PatchDay Alert
Subscribe →

Free · Weekday mornings

The daily digest. Straight to your inbox.

Written for sysadmins. Not security researchers. Not CISOs. You: the person who just got 12 CISA tickets assigned with zero context and is expected to triage them by lunch.

New subscribers get the CVE triage cheat sheet, a printable one-pager for triaging fresh CVEs, in the welcome email.

What you get

  1. 01

    Plain-English CVE summaries

    If you can't read a CVE writeup cold and know what to do, the digest is for you. No CVSS jargon dumps.

  2. 02

    Patch urgency in one line

    Patch today, patch this week, or safe to skip. Every entry. No ambiguity about what the ticket needs.

  3. 03

    Exploited-in-the-wild front and center

    CISA KEV catches things NVD-severity alone misses. Anything actively exploited gets flagged before anything else.

  4. 04

    Patch Tuesday edition ships wider

    Second Wednesday of each month: expanded digest with vendor sections (Microsoft, Adobe, Chromium, everything else).

Latest sample issue

Jun 12, 2026 · Subject: MariaDB Galera CVSS 10 RCE, Chrome + MongoDB UAFs

MariaDB Galera hits CVSS 10.0: unauthenticated RCE through a clustering feature

Five patches today, nothing exploited in the wild yet, but one deserves your full attention right now. MariaDB with Galera replication has a CVSS 10.0 unauthenticated RCE: if you have `wsrep_notify_cmd` enabled, an attacker controlling a joiner node name can inject shell commands straight into the server. Chrome on macOS and MongoDB also picked up 8.8-rated use-after-free bugs worth patching this cycle.

One item / urgency verdict

Patch within 24 hours

CVE-2026-11774

An integer overflow in the SASL I/O layer of 389 Directory Server lets an attacker bypass the max packet size check and smash the heap with about 2 MB of controlled data.

Update 389-ds-base to the latest patched version from your distro's repos. If you can't patch immediately, audit which principals have SASL bind access and monitor for abnormally large SASL packets.

Read the full issue Browse archive