strategic context: Broken trust assumptions, authentication, web, AI, and developer platform defaults all fail in the same window

This brief's five threats share a structural failure mode: each exploits a trust assumption that is not enforced at the code level. Netlogon trusts unauthenticated network requests; WP Maps Pro trusts a publicly-embedded nonce as an access control; Flowise trusts authenticated user input to the MCP configuration interface; CIFSwitch trusts that kernel CIFS key requests originate from the kernel itself; and Gogs trusts that branch names are not shell arguments. The pattern is not coincidence, it is the cumulative debt of software built without adversarial defaults. Organisations running any combination of Windows domain controllers, WordPress with third-party plugins, AI-workflow platforms, or self-hosted Git services should treat today's register as a prompt to audit trust assumptions across their stack, not merely apply the named patches.

Threat Register: 01/06/2026

	Threat
T1	Windows Netlogon Remote Code Execution (CVE-2026-41089) This is a flaw in Netlogon, the Microsoft Windows Server service that domain controllers use to authenticate logins across an organization's network. A domain controller is the central server that runs Active Directory, which decides who can sign in and what they can access. Left unpatched, CVE-2026-41089 lets an unauthenticated attacker take full control of that domain controller over the network: a single crafted Netlogon request triggers a stack-based buffer overflow and runs code at the highest privilege level (SYSTEM), with no password and no user interaction, exposing the organization to full domain compromise. Microsoft fixed it in the May 2026 Patch Tuesday release, and the Centre for Cybersecurity Belgium has confirmed active exploitation in the wild. All currently supported Windows Server versions are affected: 2012 R2, 2016, 2019, 2022, 2022 23H2, and 2025. BleepingComputer ↗SecurityWeek ↗NVD ↗Microsoft MSRC ↗	9.8	< 1%	Critical	Immediate
T2	WP Maps Pro Unauthenticated Administrator Account Creation (CVE-2026-8732) WP Maps Pro is a mapping plugin for WordPress websites, used to embed interactive Google Maps into pages. Any organisation running WP Maps Pro 6.1.0 or earlier faces complete site takeover: an unauthenticated attacker calls the unprotected wpgmp_temp_access_ajax AJAX endpoint with check_temp=false, bypassing a publicly-embedded nonce that provides no effective access control, causing the plugin to create a new WordPress administrator account and return a magic login URL. BleepingComputer reports over 3,600 attacks targeting this vulnerability in a single 24-hour period; Wordfence reports 2,858 attacks blocked in a separate window, confirming sustained automated exploitation at scale. WP Maps Pro 6.1.1, released May 20, 2026, contains the fix. The Hacker News ↗BleepingComputer ↗NVD ↗	9.8	< 1%	Critical	Immediate
T3	Flowise LLM-Workflow Platform Authenticated RCE (CVE-2026-40933) Flowise is an open-source, low-code tool for building AI chatbots and LLM workflows by wiring components together on a visual canvas. Organisations running Flowise before version 3.1.0 are exposed to full server compromise: any authenticated user can configure an MCP stdio adapter with an arbitrary OS command, using safe-listed tools like npx with code-execution arguments to bypass sanitisation, causing Flowise to execute the command on the underlying server. Obsidian Security published a working proof-of-concept exploit that creates a reverse shell via a malicious chatflow import, confirming a social-engineering delivery path that requires no traditional authentication bypass. The flaw is fixed in Flowise 3.1.0. SecurityWeek ↗NVD ↗FlowiseAI GitHub ↗	9.9	< 1%	Critical	Immediate
T4	CIFSwitch Linux CIFS Kernel Local Privilege Escalation (CVE-2026-46243) cifs-utils is the standard Linux package used to connect to Windows and other SMB network file shares, and CIFSwitch (CVE-2026-46243) is the name given to a flaw in how the Linux kernel handles those connections. Linux servers, workstations, and containers with cifs-utils installed face a local privilege escalation that allows any unprivileged user to gain root, a significant risk for multi-tenant environments and any environment where low-privilege code execution already exists as a foothold. Discovered by SpaceX security engineer Asim Viladi Oglu Manizada, the flaw exploits the Linux kernel's failure to verify that cifs.spnego key requests originate from the kernel's own CIFS client; an unprivileged user can forge such a request, causing the root-privileged cifs.upcall helper to execute a malicious NSS module, yielding root. Confirmed affected distributions include Linux Mint 21.3/22.3, CentOS Stream 9, Rocky Linux 9, AlmaLinux 9, Kali Linux 2021.4–2026.1, and SLES 15 SP7; a public PoC exploit and upstream kernel fix (commit 3da1fdf) both exist. BleepingComputer ↗NVD ↗	7.8	—	High	Immediate
T5	Gogs Self-Hosted Git Argument Injection Zero-Day RCE (no CVE assigned) Gogs is an open-source, self-hosted Git service, an in-house alternative to GitHub or GitLab that organisations run on their own servers to store and manage source code. Organisations running Gogs face full server compromise: any authenticated user can create a pull request with a branch name containing --exec [shell payload], which Gogs passes unsanitised to git rebase, triggering OS command execution on the server. Because Gogs ships with open user registration and no cap on repository creation by default, SecurityWeek reports that the entire exploit chain can be operated without interaction from any other user, and Rapid7 has published a Metasploit module automating every step. Shadowserver tracks over 2,400 internet-exposed Gogs instances per BleepingComputer; Gogs maintainers were notified on March 17, 2026 but had not released a patch as of SecurityWeek's report. SecurityWeek ↗The Hacker News ↗BleepingComputer ↗	—	—	Critical	Post-incident
Select a row for narrative, affected systems, remediation, and sources.

