Germany

Dell Remote Access Controller Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Dell Remote Access Controller (iDRAC) versions. The vulnerabilities could allow attackers to execute arbitrary code or disclose sensitive information. Mitigation is available.

Apple iOS, iPadOS, macOS Vulnerability Allows Security Bypass

CERT-Bund has issued a security advisory for a vulnerability in Apple iOS, iPadOS, and macOS that allows security bypass. The advisory details affected versions and provides mitigation information. The vulnerability has a high CVSS base score.

Canonical Snap Vulnerability Allows Administrator Rights Escalation

CERT-Bund has issued a security advisory (WID-SEC-2026-0758) regarding a vulnerability in Canonical Snap that allows for administrator rights escalation on Linux systems. The advisory details affected versions of Ubuntu Linux snapd and provides mitigation information.

Atlassian Confluence Vulnerability Allows Code Execution

CERT-Bund has issued a security advisory for Atlassian Confluence, detailing a vulnerability that allows remote code execution. Affected versions include Confluence Data Center and Server prior to specific releases. Mitigation is available.

IBM Planning Analytics Vulnerabilities Allow DoS, Info Disclosure

CERT-Bund has issued a security advisory for IBM Planning Analytics, detailing multiple vulnerabilities. These flaws, with a CVSS base score of 7.5, can be exploited for denial of service, information disclosure, and bypass of security measures. The advisory applies to versions prior to 2.1.18.

Keycloak Vulnerability Allows Information Disclosure

CERT-Bund has issued a security advisory regarding a vulnerability in Keycloak that allows for information disclosure. The vulnerability affects Keycloak versions running on Linux and UNIX operating systems. Users are advised to consult the advisory for mitigation details.

BaFin Imposes Administrative Fine on aap Implantate AG

BaFin has imposed an administrative fine of 158,000 euros on aap Implantate AG for failing to publish a required announcement regarding the availability of its 2024 half-yearly financial report. This action highlights the importance of timely and proper disclosure of financial information under German securities law.

TYPO3 Extensions Multiple Vulnerabilities

CERT-Bund has issued a security advisory for multiple vulnerabilities in TYPO3 Extensions, including Mailqueue and Redirect Tab. The vulnerabilities have a CVSS base score of 7.5 and can allow for remote code execution or information disclosure.

Red Hat Linux Vulnerability Allows Privilege Escalation and Info Disclosure

CERT-Bund has issued a security advisory (WID-SEC-2026-0756) regarding a vulnerability in Red Hat Enterprise Linux versions prior to 10 and version 9. The vulnerability allows local attackers to escalate privileges and disclose information. The CVSS score is 6.8.

Apache Airflow Multiple Vulnerabilities Advisory

CERT-Bund has issued a security advisory for Apache Airflow, detailing multiple vulnerabilities with a CVSS score of 8.6. The advisory affects versions prior to 3.1.8 and impacts Linux and UNIX operating systems. Exploitation could lead to security bypass and information disclosure.