Security Advisories

Android Denial of Service Vulnerability

Mozilla Products Multiple Vulnerabilities

Fortinet FortiClientEMS Remote Code Execution Vulnerability

SUSE Linux Kernel Multiple Vulnerabilities

Ubuntu Linux Kernel Multiple Vulnerabilities

[Control systems] CISA ICS security advisories (AV26–324)

Serial number: AV26–324Date: April 7, 2026 Between March 30 and April 5, 2026, CISA published ICS advisories to address vulnerabilities in the following products: Anritsu Remote Spectrum Monitor MS27100 – all versions Anritsu Remote Spectrum Monitor MS27101A – all versions Anritsu Remote Spectrum Mo

Mozilla security advisory (AV26-323)

Serial number: AV26-323Date: April 7, 2026 On April 7, 2026, Mozilla published security advisories to address vulnerabilities in the following products: Firefox – versions prior to 149.0.2 Firefox ESR – versions prior to 34.1 Firefox ESR – versions prior to 9.1 The Cyber Centre encourages users and

Dell security advisory (AV26-322)

Serial number: AV26-322Date: April 7, 2026 Between March 30 and April 5, 2026, Dell published security advisories to address vulnerabilities in multiple products: Dell Networking OS10 – versions prior to 10.6.11 Connectrix Switches and Directors – versions prior to sannav_ova_9x_os_02_2026 Elastic C

Hitachi security advisory (AV26-321)

Serial number: AV26-321Date: April 7, 2026 On April 7, 2026, Hitachi published security advisories to address vulnerabilities in the following products: Hitachi Ops Center Common Services (Japanese version) – versions prior to 11.0.8-00 Hitachi Ops Center Common Services (English version) – versions

Erlang security advisory (AV26-320)

Serial number: AV26-320Date: April 7, 2026 On April 7, 2026, Erlang published a security advisory to address a vulnerability in the following products: inets (OTP) – versions prior to 9.1.0.6, 9.3.2.4 and 9.6.2 OTP – versions prior to 28.4.2, 27.3.4.10, and 26.2.5.19 Public_key (OTP) – versions prio

VMware security advisory (AV26-319)

Serial number: AV26-319Date: April 7, 2026 On April 2, 2026, VMware published a security advisory to address critical vulnerabilities in the following products: VMware Tanzu Data Intelligence – versions prior to MySQL for Kubernetes 2.0.2 VMware Tanzu Data Services – versions prior to MySQL for Kube

Red Hat security advisory (AV26-318)

Serial number: AV26-318Date: April 7, 2026 Between March 30 and April 5, 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products: Red Hat CodeReady Linux Builder - mul

Ubuntu security advisory (AV26-317)

Serial number: AV26-317Date: April 7, 2026 Between March 30 and April 5, 2026, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products: Ubuntu 14.04 LTS Ubuntu 16.04 LTS Ubuntu 18.04 LTS Ubuntu 20.04 LTS Ubuntu 22.04 LTS Ubuntu 24.04 LTS Ubun

IBM security advisory (AV26-316)

Serial number: AV26-316Date: April 7, 2026 Between March 30 and April 5, 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: API Connect V12 OnPrem - versions 12.1.0.0 and 12.1.0.1 Automation Assets in IBM Cloud P

AL26-007 - Vulnerability impacting Fortinet FortiClientEMS - CVE-2026-35616

Number: AL26-007Date: April 7, 2026 Audience This Alert is intended for IT professionals and managers. Purpose An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients.

Microsoft Edge security advisory (AV26-315)

Serial number: AV26-315Date: April 7, 2026 On April 1, 2026, Microsoft published a security update to address vulnerabilities in the following product: Microsoft Edge Stable Channel - versions prior to 146.0.3856.97 Microsoft has indicated that CVE-2026-5281 has an available exploit. The Cyber Centr

Android security advisory – April 2026 monthly rollup (AV26-314)

Serial number: AV26-314Date: April 7, 2026 On April 6, 2026, Android published a security bulletin to address vulnerabilities affecting Android devices. The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates. Android Security Bulletin

Fortinet security advisory (AV26-313)

Serial number: AV26-313Date: April 7, 2026 On April 4, 2026, Fortinet published a security advisory to address a critical vulnerability in the following product: FortiClientEMS 7.4 – version 7.4.5 to 7.4.6 On April 6, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-35616

