10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
CVE-2026-22238The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX admin APIs.
CVSS 10
Potential privilege escalation to admin/root
New critical Blusparkglobal Bluvoyix privilege escalation (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
CVE-2026-22236The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX backend APIs.
CVSS 10
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
CVE-2026-22237The vulnerability exists in BLUVOYIX due to the exposure of sensitive internal API documentation.
CVSS 10
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.