Germany

Linux Kernel Vulnerabilities Allow Security Bypass

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in the Linux Kernel, identified as WID-SEC-2026-0754. These vulnerabilities allow attackers to bypass security measures, with a CVSS Base Score of 6.5. Several versions of the Open Source Linux Kernel are affected.

IBM SPSS Multiple Vulnerabilities Advisory

CERT-Bund has issued a security advisory for IBM SPSS, detailing multiple vulnerabilities with a CVSS score of 8.2. These vulnerabilities allow for remote attacks, including cross-site scripting and denial of service. Affected systems include Linux, UNIX, and Windows.

KeePassXC Vulnerability Allows Privilege Escalation

CERT-Bund has issued a security advisory for KeePassXC, detailing a vulnerability that allows local attackers to escalate privileges. The advisory affects versions prior to 2.7.12 on Linux, UNIX, and Windows systems.

GIMP Vulnerabilities Allow Remote Code Execution

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in GIMP, a popular open-source image editing software. These vulnerabilities, with a CVSS Base Score of 7.8, could allow remote attackers to execute arbitrary code on affected systems running Linux, UNIX, or Windows.

Varnish HTTP Cache Vulnerability Allows Security Bypass

CERT-Bund has issued a security advisory (WID-SEC-2026-0749) regarding a vulnerability in Varnish HTTP Cache versions prior to 8.0.1, 9.0, 6.0.17, and 6.0.16r12. The vulnerability allows remote attackers to bypass security measures, with a CVSS base score of 6.5.

BaFin Warns Commercehelden GmbH for Prospectus Violation

BaFin has issued a warning regarding Commercehelden GmbH and Marketplace24-7 GmbH for offering capital investments in Germany without a published prospectus. This action highlights potential violations of the German Capital Investment Act and underscores the requirement for prospectus approval.

BaFin: Marketplace24-7 GmbH Offering Investments Without Prospectus

BaFin has evidence that Marketplace24-7 GmbH and Commercehelden GmbH are offering capital investments in Germany without a published prospectus, violating German law. Investors are warned about this offering, and BaFin requests information from potential whistleblowers.

BaFin General Administrative Act on Cross-Border Insurance Activities

The German Federal Financial Supervisory Authority (BaFin) has issued a General Administrative Act to regulate the conduct and run-off of cross-border insurance activities. This act provides specific criteria and outlines discretionary powers for BaFin in overseeing these operations.

BaFin Decreases Domestic Countercyclical Capital Buffer Rate

BaFin has reduced the domestic countercyclical capital buffer rate to 0% effective April 1, 2020. This administrative act applies to institutions as defined by the Banking Act and related financial holding groups. No increase is anticipated before January 1, 2021.

BaFin General Administrative Act on Contracts for Differences (CFDs)

BaFin has issued a general administrative act regarding contracts for differences (CFDs) under EU regulation MiFIR. This act clarifies and potentially restricts the marketing, distribution, and sale of CFDs to retail clients, building upon previous BaFin and ESMA decisions.