Mitsubishi Electric GENESIS64 and ICONICS Suite products

View CSAF Summary Successful exploitation of these vulnerabilities could allow a local attacker to disclose SQL Server credentials used by the affected products and use them to disclose, tamper with, or destroy data, or to cause a denial-of-service (DoS) condition on the system. The following versio

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

Advisory at a Glance Title Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure Original Publication April 7, 2026 Executive Summary Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity targeting internet-fac

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-35616 - Fortinet FortiClient EMS Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and p

[Security Blog] Reports Unauthorised Access and Leak of Patient Data – Over 56,000 Individuals Affected HKCERT Urges Enhanced Protection and Proactive Risk Management

OpenSSH security advisory (AV26-312)

Serial number: AV26-312Date: April 2, 2026 On April 2, 2026, OpenSSH published a security advisory to address vulnerabilities in the following product: OpenSSH - versions prior to 10.3 The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updat

Cesanta security advisory (AV26-311)

Serial number: AV26-311Date: April 2, 2026 On April 2, 2026, Cesanta published a security advisory to address vulnerabilities in the following product: Mongoose - versions 7.0 to 7.20 The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary update

Progress security advisory (AV26-310)

Serial number: AV26-310Date: April 2, 2026 On April 2, 2026, Progress published a security advisory to address vulnerabilities in the following product: Progress ShareFile - versions prior to v5.12.4 and versions prior to v6 The Cyber Centre encourages users and administrators to review the provided

WatchGuard security advisory (AV26-309)

Serial number: AV26-309Date: April 2, 2026 On April 1, 2026, WatchGuard published a security advisory to address a vulnerability in the following products: Fireware OS 2025-1 - versions 2025.1 to 2026.1.2 Fireware OS 12.x - versions 12.6.1 to 12.11.8 The Cyber Centre encourages users and administrat

Apple security advisory (AV26-275) - Update 1

Serial number: AV26-275Date: March 24, 2026Updated: April 2, 2026 On March 24, 2026, Apple published security updates to address vulnerabilities in the following products: iOS – versions prior to 18.7.7 and versions prior to 26.4 iPadOS – versions prior to 18.7.7 and versions prior to 26.4 macOS Seq

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3502 TrueConf Client Download of Code Without Integrity Check Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors

Hitachi Energy Ellipse

View CSAF Summary Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution (RCE) attack on the product. Please refer to the Recommended Immediate Actions

Siemens SICAM 8 Products

View CSAF Summary Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - RTUM85 for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 -

Yokogawa CENTUM VP

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. The following versions of Yokogawa CENTUM VP are affected: CENTUM VP >=R5.01.00| CENTUM VP >=R6.01.00| CENTUM VP vR7.01.00 (CVE-2025-7741) CVSS Vendor Equipment V

Google Chrome Multiple Vulnerabilities

Google Chrome security advisory (AV26-306) – Update 1

Serial number: AV26-306Date: April 1, 2026Updated: April 1, 2026 On March 31, 2026, Google published a security advisory to address vulnerabilities in the following product: Stable Channel Chrome for Desktop – versions prior to 146.0.7680.177/178 (Windows/Mac) and 146.0.7680.177 (Linux) Google is aw

Drupal security advisory (AV26-308)

Serial number: AV26-308Date: April 1, 2026 On April 1, 2026, Drupal published a security advisory to address a critical vulnerability in the following product : SAML SSO - Service Provider – versions prior to 3.1.4 The Cyber Centre encourages users and administrators to review the provided web link

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-5281 Google Dawn Use-After-Free Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to

RedHat Linux Kernel Multiple Vulnerabilities

Multiples vulnérabilités dans les produits Microsoft (01 avril 2026)

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Anritsu Remote Spectrum Monitor

View CSAF Summary Successful exploitation of this vulnerability could allow attackers with network access to alter operational settings, obtain sensitive signal data, or disrupt device availability. The following versions of Anritsu Remote Spectrum Monitor are affected: Remote Spectrum Monitor MS271

PX4 Autopilot

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker with access to the MAVLink interface to execute arbitrary shell commands without cryptographic authentication. The following versions of PX4 Autopilot are affected: Autopilot v1.16.0_SITL_latest_stable (CVE-2026-

