CVE-2026-3055 Citrix NetScaler Out-of-Bounds Read Added to KEV Catalog
CISA added CVE-2026-3055, a Citrix NetScaler out-of-bounds read vulnerability, to the Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation. Federal Civilian Executive Branch agencies must remediate this vulnerability per Binding Operational Directive 22-01 requirements. CISA strongly urges all organizations to prioritize timely remediation as part of their vulnerability management practice.
Multiple Microsoft Product Vulnerabilities Advisory
CERT-FR issued an advisory aggregating 44+ Microsoft security vulnerabilities (CVEs) disclosed between March 19-26, 2026. The vulnerabilities affect various Microsoft products, with severity ranging from important to critical. French organizations using Microsoft software are advised to review and apply the referenced security patches.
Docker Desktop SSRF vulnerability, versions before 4.67.0
Docker Desktop SSRF vulnerability, versions before 4.67.0
Multiple Microsoft Edge vulnerabilities, 5 CVEs, security advisory
Multiple Microsoft Edge vulnerabilities, 5 CVEs, security advisory
Roundcube Vulnerability Allows Security Policy Bypass
CERT-FR issued an advisory warning of a security policy bypass vulnerability in Roundcube Webmail affecting versions 1.5.x prior to 1.5.15, 1.6.x prior to 1.6.15, and 1.7.x prior to 1.7-rc6. The vulnerability, disclosed by Roundcube on March 29, 2026, allows attackers to bypass security policies. Organizations running affected versions should update immediately.
Intesa Sanpaolo fined €31.8M for unauthorized access to 3,500+ clients' banking data
The Italian Data Protection Authority (Garante Privacy) imposed a €31.8 million fine on Intesa Sanpaolo S.p.A. for serious data security deficiencies. The bank failed to implement adequate technical and organizational measures to protect personal data, resulting in unauthorized access to banking information of over 3,500 clients for more than two years.
Grafana Multiple Vulnerabilities Remote Code Execution Risk
CERT-Bund issued security advisory WID-SEC-2026-0899 warning of critical vulnerabilities (CVSS Base Score 9.1) in Grafana software. Remote attackers can exploit these flaws to execute code, conduct denial of service attacks, or disclose information. Affected versions include Grafana prior to 12.4.0, 12.3.0, 12.2.0, and 12.0.0 across Linux, UNIX, Windows, and other platforms.
Langflow Multiple Security Vulnerabilities - CVSS 8.8
CERT-Bund issued a security advisory warning of multiple high-severity vulnerabilities in Langflow, an open-source visual interface for building LLM-based applications. The vulnerabilities carry a CVSS Base Score of 8.8 and CVSS Temporal Score of 8.1, enabling remote attackers to conduct information disclosure, data manipulation, and Cross-Site-Scripting attacks. No mitigation is currently available.
Wazuh Multiple Vulnerabilities - Remote Code Execution and DoS
CERT-Bund issued security advisory WID-SEC-2026-0908 warning of multiple vulnerabilities in Wazuh security monitoring platform (CVSS 6.7 medium severity). The vulnerabilities allow remote attackers to execute arbitrary code, perform denial of service attacks, manipulate data, and disclose confidential information. Affected versions include Wazuh prior to 4.13.0, 4.3.11, 4.14.0, and Wazuh Manager/Agent prior to 4.8.0.
Red Hat Undertow Multiple Security Vulnerabilities
CERT-Bund issued security advisory WID-SEC-2026-0907 warning of multiple vulnerabilities in Red Hat Undertow web server with CVSS Base Score 8.7 (high) and Temporal Score 8.0. Remote, anonymous attackers can exploit these flaws to bypass security measures, manipulate data, and disclose confidential information. Organizations running affected versions of Undertow should apply mitigations or patches.
