Data Privacy & Cybersecurity

Google Chrome Vulnerability Advisory

CERT-FR has issued an advisory regarding a vulnerability in Google Chrome, affecting versions prior to 146.0.7680.80. The vulnerability (CVE-2026-3909) is reportedly being actively exploited, and users are advised to update their software.

Multiple vulnerabilities found in Microsoft products

CERT-FR has issued a notice regarding multiple vulnerabilities discovered in various Microsoft products. The advisory lists affected systems and directs users to Microsoft's security bulletins for patches.

FedRAMP Updates: Marketplace, RFC Outcomes, RSS Feed

FedRAMP has updated its Marketplace with a new URL and user experience, and introduced an RSS feed for its Changelog. Several public notices were published detailing the outcomes of various RFCs concerning program certifications, external frameworks, and authorization designations.

Microsoft Edge Android Vulnerability Allows Display of False Information

CERT-Bund has issued a security advisory for a vulnerability in Microsoft Edge for Android, allowing remote attackers to display false information. The advisory details affected versions and provides mitigation information.

Angular XSS Vulnerability Advisory

CERT-Bund has issued a security advisory for Angular, detailing a Cross-Site Scripting (XSS) vulnerability with a CVSS score of 8.0. The advisory affects specific versions of open-source Angular and provides mitigation information.

OpenClaw Vulnerabilities Allow Code Execution and Privilege Escalation

CERT-Bund has issued a security advisory (WID-SEC-2026-0727) regarding critical vulnerabilities in OpenClaw, a personal AI assistant. The vulnerabilities, with a CVSS Base Score of 9.9, allow for code execution, privilege escalation, data manipulation, and denial-of-service attacks.

NetX Vulnerability Allows Unspecified Attack

CERT-Bund has issued a security advisory (WID-SEC-2026-0731) regarding a vulnerability in NetX, a digital inventory management system. The vulnerability, with a CVSS base score of 6.5, allows for an unspecified remote attack and affects Linux, UNIX, and Windows operating systems.

OpenBSD Vulnerability Allows Attack and Denial of Service

CERT-Bund has issued a security advisory (WID-SEC-2026-0730) regarding a vulnerability in OpenBSD versions prior to 7.8. The vulnerability could allow an attacker to perform unspecified attacks and potentially cause a denial of service. The advisory includes a CVSS base score of 7.5.

OpenSSL Vulnerability Allows Bypassing Security Measures

CERT-Bund has issued a security advisory for OpenSSL versions prior to 3.6.2 and 3.5.6. A remote, authenticated attacker can exploit a vulnerability to bypass security measures. Mitigation is available.

PCPD Alerts on OpenClaw and Agentic AI Privacy Risks

The Hong Kong Office of the Privacy Commissioner for Personal Data (PCPD) has issued an alert regarding the privacy and security risks associated with agentic AI, specifically mentioning OpenClaw. The PCPD reminds organizations and the public to implement adequate security measures when using such AI tools to prevent data breaches and cybersecurity threats.