Citrix Products Multiple Vulnerabilities

Phishing Alert – ClickFix Tactics Evolve, Now Attacking Both Windows and macOS

Multiples vulnérabilités dans Papercut (31 mars 2026)

De multiples vulnérabilités ont été découvertes dans Papercut. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Multiples vulnérabilités dans les produits FoxIT (31 mars 2026)

De multiples vulnérabilités ont été découvertes dans les produits FoxIT. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Vulnérabilité dans Symantec Data Loss Prevention (DLP) (31 mars 2026)

Une vulnérabilité a été découverte dans Symantec Data Loss Prevention (DLP). Elle permet à un attaquant de provoquer une élévation de privilèges.

Vulnérabilité dans Elastic OpenTelemetry Java (31 mars 2026)

Une vulnérabilité a été découverte dans Elastic OpenTelemetry Java. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Multiples vulnérabilités dans les produits Microsoft (31 mars 2026)

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Multiples vulnérabilités dans Microsoft Edge (31 mars 2026)

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Vulnérabilité dans F5 BIG-IP Access Policy Manager (31 mars 2026)

Le 15 octobre 2025, F5 a publié un avis de sécurité concernant entre autres la vulnérabilité CVE-2025-53521. Celle-ci affecte BIG-IP APM et permet à un attaquant non authentifié d'exécuter du code à distance. Le 29 mars 2026, l'éditeur indique que cette vulnérabilité est exploitée activement. Le...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3055 Citrix NetScaler Out-of-Bounds Read Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant

Microsoft Edge Multiple Vulnerabilities

Bulletin d'actualité CERTFR-2026-ACT-013 (30 mars 2026)

Ce bulletin d'actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l'analyse de l'ensemble des avis et alertes publiés par le CERT-FR dans le cadre d'une analyse de risques pour prioriser l'application des...

Vulnérabilité dans Docker Desktop (30 mars 2026)

Une vulnérabilité a été découverte dans Docker Desktop. Elle permet à un attaquant de provoquer une falsification de requêtes côté serveur (SSRF).

Multiples vulnérabilités dans les produits Microsoft (30 mars 2026)

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Multiples vulnérabilités dans Microsoft Edge (30 mars 2026)

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Vulnérabilité dans Roundcube (30 mars 2026)

Une vulnérabilité a été découverte dans Roundcube. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-53521 F5 BIG-IP Remote Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant ri

Multiples vulnérabilités dans le noyau Linux de SUSE (27 mars 2026)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Multiples vulnérabilités dans Zabbix (27 mars 2026)

De multiples vulnérabilités ont été découvertes dans Zabbix. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Multiples vulnérabilités dans le noyau Linux d'Ubuntu (27 mars 2026)

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Vulnérabilité dans les produits Microsoft (27 mars 2026)

Une vulnérabilité a été découverte dans les produits Microsoft. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Multiples vulnérabilités dans les produits IBM (27 mars 2026)

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Multiples vulnérabilités dans le noyau Linux de Red Hat (27 mars 2026)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Multiples vulnérabilités dans Traefik (27 mars 2026)

De multiples vulnérabilités ont été découvertes dans Traefik. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.

OpenCode Systems OC Messaging and USSD Gateway

View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated low-privileged user to gain access to SMS messages outside of their authorized tenant scope via a crafted company or tenant identifier parameter. The following versions of OpenCode Systems OC Messaging and U

WAGO GmbH & Co. KG Industrial Managed Switches

View CSAF Summary An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device. The following versions of WAGO GmbH & Co. KG Industrial Managed Switches are affected: WAGO Firmware versions prior to V1

PTC Windchill Product Lifecycle Management

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. The following versions of PTC Windchill Product Lifecycle Management are affected: Windchill PDMLink 11.0_M030 (CVE-2026-4681) Windchill PDMLink 11.1_M020 (CVE-2026-4681) Windchi

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33634 Aqua Security Trivy Embedded Malicious Code Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses si

Cisco IOS XE Multiple Vulnerabilities

GitLab Multiple Vulnerabilities

IBM WebSphere Products Multiple Vulnerabilities

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33017 Langflow Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to t

