Germany

Budibase Vulnerability Allows Bypass and Information Disclosure

CERT-Bund has issued a security advisory (WID-SEC-2026-0776) regarding a vulnerability in Budibase, an open-source low-code platform. The vulnerability allows remote, authenticated attackers to bypass security mechanisms and disclose information. Affected versions include Budibase <=3.30.6.

IBM App Connect Enterprise Multiple Vulnerabilities

CERT-Bund has issued a security advisory for IBM App Connect Enterprise, detailing multiple critical vulnerabilities with a CVSS score of 9.3. These vulnerabilities could allow remote attackers to cause denial-of-service or enable cross-site scripting attacks.

Red Hat Enterprise Linux and OpenShift Vulnerabilities Disclosed

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Red Hat Enterprise Linux (RHEL) and Red Hat OpenShift. The vulnerabilities have a CVSS Base Score of 7.3 and could allow for arbitrary code execution, denial of service, file manipulation, and information disclosure.

CERT-Bund: MongoDB Vulnerabilities Disclosed, Remote Attack Possible

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in MongoDB, versions prior to 8.3.0-rc0, 8.0.20, 7.0.31, and 8.2.6. These vulnerabilities allow for remote attacks, including information disclosure and arbitrary code execution. The advisory highlights a high CVSS Base Score of 8.8.

Atlassian Jira Multiple Vulnerabilities

CERT-Bund has issued a security advisory for Atlassian Jira, detailing multiple vulnerabilities with a CVSS base score of 7.2. The advisory affects Data Center and Server versions prior to specific releases. Users are advised to implement mitigations.

Atlassian Confluence Vulnerability Allows Code Execution

CERT-Bund has issued a security advisory for Atlassian Confluence, detailing a vulnerability that allows remote code execution. Affected versions include Confluence Data Center and Server prior to specific releases. Mitigation is available.

Keycloak Vulnerability Allows Information Disclosure

CERT-Bund has issued a security advisory regarding a vulnerability in Keycloak that allows for information disclosure. The vulnerability affects Keycloak versions running on Linux and UNIX operating systems. Users are advised to consult the advisory for mitigation details.

ConnectWise ScreenConnect Privilege Escalation Vulnerability

CERT-Bund has issued a security advisory (WID-SEC-2026-0763) regarding a critical vulnerability in ConnectWise ScreenConnect versions prior to 26.1. The flaw allows remote attackers to bypass security measures and potentially escalate privileges on affected systems running Linux, UNIX, or Windows.

Red Hat JBoss Platform Denial of Service Vulnerability

CERT-Bund has issued a security advisory for Red Hat JBoss Enterprise Application Platform, detailing a vulnerability that allows remote attackers to cause a Denial of Service. The advisory provides information on affected versions and mitigation strategies.

Grafana Tempo Vulnerability Allows Information Disclosure

CERT-Bund has issued a security advisory for Grafana Tempo, detailing a vulnerability (CVSS 7.5) that allows remote attackers to disclose information. Affected versions are prior to 2.10.3, impacting Linux and UNIX systems.