CVE-2026-0456

Name of the Vulnerable Software and Affected Versions MedSys (affected versions not specified) MedTech (affected versions not specified) Banking software (affected versions not specified)

Description A widespread ransomware campaign has impacted over 500 critical infrastructure organizations, including those in the energy, healthcare, and transportation sectors. More than 50 financial institutions and over 200 US healthcare organizations have been affected, resulting in major service disruptions and data breaches impacting millions of individuals. Approximately 1.5 million patient records have been compromised, with ransom demands exceeding $10 million. The attacks are attributed to multiple ransomware variants, including DarkLock, DarkSky, and RansomX, all exploiting a zero-day issue identified as CVE-2026-0456. The FBI has issued emergency advisories and is actively investigating the incidents. Electronic Health Records (EHRs) and patient care have been disrupted in the healthcare sector.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.