Apple Products Multiple Vulnerabilities

Mozilla Products Multiple Vulnerabilities

Node.js Multiple Vulnerabilities

TP-Link Router Multiple Vulnerabilities

Grassroots DICOM (GDCM)

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to send a specially crafted file, and when parsed, could result in a denial-of-service condition. The following versions of Grassroots DICOM (GDCM) are affected: Grassroots DICOM (GDCM) 3.2.2 (CVE-2026-3650) CVSS

Schneider Electric EcoStruxure Foxboro DCS

View CSAF Summary Schneider Electric is aware of a vulnerability in its EcoStruxure Foxboro DCS Control Software on Foxboro DCS workstations and servers. Control Core Services and all runtime software, like FCPs, FDCs, and FBMs, are not affected. The EcoStruxure Foxboro DCS ([https://www.se.com/ww/e

Schneider Electric Plant iT/Brewmaxx

View CSAF Summary Successful exploitation of these vulnerabilities could risk privilege escalation, which could result in remote code execution. The following versions of Schneider Electric Plant iT/Brewmaxx are affected: Plant iT/Brewmaxx 9.60_and_above (CVE-2025-49844, CVE-2025-46817, CVE-2025-468

Google Chrome Multiple Vulnerabilities

Microsoft Edge Multiple Vulnerabilities

2026-004: Critical Vulnerability in SharePoint Exploited

On 17 March 2026, Microsoft updated one of its January 2026 security advisories related to a remote code execution vulnerability in Microsoft SharePoint. Specifically, Microsoft raised the CVSS score and changed the FAQ section to indicate that the vulnerability could be exploited by an unauthentica

2026-003: Multiple Vulnerabilities in Citrix NetScaler and Citrix ADC

On 23 March 2026, Citrix published a security advisory addressing multiple vulnerabilities affecting NetScaler ADC and NetScaler Gateway. These vulnerabilities may lead to sensitive information disclosure and user session mix-up under specific configurations. At the time of writing, there is no publ

2026-002: Multiple Vulnerabilities in Cisco Products

On 25 February 2026, Cisco released security advisories addressing multiple high and critical severity vulnerabilities in Cisco Catalyst SD-WAN controllers and Cisco SD-WAN Manager. If exploited, these vulnerabilities could allow attackers to gain administrative access to compromised systems. It is

2026-001: Critical vulnerabilities in Ivanti EPMM

On 29 January 2026, Ivanti released a security advisory addressing two critical vulnerabilities in their EPMM products. An attacker could exploit those flaws to achieve unauthenticated remote code execution on the vulnerable device. One of these vulnerabilities have been exploited in a limited numbe

2025-042: Critical Vulnerability in Cisco Secure Email and Web Manager

On December 17, 2025, Cisco released a security advisory for a critical vulnerability affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager products. It is recommended to follow Cisco's recommendations to check whether vulnerable appliances have been compromised, and to remedia

2025-041: Critical Security Vulnerability in React Server Components

On December 3, 2025, the React Team publicly disclosed a critical security vulnerability affecting React Server Components (RSC) and related packages. The vulnerability allows for unauthenticated remote code execution (RCE) via maliciously crafted HTTP requests. It is recommended to update all affec

2025-040: Critical Vulnerability in Windows Server Update Service (WSUS)

On October 23, 2025, Microsoft released an out-of-band update to address a critical vulnerability in Windows Server Update Service (WSUS). This vulnerability could allow a remote unauthenticated attacker to execute code on the targeted systems. A proof-of-concept is publicly available for this vulne

2025-039: High Severity Vulnerability in FortiOS

On October 14, 2025, Fortinet released a security advisory addressing a high severity vulnerability in its FortiOS product. It is recommended updating affected products.

2025-038: Critical Vulnerabilities in Veeam Backup

On October 14, 2025, Veeam released a security advisory addressing multiple vulnerabilities including 2 critical in its Veeam Backup product. CERT-EU recommends updating affected software as soon as possible and following Veeam implementation best practices.

2025-037: Multiple Vulnerabilities in F5 Products

On October 15, 2025, F5 disclosed that a sophisticated nation-state actor breached its systems and maintained long-term persistent access into F5's infrastructure. This included access to BIG-IP product development source code and to information related to security vulnerabilities that had not yet b