The “vulnpocalypse” you were warned of has arrived: July’s Patch Tuesday brings a record 630+ Microsoft vulnerabilities – 63 of them rated critical, 14 of them RCEs and three known-exploited.

Top of this pile of security flaws is CVE-2026-56155, an actively exploited vulnerability in Microsoft’s ubiquitous identity and access management platform Active Directory Federation Service (AD FS).

Get the full story: Subscribe for free

Join peers managing over $100 billion in annual IT spend and subscribe to unlock full access to The Stack’s analysis and events.

Subscribe now

Already a member? Sign in