Edge Vulnerability Allows File Manipulation, Information Disclosure
CERT-Bund issued a security advisory about a vulnerability in Microsoft Edge (versions prior to 146.0.3856.84) with a CVSS Base Score of 4.2 (medium). The vulnerability allows remote anonymous attackers to manipulate files and disclose confidential information. Users are advised to update to the patched version.
Vim Remote Code Execution Vulnerability - CVSS 8.2
CERT-Bund issued security advisory WID-SEC-2026-0904 warning of a high-severity vulnerability (CVSS 8.2) in Vim text editor versions prior to 9.2.0172. The vulnerability allows remote code execution by an unauthenticated attacker. Organizations running Vim on Linux, UNIX, Windows, or other platforms should update immediately to the patched version.
Fleet Open-Source Platform Critical SQL Injection and DoS Vulnerabilities
CERT-Bund issued critical security advisory WID-SEC-2026-0902 alerting to severe vulnerabilities in Fleet open-source device management platform versions prior to 4.81.1. The vulnerabilities include SQL injection, denial of service, security bypass, information disclosure, and remote code execution with admin privileges, achieving CVSS Base Score 9.8 (critical). Organizations running Fleet on Linux or UNIX systems should immediately update to version 4.81.1 or later.
Linux Kernel Denial of Service Vulnerabilities
CERT-Bund issued a security advisory identifying multiple vulnerabilities in the Linux Kernel that allow remote attackers to conduct Denial of Service attacks. The vulnerabilities have a CVSS Base Score of 5.3 (medium) and a Temporal Score of 4.6 (medium). Organizations running Linux systems should apply available mitigations.
FRRouting Vulnerability Allows Remote Data Manipulation
CERT-Bund issued a security advisory disclosing a medium-severity vulnerability (CVSS 4.2) in FRRouting Project FRRouting versions up to and including 10.5.1. A remote, authenticated attacker can exploit this flaw to manipulate data on affected systems. Mitigations are available; organizations using FRRouting on Linux or UNIX platforms are advised to apply them promptly.
WebKitGTK Multiple Vulnerabilities Security Advisory
CERT-Bund issued security advisory WID-SEC-2026-0911 identifying multiple vulnerabilities in WebKitGTK (versions before 2.52.1). The vulnerabilities have a CVSS Base Score of 6.5 (medium) and enable denial of service attacks, security feature bypass, information disclosure, and cross-site scripting attacks. Remote exploitation is possible. Mitigation is available via version update.
Tinyproxy vulnerability enables Denial of Service attack
Tinyproxy vulnerability enables Denial of Service attack
Foreman RCE vulnerability, CVSS 8.0, fixes available
Foreman RCE vulnerability, CVSS 8.0, fixes available
Aqua Security Trivy Critical Vulnerability (CVSS 9.9)
CERT-Bund issued a critical security advisory (WID-SEC-2026-0898) for a vulnerability in Aqua Security Trivy, an open-source vulnerability scanner for container images, filesystems, and Git repositories. The vulnerability carries a CVSS Base Score of 9.9 (critical) and allows remote attackers to completely compromise affected systems. Multiple product versions are affected including Trivy 0.69.4, setup-trivy <0.2.6, trivy-action <0.35.0, and Container Images 0.69.5 and 0.69.6. Mitigation measures are available.
Red Hat FUSE libfuse vulnerabilities enable code execution
CERT-Bund issued a security advisory warning of multiple vulnerabilities in Red Hat FUSE (libfuse) versions prior to 3.18.2. The vulnerabilities have a CVSS Base Score of 7.8 (high) and could allow local attackers to execute arbitrary code or cause denial of service. Organizations using affected versions should update immediately.
Critical RCE vulnerability in F5 BIG-IP APM, active exploitation
The NCSC issued an urgent advisory regarding CVE-2025-53521, a critical unauthenticated remote code execution vulnerability in F5 BIG-IP Access Policy Manager that is being actively exploited. All UK organisations using BIG-IP APM are urged to take immediate mitigation action including isolation, investigation for compromise, and patching to the latest version.