Microsoft released its June 2026 security updates to fix 200 vulnerabilities, including three publicly disclosed zero-days in Windows. The zero-days include CVE-2026-45586, a local privilege-escalation flaw in the Windows Collaborative Translation Framework (CTFMON) that can grant SYSTEM access, CVE-2026-49160 in HTTP.sys, and CVE-2026-50507, a BitLocker security-feature bypass requiring physical access. Microsoft says none of the three were known to be exploited at patch time.
2026.06.10
98% relevant
This article reports on the same June 2026 Microsoft Patch Tuesday event and adds detail that it is Microsoft's largest Patch Tuesday on record, highlights the wormable Windows core flaw CVE-2026-45657, and notes that CVE-2026-41091 in Microsoft Defender was already added to CISA's KEV catalog as actively exploited.
Sergiu Gatlan
2026.06.10
69% relevant
This is part of the same June 2026 Patch Tuesday event and adds concrete detail that the patched zero-days include YellowKey CVE-2026-45585 and MiniPlasma CVE-2020-17103 alongside GreenPlasma CVE-2026-45586.
info@thehackernews.com (The Hacker News)
2026.06.10
98% relevant
This appears to be another report on the same June 2026 Microsoft Patch Tuesday event, describing the monthly batch of fixes, including three zero-days and critical RCE issues; it mainly adds alternate coverage and a slightly different flaw count.
2026.06.09
97% relevant
This article is another report on the same June 2026 Patch Tuesday event, adding count details (206 CVEs, 38 critical), noting that none are yet confirmed exploited in the wild, and highlighting that CVE-2026-50507 is publicly disclosed while CVE-2026-49160 (HTTP.sys) was also patched in the same release.
BrianKrebs
2026.06.09
98% relevant
This article is directly about the same June 2026 Patch Tuesday event and adds context on the record-breaking volume, the link to Nightmare Eclipse's GreenPlasma and YellowKey disclosures, and Microsoft's acknowledgment that June's browser fixes pushed the broader total far beyond the Patch Tuesday count.
Eduard Kovacs
2026.06.09
98% relevant
This article is a direct report on the same June 2026 Microsoft Patch Tuesday event, adding that none of the flaws appears exploited in the wild, identifying CVE-2026-49160 as tied to the HTTP/2 Bomb denial-of-service technique, and noting nearly 40 issues are rated critical across Windows, Azure, Office, Outlook, Exchange, and AI tools.
Lawrence Abrams
2026.06.09
92% relevant
This article is the Windows 10 ESU/LTSC delivery of the June 2026 Patch Tuesday fixes, confirming KB5094127 includes that month's 200 vulnerability fixes and adding operational details about Secure Boot certificate rollout monitoring and a known BitLocker recovery issue after recent updates.
Lawrence Abrams
2026.06.09
100% relevant
The article establishes the broader June 2026 Microsoft Patch Tuesday event and introduces two publicly disclosed zero-days not already captured as standalone tracked stories.
Mayank Parmar
2026.06.09
93% relevant
This article is the Windows 11 client-side rollout detail for the same June 2026 Patch Tuesday event, adding the specific KB packages (KB5094126 and KB5093998), affected Windows 11 versions (25H2/24H2 and 23H2), build numbers, and deployment guidance for installing the security fixes.