Threat Actor Profiling

All five threat actors in today's register are unattributed, no allowlisted source names a specific group for any of the five incidents. MITRE technique codes are shown as hover-to-define abbreviations.

Threats	Actor	Sectors	MITRE tradecraft	Kill chain
T1	Unattributed Windows infrastructure threat actor	Enterprise IT, Government, Financial Services	T1210T1068	Network access → Exploit Netlogon RPC buffer overflow (T1210) → SYSTEM-level RCE on domain controller (T1068) → Active Directory compromise
T2	Unattributed web exploitation threat actor	Web/Commerce, Education, Small and Medium Business	T1190T1078	Unauthenticated HTTP POST to AJAX endpoint (T1190) → Plugin creates rogue administrator account → Attacker authenticates with valid admin cookie (T1078) → Full WordPress administration access
T3	Unattributed opportunistic threat actor (AI-platform targeting)	Technology, Financial Services, Any organisation using AI-workflow tooling	T1190T1059	Authenticated access to Flowise canvas → Inject OS command payload into MCP stdio adapter configuration (T1190 / T1059) → RCE on server as Flowise process user → Harvest LLM API keys and connected credentials
T4	Unattributed insider / local-access threat actor	Technology, Healthcare, Any multi-user Linux environment	T1068	Low-privilege local access → Forge cifs.spnego key request bypassing kernel origin check (T1068) → cifs.upcall executes attacker-controlled NSS module as root → Full system compromise
T5	Unattributed opportunistic threat actor (developer-infrastructure targeting)	Technology, Software Development, Any organisation with self-hosted Git infrastructure	T1190T1059T1565.001	Self-register account on Gogs (default open registration) → Submit pull request with --exec shell payload in branch name (T1190) → git rebase executes OS command on server (T1059) → Read all repositories / inject backdoors into hosted source code (T1565.001)

▶Table methodology & sourcing notes

All five actors are unattributed, no allowlisted source names a specific threat group for any of today's five incidents. Actor entries represent exploitation patterns, not named groups.
T1565.001 (Stored Data Manipulation) used for T5 Gogs, confirmed as .001, not .003 (Runtime Data Manipulation). Repo/database tampering maps to stored data at rest.
T3 Flowise: T1059 (Command and Scripting Interpreter) included because OS command injection confirms actual execution on the server, not speculative.

