BVTech News – Six New KEV Entries Hit This Week (July 15, 2026)
Good morning, folks. Jordan here with your daily cybersecurity briefing. Over the past two days, CISA added six new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Several carry brutally short federal deadlines, which tells me attackers are actively hitting these right now. Let me walk you through each one in plain English, and more importantly, what you should do about it.
The Two Most Urgent: SonicWall SMA1000
If you run a SonicWall SMA1000 appliance for remote access, drop what you're doing. Two vulnerabilities landed here:
- CVE-2026-15409 – Server-Side Request Forgery. Added 2026-07-14, federal due date 2026-07-17.
- CVE-2026-15410 – Code Injection. Added 2026-07-14, federal due date 2026-07-17.
A code injection flaw on an internet-facing remote-access box is about as bad as it gets. The three-day federal deadline is a loud signal. My advice: check SonicWall's advisory for the patched firmware, apply it immediately, and if you can't patch today, restrict management access to trusted IPs only. Review your logs for anything unusual while you're in there.
Microsoft SharePoint Server
CVE-2026-56164 is a Missing Authentication for Critical Function vulnerability in Microsoft SharePoint Server. Added 2026-07-14, federal due 2026-07-17. If you host SharePoint on-premises, this means an attacker may be able to reach a critical function without logging in. Apply Microsoft's update now. If you're on SharePoint Online (Microsoft 365), Microsoft handles the backend, but you should still confirm your tenant configuration.
Microsoft Active Directory Federation Services
CVE-2026-56155 is an Insufficient Granularity of Access Control vulnerability in Microsoft Active Directory Federation Services (AD FS). Added 2026-07-14, federal due 2026-07-28. If your business uses AD FS for single sign-on, patch this. AD FS sits at the heart of your identity system, so any access-control weakness here can cascade across every connected application.
Oracle E-Business Suite
CVE-2026-46817 is an Improper Privilege Management vulnerability in Oracle E-Business Suite. Added today, 2026-07-15, with a federal due date of 2026-07-18. Privilege management flaws let a lower-level user gain rights they shouldn't have. Fewer small shops run Oracle EBS, but if you do—especially in manufacturing or distribution—get on Oracle's patch cycle for this one right away.
KNX Protocol (Building Automation)
CVE-2023-4346 affects the KNX Association KNX Protocol Connection Authorization Option 1, described as an Overly Restrictive Account Lockout Mechanism vulnerability. Added 2026-07-15, federal due 2026-07-29. This one is easy to overlook because KNX runs building automation—HVAC, lighting, access control. If you have smart building systems, ask your integrator whether KNX is in the mix and whether a firmware fix is available.
My Bottom Line for Texas Small Businesses
Here's how I'd prioritize this week:
- Today: SonicWall SMA1000 (both CVEs) and SharePoint Server—all due July 17.
- This week: Oracle E-Business Suite (due July 18).
- Before month-end: AD FS (due July 28) and KNX (due July 29).
These federal due dates are for government agencies, but they're an excellent risk yardstick for the rest of us. A three-day deadline means "actively exploited, patch now." If you're unsure whether any of these products touch your environment, that's exactly the kind of question we help with. Stay safe out there, and I'll see you tomorrow.
— Jordan Polasek, Founder, BVTech LLC