The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has integrated a critical SimpleHelp software flaw into its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2026-48558, this vulnerability carries a maximum CVSS v3.1 score of 10.0, indicating severe impact. It affects SimpleHelp versions 5.5.15 and earlier, as well as pre-release iterations of version 6.0. The flaw constitutes an authentication bypass, specifically manifesting when OpenID Connect (OIDC) authentication is enabled. It arises from the software's failure to adequately verify the cryptographic signatures of identity tokens. CISA's inclusion of CVE-2026-48558 in its KEV catalog confirms that this critical vulnerability is undergoing active exploitation in real-world environments1. Consequently, security professionals and administrators managing SimpleHelp deployments must immediately apply available updates or implement specified mitigations to preempt compromise and unauthorized system access.
U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog
⚠️ Critical Alert
Why This Matters
CVE-2026-48558 is in active discussion involving CISA — exploitation status determines whether this is patch-now or monitor.
References
- SecurityAffairs. (2026, June 30). U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog. *SecurityAffairs*. https://securityaffairs.com/194503/security/u-s-cisa-adds-simplehelp-flaw-to-its-known-exploited-vulnerabilities-catalog.html
Original Source
SecurityAffairs
Read original →