Security Advisories

Drupal security advisory (AV26-492) - Update 2

Serial number: AV26-492Date: May 20, 2026Updated: May 22, 2026 On May 20, 2026, Drupal published a security advisory to address a critical vulnerability in the following product: Drupal Core – multiple versions Update 1 Drupal has indicated that exploit attempts for CVE-2026-9082 are now being detec

F5 security advisory (AV26-501)

Serial number: AV26-501Date: May 22, 2026 On May 22, 2026, F5 published a security advisory to address a critical vulnerability in the following products: NGINX Plus – multiple versions NGINX Open Source – multiple versions NGINX Instance Manager – versions 2.17.0 to 2.22.0 F5 WAF for NGINX – versio

HPE security advisory (AV26-500)

Serial number: AV26-500Date: May 22, 2026 On May 22, 2026, HPE published a security advisory to address vulnerabilities in the following product: HPE Telco Universal SLA Management – version 4.6 and prior. The Cyber Centre encourages users and administrators to review the provided web links and appl

cPanel security advisory (AV26-499)

Serial number: AV26-499Date: May 22, 2026 On May 21, 2026, cPanel published security advisories to address vulnerabilities in the following products: cPanel & WebHost Manager (WHM) software – version 11.126.0.63 and later, version 11.134.0.30 and later, version 11.136.0.14 and later, WP Squared 11.1

Ubiquiti security advisory (AV26-498)

Serial number: AV26-498Date: May 22, 2026 On May 21, 2026, Ubiquiti published a security advisory to address vulnerabilities in the following products. Included were critical updates for the following: Express – version 4.0.13 and prior UCG-Industrial – version 5.0.13 and prior UDM, UDM-Pro, UDM-SE,

Microsoft Edge security advisory (AV26-497)

Serial number: AV26-497Date: May 22, 2026 On May 21, 2026, Microsoft published a security update to address vulnerabilities in the following product: Microsoft Edge Stable Channel – versions prior to 148.0.3967.83 The Cyber Centre encourages users and administrators to review the provided web link a

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-9082 Drupal Core SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to

Phishing Alert - Beware of Phishing Websites Impersonating the Anti-Deception Coordination Centre (ADCC) and Multiple Well-Known Brands

Splunk Products Multiple Vulnerabilities

Trend Micro Apex One Multiple Vulnerabilities

Trend Micro security advisory (AV26-494) – Update 1

Serial number: AV26-494Date: May 21, 2026 On May 21, 2026, Trend Micro published a security advisory to address vulnerabilities in the following products: Apex One (on-premise) – server/agent builds prior to 2019 (on-prem) build 17079 Apex One as a service – SaaS Trend Vision One Endpoint - SEP – ag

ConnectWise security advisory (AV26-496)

Serial number: AV26-496Date: May 21, 2026 On May 21, 2026, ConnectWise published a security advisory to address a vulnerability in the following product: ConnectWise Automate – versions prior to 2026.5 The Cyber Centre encourages users and administrators to review the provided web links and apply th

FreeBSD security advisory (AV26-495)

Serial number: AV26-495Date: May 21, 2026 On May 20, 2026, FreeBSD published security advisories to address vulnerabilities in the following product: FreeBSD – all supported versions The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

ABB B&R Automation Studio

View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces an outdated third-party component. Although no successful exploitation was observed during testing of the affected B&R products, the identified vulnera

ABB Terra AC Wallbox

View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the

ABB B&R PCs

View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. A network attacker could exploit the vulnerabilities to execute remote code, initiate DoS attacks, conduct DNS c

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-34291 Langflow Origin Validation Error Vulnerability CVE-2026-34926 Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability These types of vulne

ABB B&R Automation Runtime

View CSAF Summary An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could take over a remote session or execute code in the conte

Hitachi Energy GMS600

View CSAF Summary Hitachi Energy is aware of the vulnerability, CVE-2022-4304 in the OSS component OpenSSL, that affects the GMS600 versions that are listed below. An attacker successfully exploiting this vulnerability could send trial messages to the server and record the time taken to process them

Drupal Remote Code Execution vulnerability

Microsoft Defender Multiple Vulnerabilities

Splunk security advisory (AV26-493)

Serial number: AV26-493Date: May 20, 2026 On May 20, 2026, Splunk published security advisories to address vulnerabilities in the following products. Included were critical updates for the following: Splunk User Behavior Analytics – versions prior to 5.4.5 Splunk AppDynamics Machine Agent – versions

Cisco security advisory (AV26-491)

Serial number: AV26-491Date: May 20, 2026 On May 20, 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following: Cisco Secure Workload – version 3.9 and prior Cisco Secure Workload – versions prior to 3.10.8.3 Cisco Sec

ISC BIND security advisory (AV26-490)

Serial number: AV26-490Date: May 20, 2026 On May 20, 2026, ISC published security advisories to address vulnerabilities in the following products: ISC BIND 9 – versions 9.0.0 to 9.16.50 ISC BIND 9 – versions 9.18.0 to 9.18.48 ISC BIND 9 – versions 9.20.0 to 9.20.22 ISC BIND 9 – versions 9.21.0 to 9.

