Recent changes
BaFin Increases Domestic Countercyclical Capital Buffer Rate
The German Federal Financial Supervisory Authority (BaFin) has increased the domestic countercyclical capital buffer rate to 0.25% of the total risk exposure amount, effective July 1, 2019. This rate will be used for institution-specific buffer calculations starting July 1, 2020.
BaFin Consultation on General Administrative Act for Futures
Germany's BaFin has opened a consultation on a planned General Administrative Act concerning futures with additional payment obligations. The act aims to address investor protection concerns, particularly the risk of unlimited losses and complex speculative practices.
BaFin Orders 2% Capital Buffer for Systemic Risks in Residential Real Estate Financing
BaFin has ordered a 2% capital buffer for systemic risks on residential real estate financing, effective April 1, 2022. This buffer will be calculated based on Common Equity Tier 1 capital and applies to exposures secured by residential property in Germany. The rate will be used for calculation starting February 1, 2023.
Langflow Vulnerabilities Allow Code Execution and Security Bypass
CERT-Bund has issued a security advisory (WID-SEC-2026-0747) regarding critical vulnerabilities in Langflow versions <=1.8.1 and <1.7.2. These flaws allow remote code execution and security bypass, with a CVSS base score of 10.0. Mitigation is available.
Octopus Deploy Vulnerability Allows Remote File Manipulation
CERT-Bund has issued a security advisory for Octopus Deploy, detailing a vulnerability that allows remote authenticated attackers to manipulate files. The advisory affects specific versions of Octopus Deploy running on Linux and Windows and provides mitigation information.
NetBox Cross-Site Scripting Vulnerability Advisory
CERT-Bund has issued a security advisory for NetBox, detailing a vulnerability that allows for Cross-Site Scripting attacks. The advisory affects NetBox version 4.3.5 and provides information on mitigation strategies.
Gitea Vulnerabilities Allow Bypass, Data Manipulation, Disclosure
CERT-Bund has issued a security advisory for Gitea, detailing multiple vulnerabilities with a CVSS base score of 7.3. These vulnerabilities can allow attackers to bypass security measures, manipulate data, and disclose confidential information. Users are advised to update to Gitea version 1.25.5 or later.
Kubernetes Vulnerability Allows Remote File Manipulation
CERT-Bund has issued a security advisory (WID-SEC-2026-0738) regarding a vulnerability in Kubernetes that allows remote authenticated attackers to manipulate files. The vulnerability affects the Open Source Kubernetes CSI Driver for NFS versions prior to 4.13.1 and has a CVSS Base Score of 6.5.
libexif Vulnerability Allows Code Execution and Denial-of-Service
CERT-Bund has issued a security advisory regarding a vulnerability in the libexif library (versions <=0.6.25). The vulnerability allows local attackers to execute arbitrary code, cause a denial-of-service, or disclose confidential information. Mitigation is available.
FFmpeg Vulnerability Allows Denial of Service and Information Disclosure
CERT-Bund has issued a security advisory (WID-SEC-2026-0740) regarding a vulnerability in the FFmpeg RV60 video decoder. The vulnerability allows remote attackers to cause a Denial of Service or disclose information. Affected versions include Open Source ffmpeg <8.1, 8.0, and 8.0.1.
Last 7 days
Most active sources
Browse Categories
Activity
Get daily alerts
Morning digest delivered to your inbox. Free.
Free. Unsubscribe anytime.
Get Germany alerts
Daily digest of regulatory changes. AI-summarized, no noise.
Free. Unsubscribe anytime.