Control Deficiency & Framework Mapping

Threat	Control gaps	ISO 27001	NIST CSF 2.0	CIS Controls	Privacy Act / PIPEDA	ITSG-33	OSFI B-13	ISO 42001
T1Windows Netlogon Remote Code Execution (CVE-2026-41089)	Incomplete inventory of domain controllers and Netlogon-exposed Windows servers across all sites Patch and vulnerability management not prioritizing domain controllers and critical authentication services for emergency patching Insufficient network segmentation and firewalling restricting SMB/RPC access to domain controllers from untrusted networks Limited monitoring for anomalous Netlogon and lsass activity on domain controllers Change-management processes that delay emergency security updates on core identity infrastructure	A.5.15, A.5.17, A.8.8, A.8.9, A.8.16	ID.AM-01, ID.RA-01, PR.PS-01, DE.CM-01, RS.MI-01	CIS 1, CIS 7, CIS 12, CIS 13	PIPEDA s.10.1	SI-2, RA-5, CM-7, SC-7	B-13 Patch Mgmt, B-13 Vulnerability Management, B-13 Access Control, B-13 Governance	—
T2WP Maps Pro Unauthenticated Administrator Account Creation (CVE-2026-8732)	No inventory or lifecycle governance of WordPress plugins deployed across web properties No monitoring or alerting for unexpected administrator-role account creation in WordPress Plugin update SLAs not enforced for third-party web application components Missing effective access control on AJAX endpoints, publicly-embedded nonce does not enforce authentication No WAF rules or anomaly detection covering WordPress AJAX endpoint abuse patterns	A.5.15, A.8.8, A.8.9, A.8.16	ID.AM-02, PR.PS-01, DE.CM-01, DE.AE-02, RS.MI-01	CIS 1, CIS 7, CIS 13, CIS 16	PIPEDA s.10.1, PIPEDA 4.7	RA-5, SI-2, CM-7, AU-6	B-13 Patch Mgmt, B-13 Vulnerability Management, B-13 Access Control, B-13 Governance	—
T3Flowise LLM-Workflow Platform Authenticated RCE (CVE-2026-40933)	No AI/ML platform patch management process covering Flowise or equivalent LLM-workflow tools LLM API keys and database credentials accessible to the Flowise server process not isolated behind secrets-management controls No network segmentation restricting access to the Flowise canvas/API to authorised users only Missing monitoring for anomalous OS command execution originating from Flowise server processes No AI governance policy covering third-party AI pipeline tools and their security posture Insufficient input validation on the MCP configuration interface allowing command injection via safe-listed tool arguments	A.8.8, A.8.9, A.5.15, A.8.16, A.8.20	ID.AM-02, PR.PS-01, PR.AA-01, DE.CM-01, DE.AE-02	CIS 1, CIS 7, CIS 13, CIS 16	—	SI-2, RA-5, CM-7, SC-7, AU-6	B-13 Patch Mgmt, B-13 Vulnerability Management, B-13 Access Control, B-13 Governance	A.6, A.10
T4CIFSwitch Linux CIFS Kernel Local Privilege Escalation (CVE-2026-46243)	No patch management SLA enforced for Linux kernel security updates across enterprise Linux deployments cifs-utils installed by default on distributions where CIFS/SMB is not operationally required, expanding attack surface Local privilege escalation risk not factored into threat model for multi-user Linux server environments Insufficient monitoring for anomalous cifs.upcall and NSS module activity on Linux hosts No compensating control policy for kernel vulnerabilities in environments where patching cannot be completed within 24 hours	A.8.8, A.8.9, A.8.16	ID.RA-01, PR.PS-01, DE.CM-01	CIS 4, CIS 7	—	SI-2, RA-5, CM-7	B-13 Patch Mgmt, B-13 Vulnerability Management	—
T5Gogs Self-Hosted Git Argument Injection Zero-Day RCE (no CVE assigned)	No third-party open-source tool lifecycle policy defining fallback controls when a community project fails to patch critical vulnerabilities within an acceptable timeframe Internet-facing Gogs instances with open user registration enabled, no deployment governance requiring its disablement No network segmentation restricting Gogs web interface access to authenticated VPN-bound users only No monitoring for anomalous Gogs server process behaviour, unexpected child processes or git rebase invocations containing shell metacharacters No source-code repository integrity monitoring to detect unauthorised commits or CI/CD pipeline modifications post-compromise	A.5.19, A.5.20, A.8.8, A.8.9, A.8.16, A.8.20	GV.SC-01, ID.RA-01, PR.PS-01, DE.CM-01, DE.AE-02	CIS 1, CIS 4, CIS 7, CIS 13, CIS 16	—	SA-12, RA-5, CM-7, SC-7, AU-6	B-13 Third-Party Risk, B-13 Patch Mgmt, B-13 Vulnerability Management, B-13 Governance	—

