Dell Secure Connect Gateway Vulnerability Allows Code Execution
CERT-Bund has issued a security advisory for Dell Secure Connect Gateway, identifying a vulnerability that allows remote code execution. The advisory affects versions prior to 5.34.00.00 on Windows systems. Users are advised to apply available mitigations.
CERT-Bund Security Advisory WID-SEC-2026-0733
CERT-Bund has issued security advisory WID-SEC-2026-0733, detailing a new vulnerability. This advisory provides technical details and recommendations for affected parties to mitigate potential security risks.
GNU InetUtils Multiple Vulnerabilities (CVSS 9.8)
CERT-Bund has issued a security advisory (WID-SEC-2026-0734) regarding critical vulnerabilities in GNU InetUtils versions up to 2.7. These vulnerabilities, rated CVSS 9.8, allow for remote code execution and information disclosure on Linux and UNIX systems. Users are advised to update their systems.
CISA Adds Wing FTP Server Vulnerability to KEV Catalog
CISA has added CVE-2025-47813, a Wing FTP Server information disclosure vulnerability, to its Known Exploited Vulnerabilities (KEV) Catalog. This addition is based on evidence of active exploitation and poses significant risks to federal agencies.
Colorado AG Joins Lawsuit Challenging HUD Funding Cuts for Fair Housing Enforcement
Colorado Attorney General Phil Weiser joined a coalition of state attorneys general in filing a lawsuit against the U.S. Department of Housing and Urban Development (HUD). The lawsuit challenges HUD's actions threatening to withhold funding from state and local fair housing enforcement agencies for adhering to state laws and imposing illegal conditions on HUD funding.
Colorado AG Sues OneMain Financial for Deceptive Lending
Colorado has joined a multistate lawsuit against OneMain Financial, alleging deceptive lending practices and hidden fees that inflated borrowers' costs. The lawsuit seeks restitution for consumers, civil penalties, and injunctive relief to stop the alleged unlawful practices.
Dutch DPA Urges Accelerated AI Regulation and Supervision
The Dutch Data Protection Authority (AP) is urging the government to accelerate AI regulation and supervision, citing increasing risks and a deteriorating AI Impact Barometer. The AP warns that current enforcement capabilities are insufficient to address unsafe and discriminatory algorithms.
EDPB, EDPS Joint Opinion on European Biotech Act
The European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) have issued a joint opinion on the proposed European Biotech Act. They support harmonizing clinical trials but call for specific safeguards for sensitive health data.
CNIL Consultation on Session Replay Draft Recommendation
The CNIL has launched a public consultation on its draft recommendation for session replay tools. The recommendation aims to guide tool developers and website operators on compliance with data protection rules, particularly concerning user behavior monitoring. The consultation period closes on April 22, 2026.
EDPB EDPS Joint Opinion on Digital Framework Simplification
The EDPB and EDPS have issued a joint opinion supporting simplification and competitiveness within the digital framework. The opinion addresses EU legislative proposals related to data privacy, artificial intelligence, and e-Privacy.
Google Chrome Vulnerability Advisory
CERT-FR has issued an advisory regarding a vulnerability in Google Chrome, affecting versions prior to 146.0.7680.80. The vulnerability (CVE-2026-3909) is reportedly being actively exploited, and users are advised to update their software.
OpenSSL Vulnerability Advisory
CERT-FR has issued an advisory regarding a vulnerability discovered in specific versions of OpenSSL. The advisory, dated March 16, 2026, references CVE-2026-2673 and urges users to consult the OpenSSL security bulletin for patch information.
Microsoft Edge Multiple Vulnerabilities Disclosed
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Microsoft Edge. One vulnerability, CVE-2026-3910, is reported to be actively exploited. Users are advised to update their software to the latest versions.
Multiple vulnerabilities found in Microsoft products
CERT-FR has issued a notice regarding multiple vulnerabilities discovered in various Microsoft products. The advisory lists affected systems and directs users to Microsoft's security bulletins for patches.
FedRAMP Updates: Marketplace, RFC Outcomes, RSS Feed
FedRAMP has updated its Marketplace with a new URL and user experience, and introduced an RSS feed for its Changelog. Several public notices were published detailing the outcomes of various RFCs concerning program certifications, external frameworks, and authorization designations.
OpenClaw Vulnerabilities Allow Code Execution and Privilege Escalation
CERT-Bund has issued a security advisory (WID-SEC-2026-0727) regarding critical vulnerabilities in OpenClaw, a personal AI assistant. The vulnerabilities, with a CVSS Base Score of 9.9, allow for code execution, privilege escalation, data manipulation, and denial-of-service attacks.
NetX Vulnerability Allows Unspecified Attack
CERT-Bund has issued a security advisory (WID-SEC-2026-0731) regarding a vulnerability in NetX, a digital inventory management system. The vulnerability, with a CVSS base score of 6.5, allows for an unspecified remote attack and affects Linux, UNIX, and Windows operating systems.
Angular XSS Vulnerability Advisory
CERT-Bund has issued a security advisory for Angular, detailing a Cross-Site Scripting (XSS) vulnerability with a CVSS score of 8.0. The advisory affects specific versions of open-source Angular and provides mitigation information.
OpenSSL Vulnerability Allows Bypassing Security Measures
CERT-Bund has issued a security advisory for OpenSSL versions prior to 3.6.2 and 3.5.6. A remote, authenticated attacker can exploit a vulnerability to bypass security measures. Mitigation is available.
Microsoft Edge Android Vulnerability Allows Display of False Information
CERT-Bund has issued a security advisory for a vulnerability in Microsoft Edge for Android, allowing remote attackers to display false information. The advisory details affected versions and provides mitigation information.
OpenBSD Vulnerability Allows Attack and Denial of Service
CERT-Bund has issued a security advisory (WID-SEC-2026-0730) regarding a vulnerability in OpenBSD versions prior to 7.8. The vulnerability could allow an attacker to perform unspecified attacks and potentially cause a denial of service. The advisory includes a CVSS base score of 7.5.
PCPD Alerts on OpenClaw and Agentic AI Privacy Risks
The Hong Kong Office of the Privacy Commissioner for Personal Data (PCPD) has issued an alert regarding the privacy and security risks associated with agentic AI, specifically mentioning OpenClaw. The PCPD reminds organizations and the public to implement adequate security measures when using such AI tools to prevent data breaches and cybersecurity threats.