Microsoft security advisory (AV26-489)

Serial number: AV26-489Date: May 20, 2026 On May 18 and 19, 2026, Microsoft published security advisories to address vulnerabilities, including some critical ones, in the following products: Microsoft Azure Local Microsoft Azure Resource Manager Microsoft Azure Portal Windows Admin Center Microsoft

cPanel security advisory (AV26-488)

Serial number: AV26-488Date: May 20, 2026 On May 19, 2026, cPanel published security advisories to address vulnerabilities in the following product: cPanel & WebHost Manager (WHM) software – version 11.86.0.45, 11.94.0.32, 11.102.0.43, 11.110.0.120 (cl6110), 11.110.0.121, 11.118.0.68, 11.124.0.41, 1

HPE security advisory (AV26-487)

Serial number: AV26-487Date: May 20, 2026 On May 19, 2026, HPE published a security advisory to address a vulnerability in the following product: HPE Aruba Networking Management Software (Airwave) – version 8.3.0.6 and prior HPE Aruba Networking AOS-CX – multiple versions HPE Aruba Networking EdgeCo

Google Chrome security advisory (AV26-486)

Serial number: AV26-486Date: May 20, 2026 On May 19, 2026, Google published a security advisory to address vulnerabilities in the following product: Stable Channel Chrome for Desktop – versions prior to 148.0.7778.178/179 (Windows/Mac) and 148.0.7778.178 (Linux) The Cyber Centre encourages users and

F5 security advisory (AV26-485)

Serial number: AV26-485Date: May 20, 2026 On May 19, 2026, F5 published a security advisory to address a critical vulnerability in the following product: NGINX JavaScript (njs) – versions 0.9.4 to 0.9.8 The Cyber Centre encourages users and administrators to review the provided web links and apply t

FreePBX security advisory (AV26-484)

Serial number: AV26-484Date: May 20, 2026 On May 19, 2026, FreePBX published security advisories to address vulnerabilities in the following products: FreePBX Security-Reporting cdr (FreePBX 16) – versions 16.0.50 and prior FreePBX Security-Reporting cdr (FreePBX 17) – versions 17.0.11 and prior Fre

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability CVE-2009-1537 Microsoft DirectX NULL Byte Overwrite Vulnerability CVE-2009-3459 Adobe Acrobat and Rea

IBM WebSphere Products Multiple Vulnerabilities

Mozilla Products Multiple Vulnerabilities

Vulnérabilité dans Wireshark (20 mai 2026)

Une vulnérabilité a été découverte dans Wireshark. Elle permet à un attaquant de provoquer un déni de service à distance.

Multiples vulnérabilités dans les produits Microsoft (20 mai 2026)

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service. Microsoft indique que les vulnérabilités CVE-2026-41091 et...

Multiples vulnérabilités dans Docker (20 mai 2026)

De multiples vulnérabilités ont été découvertes dans Docker. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Multiples vulnérabilités dans Microsoft Windows (20 mai 2026)

De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Elles permettent à un attaquant de provoquer une élévation de privilèges et un contournement de la politique de sécurité. Microsoft indique qu'une preuve de concept est disponible publiquement pour la vulnérabilité...

Multiples vulnérabilités dans Symfony (20 mai 2026)

De multiples vulnérabilités ont été découvertes dans Symfony. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une injection de code indirecte à distance (XSS) et une injection de requêtes illégitimes par rebond (CSRF).

Vulnérabilité dans F5 NGINX (20 mai 2026)

Une vulnérabilité a été découverte dans F5 NGINX. Elle permet à un attaquant de provoquer une exécution de code arbitraire et un déni de service à distance.

Multiples vulnérabilités dans les produits Atlassian (20 mai 2026)

De multiples vulnérabilités ont été découvertes dans les produits Atlassian. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Multiples vulnérabilités dans Google Chrome (20 mai 2026)

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Multiples vulnérabilités dans ISC BIND (20 mai 2026)

De multiples vulnérabilités ont été découvertes dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.