Privacy Act / PIPEDA & OSFI: T1 and T2 carry PIPEDA exposure for Canadian private-sector organizations. For T1 (Netlogon): a domain controller compromise at any organization subject to PIPEDA that processes personal data requires a mandatory breach notification assessment under s.10.1, the DC is the trust root for the entire environment. For T2 (WP Maps Pro): any organization whose WordPress site collects personal data of Canadians and where exploitation is confirmed must assess PIPEDA s.10.1 notification obligations; PIPEDA Principle 4.7 (safeguards) is also engaged by the absent access control on the AJAX endpoint. OSFI-regulated entities should treat T1 as a B-13 emergency patch event regardless of PIPEDA applicability. ISO 42001: T3 (Flowise) is an AI system management concern, the RCE sits in a third-party LLM-workflow platform, engaging Annex A.6 (AI system life cycle) and A.10 (Third-party relationships) for organizations that have placed Flowise or equivalent tooling inside their AIMS boundary.

Risk Triage

Threats are assigned to primary zones based on their dominant organizational risk characteristic. A threat may appear in a secondary zone when it presents a materially distinct compounding risk dimension.

Exposure Velocity

Active exploitation or weaponized capability with immediate organizational exposure if unaddressed.

T1Windows Netlogon CVE-2026-41089, active exploitation confirmed by CCB
CCB confirms threat actors are exploiting the pre-authentication Netlogon RCE in the wild. Patch immediately; restrict DC network access as an interim control where patching is delayed.
T2WP Maps Pro CVE-2026-8732, 3,600+ attacks in 24 hours per BleepingComputer
Automated exploitation is ongoing at scale. Upgrade to v6.1.1 immediately; audit WordPress admin accounts for rogue entries created before the patch was applied.
T3Flowise CVE-2026-40933, public PoC delivers reverse shell
Obsidian Security confirmed a working PoC automating server RCE via malicious chatflow import. Upgrade to 3.1.0 and rotate all LLM API credentials accessible from the Flowise server.
T5Gogs zero-day, Metasploit module public, no patch, 2,400+ exposed instances
Rapid7 published a Metasploit module automating full exploitation. No vendor patch. Disable open registration and Rebase before merging; move all internet-facing Gogs instances behind VPN immediately.

Incident Pressure

Confirmed campaign or large-scale exposure with direct impact on organizations or their data.

T2WP Maps Pro, thousands of sites may already be compromised
The scale of exploitation (3,600+ attacks/24h) means WordPress sites running vulnerable versions for any period of internet exposure should be treated as potentially compromised. Forensic review of admin logs and post-exploitation artefacts is warranted before simply patching.

Governance & Control Gaps

Structural control deficiencies revealed by the day's threats, independent of any single exploit.

T3Flowise, AI platform tools outside the patch management programme
CVE-2026-40933 reveals that AI-workflow platforms are not yet treated as production infrastructure requiring formal patch SLAs, secrets isolation, and access controls equivalent to the services they connect to.
T4CIFSwitch, kernel LPE SLA gaps on enterprise Linux
CVE-2026-46243 exposes the absence of enforced patch SLAs for Linux kernel security updates; cifs-utils installed by default on distributions where CIFS is not required unnecessarily expands the attack surface.
T5Gogs, no open-source tool lifecycle policy for unpatched critical flaws
Gogs maintainers were notified March 17, 2026 and have not issued a patch, organisations have no governance process requiring migration or isolation when a community project fails to remediate a critical vulnerability within an acceptable window.

Strategic Posture

Cross-cutting pattern requiring board-level awareness and programme-level response.