Atlassian security advisory (AV26-483)

Serial number: AV26-483Date: May 19, 2026 On May 19, 2026, Atlassian published a security advisory to address vulnerabilities, including some critical ones, in the following products: Bamboo Data Center and Server - multiple versions Bitbucket Data Center and Server - multiple versions Confluence Da

Ubuntu security advisory (AV26-482)

Serial number: AV26-482Date: May 19, 2026 Between May 11 and 17, 2026, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products: Ubuntu 16.04 LTS Ubuntu 18.04 LTS Ubuntu 20.04 LTS Ubuntu 22.04 LTS Ubuntu 24.04 LTS The Cyber Centre encourages u

Siemens RUGGEDCOM APE1808 Devices

View CSAF Summary A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially c

ABB CoreSense HM and CoreSense M10

View CSAF Summary An update is available that resolves vulnerability in the product versions listed as affected in this advisory. A path traversal vulnerability in these products can allow unauthenticated users to gain access to restricted directories. Exploiting this vulnerability can lead to compl

ScadaBR

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to perform unauthenticated remote code execution. The following versions of ScadaBR are affected: ScadaBR 1.2.0 (CVE-2026-8602, CVE-2026-8603, CVE-2026-8604, CVE-2026-8605) CVSS Vendor Equipment Vulnerabilitie

Kieback & Peter DDC Building Controllers

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to take control of the victim's browser. The following versions of Kieback & Peter DDC Building Controllers are affected: DDC4002 <=1.12.14 (CVE-2026-4293) DDC4100 <=1.12.14 (CVE-2026-4293) DDC4200 <=1.12.14 (CVE

ZKTeco CCTV Cameras

View CSAF Summary Successful exploitation of this vulnerability could result in information disclosure, including capture of camera account credentials. The following versions of ZKTeco CCTV Cameras are affected: SSC335-GC2063-Face-0b77 Solution CVSS Vendor Equipment Vulnerabilities v3 9.1 ZKTeco ZK

Multiples vulnérabilités dans les produits Microsoft (19 mai 2026)

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Vulnérabilité dans Microsoft Azure (19 mai 2026)

Une vulnérabilité a été découverte dans Microsoft Azure. Elle permet à un attaquant de provoquer une élévation de privilèges.

Multiples vulnérabilités dans les produits Mattermost (19 mai 2026)

De multiples vulnérabilités ont été découvertes dans les produits Mattermost. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Multiples vulnérabilités dans GLPI (19 mai 2026)

De multiples vulnérabilités ont été découvertes dans GLPI. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

Microsoft Edge Multiple Vulnerabilities

Bulletin d'actualité CERTFR-2026-ACT-022 (18 mai 2026)

Ce bulletin d'actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l'analyse de l'ensemble des avis et alertes publiés par le CERT-FR dans le cadre d'une analyse de risques pour prioriser l'application des...

Multiples vulnérabilités dans Microsoft Azure Linux (18 mai 2026)

De multiples vulnérabilités ont été découvertes dans Microsoft Azure Linux. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Multiples vulnérabilités dans Microsoft Edge (18 mai 2026)

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-42897 Microsoft Exchange Server Cross-Site Scripting Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses

F5 Products Multiple Vulnerabilities

GitLab Multiple Vulnerabilities

Google Chrome Multiple Vulnerabilities

Nginx Multiple Vulnerabilities

Multiples vulnérabilités dans les produits IBM (15 mai 2026)

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Siemens gWAP

View CSAF Summary Siemens gPROMS Web Applications Publisher (gWAP) is affected by a remote code execution vulnerability introduced through a third-party component, namely the Axios HTTP client library. The vulnerability stems from a specific "Gadget" attack chain that allows prototype pollution in o

Siemens SIMATIC

View CSAF Summary SIMATIC CN 4100 contains multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version. The following versions of Siemens SI

Siemens Ruggedcom Rox

View CSAF Summary Ruggedcom Rox contains an input validation vulnerability in the Scheduler functionality that could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system. Siemens has released new versions for the affected produc

Siemens Ruggedcom Rox

View CSAF Summary Ruggedcom Rox before v2.17.1 contain multiple third-party vulnerabilities. Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of Siemens Ruggedcom Rox are affected: RUGGEDCOM ROX MX5000 vers:intdot/<2.