T1 · T2 · T3 · T4 · T5Broken trust assumptions across authentication, web, AI, and developer infrastructure defaults
All five threats exploit a trust assumption that is not enforced at the code level: Netlogon trusts unauthenticated requests; WP Maps Pro trusts a public nonce as access control; Flowise trusts authenticated MCP input; CIFSwitch trusts CIFS key request origin; Gogs trusts branch names. This is a programme-level signal, vendor-default trust assumptions are insufficiently adversarial across the stack, and organisations should audit implicit trust in both new and legacy infrastructure.

Remediation Actions

Consolidated actions across all five threats, organized by time horizon. T-badges indicate which threat each action addresses.

0 – 24 hours

Immediate response

T1Apply Microsoft May 2026 Patch Tuesday updates for CVE-2026-41089 to all Windows domain controllers. Restrict TCP/445 and Netlogon RPC to trusted subnets where patching is delayed.
T2Upgrade WP Maps Pro to v6.1.1 on all WordPress sites. Enumerate all admin accounts and remove any unexpected entries created since the plugin was first installed.
T3Upgrade Flowise to 3.1.0. Rotate all LLM API keys, database credentials, and secrets accessible from the Flowise server process, regardless of whether exploitation is confirmed.
T5Disable open user registration and Rebase before merging on all Gogs instances. Restrict internet-accessible instances to VPN-only access immediately.

7 days

Short-term hardening

T1Complete DC patch validation via configuration-management scan. Tune SIEM for anomalous Netlogon RPC traffic and unexpected lsass child processes.
T2Review web server access logs for hits to the wpgmp_temp_access_ajax endpoint. Treat any matches as probable exploitation and initiate incident-response review.
T3Audit Flowise MCP stdio server configurations for unexpected commands. Enable authentication on all unprotected Flowise instances and restrict MCP configuration to trusted admins.
T4Apply distribution kernel updates containing commit 3da1fdf. Remove cifs-utils from systems where CIFS mounts are not operationally required.
T5Audit Gogs server logs for anomalous git rebase invocations and unexpected child processes. Rotate all deploy keys and SSH keys stored in or accessible from any Gogs instance.

14 – 30 days

Programme remediation

T1T4Review and update emergency patch SLAs for Windows domain controllers and Linux kernel CVEs, classify these as P1 requiring same-day patching or documented compensating controls.
T3Establish a patch management and secrets-isolation policy covering all AI-workflow platform tools (Flowise, LangChain, n8n, etc.) with SLAs matching the sensitivity of connected infrastructure.
T2Implement a WordPress plugin governance policy: inventory all plugins, enforce pre-deployment review, and define SLA-driven response to critical plugin CVEs.
T5If no Gogs patch within 30 days, initiate migration to an actively maintained Git platform with a defined security response SLA. Implement repository integrity monitoring and code-signing for CI/CD pipelines.

Ongoing

Structural controls

T1T4Enforce network segmentation for domain controllers and multi-user Linux environments. Audit SMB/RPC exposure and cifs.upcall activity periodically.
T3T5Integrate AI-workflow platforms and developer infrastructure tools (Gogs, Gitea, Jenkins) into the continuous vulnerability management programme with risk-tiered SLAs.
T2T5Implement supply chain governance for third-party web plugins and open-source infrastructure tools: require documented security review at adoption and defined escalation paths when community projects fail to patch critical flaws.

Provenance

Intelligence Sources

BleepingComputer ↗SecurityWeek ↗NVD ↗Microsoft MSRC ↗The Hacker News ↗BleepingComputer ↗NVD ↗SecurityWeek ↗NVD ↗FlowiseAI GitHub ↗BleepingComputer ↗NVD ↗SecurityWeek ↗The Hacker News ↗BleepingComputer ↗

Cadence

Published each weekday. Primary intelligence drawn from BleepingComputer, SecurityWeek, The Hacker News, The Record, KrebsOnSecurity, and researcher disclosures, supplemented by vendor advisories, the Canadian Centre for Cyber Security, CVE and NVD records, and MITRE ATT&CK frameworks. Use the Share button on any issue to join the distribution list.

Contact Sovereign GRC for risk advisory or a threat profile tailored to your environment

Get Your AI Governance Roadmap →