Siemens Simcenter Femap

View CSAF Summary Simcenter Femap is affected by heap based buffer overflow vulnerability in Datakit library that could be triggered when the application reads files in IPT format. If a user is tricked to open a malicious file with the affected application, an attacker could leverage the vulnerabili

Universal Robots Polyscope 5

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code. The following versions of Universal Robots Polyscope 5 are affected: Polyscope 5 <5.25.1 CVSS Vendor Equipment Vulnerabilities v3 9.8 Universal Robots Universal Robot

MongoDB Multiple Vulnerabilities

Mozilla Firefox Multiple Vulnerabilities

Palo Alto Products Multiple Vulnerabilities

Adobe Monthly Security Update (May 2026)

Apple Products Multiple Vulnerabilities

Fortinet Products Multiple Vulnerabilities

Microsoft Monthly Security Update (May 2026)

Multiples vulnérabilités dans Google Chrome (13 mai 2026)

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Exim Remote Code Execution Vulnerability

Multiples vulnérabilités dans MISP (30 avril 2026)

De multiples vulnérabilités ont été découvertes dans MISP. Elles permettent à un attaquant de provoquer une élévation de privilèges, une injection SQL (SQLi) et un contournement de la politique de sécurité.

Vulnérabilité dans telnetd (21 janvier 2026)

Le 20 janvier 2026, les détails de la vulnérabilité CVE-2026-24061, affectant *telnetd*, ont été publiés. Cette vulnérabilité permet à un attaquant de contourner l'authentification et de se connecter à une machine vulnérable en tant que l'utilisateur *root*. Elle a été introduite en mars 2015 et...

2026-006: Critical Vulnerability in PAN-OS

On 6 May 2026, Palo Alto published a security advisory addressing a critical vulnerability affecting PAN-OS. This vulnerability allows an unauthenticated attacker to execute arbitrary code with root privileges. Palo Alto observed limited exploitation of this vulnerability. It is strongly recommended

2026-005: High Vulnerability in the Linux Kernel ("Copy Fail")

On 29 April 2026, a high local privilege escalation vulnerability in the Linux kernel, tracked as CVE-2026-31431 and named "Copy Fail", was publicly disclosed. The vulnerability affects every mainstream Linux distributions shipping a kernel built since 2017. A public proof-of-concept exploit has bee

2026-004: Critical Vulnerability in SharePoint Exploited

On 17 March 2026, Microsoft updated one of its January 2026 security advisories related to a remote code execution vulnerability in Microsoft SharePoint. Specifically, Microsoft raised the CVSS score and changed the FAQ section to indicate that the vulnerability could be exploited by an unauthentica

2026-003: Multiple Vulnerabilities in Citrix NetScaler and Citrix ADC

On 23 March 2026, Citrix published a security advisory addressing multiple vulnerabilities affecting NetScaler ADC and NetScaler Gateway. These vulnerabilities may lead to sensitive information disclosure and user session mix-up under specific configurations. At the time of writing, there is no publ

2026-002: Multiple Vulnerabilities in Cisco Products

On 25 February 2026, Cisco released security advisories addressing multiple high and critical severity vulnerabilities in Cisco Catalyst SD-WAN controllers and Cisco SD-WAN Manager. If exploited, these vulnerabilities could allow attackers to gain administrative access to compromised systems. It is

2026-001: Critical vulnerabilities in Ivanti EPMM

On 29 January 2026, Ivanti released a security advisory addressing two critical vulnerabilities in their EPMM products. An attacker could exploit those flaws to achieve unauthenticated remote code execution on the vulnerable device. One of these vulnerabilities have been exploited in a limited numbe

2025-042: Critical Vulnerability in Cisco Secure Email and Web Manager

On December 17, 2025, Cisco released a security advisory for a critical vulnerability affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager products. It is recommended to follow Cisco's recommendations to check whether vulnerable appliances have been compromised, and to remedia

2025-041: Critical Security Vulnerability in React Server Components

On December 3, 2025, the React Team publicly disclosed a critical security vulnerability affecting React Server Components (RSC) and related packages. The vulnerability allows for unauthenticated remote code execution (RCE) via maliciously crafted HTTP requests. It is recommended to update all affec

2025-040: Critical Vulnerability in Windows Server Update Service (WSUS)

On October 23, 2025, Microsoft released an out-of-band update to address a critical vulnerability in Windows Server Update Service (WSUS). This vulnerability could allow a remote unauthenticated attacker to execute code on the targeted systems. A proof-of-concept is publicly available for this vulne

2025-039: High Severity Vulnerability in FortiOS

On October 14, 2025, Fortinet released a security advisory addressing a high severity vulnerability in its FortiOS product. It is recommended updating affected products.