France

Debian LTS Linux Kernel Vulnerabilities Affecting Confidentiality, Denial of Service, Privilege Escalation

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in the Linux kernel used in Debian LTS systems. These vulnerabilities could lead to data confidentiality breaches, denial of service, and privilege escalation. Users are advised to consult Debian's security bulletins for patch information.

Multiple vulnerabilities in Elastic products

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in various Elastic products, including Elasticsearch, Kibana, Logstash, Metricbeat, and Packetbeat. These vulnerabilities could allow remote attackers to execute arbitrary code, compromise data confidentiality, and bypass security policies.

Product Recall: Artis PL E and Artis Symbiose Intraocular Lenses

The French National Agency for the Safety of Medicines and Health Products (ANSM) has announced a product recall for Artis PL E and Artis Symbiose intraocular lenses manufactured by Cristalens Industrie. This safety action, registered under number R2606056, requires healthcare facilities to take immediate action regarding the affected lots.

Curosurf Safety Information and Lot Recall

The French drug agency ANSM, in agreement with Laboratoire Chiesi SAS, has initiated a recall of one lot (Lot 1204229, Exp 04/2026) of Curosurf 120 mg/1.5 ml suspension for endotracheobronchial instillation. This precautionary measure follows a deviation observed during environmental monitoring at the production site.

ANSM Security Alert for EdgeSuite Software and EdgeLab Module

The French National Agency for Medicines and Health Products Safety (ANSM) has issued a security alert regarding the EdgeSuite software and EdgeLab module from In Log. Affected medical analysis laboratories have been notified directly by the company.

Python Vulnerability Allows Security Policy Bypass

CERT-FR has issued an advisory regarding a vulnerability in Python (CVE-2026-3479) that allows attackers to bypass security policies. The advisory urges users to apply the latest security patches provided by the Python editor.

VMware Product Vulnerabilities Identified by CERT-FR

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in various VMware products. These vulnerabilities could allow an attacker to cause unspecified security issues. Affected users are advised to consult VMware's security bulletins for patch information.

CERT-FR Advises on Splunk Universal Forwarder Vulnerabilities

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Splunk Universal Forwarder. The advisory details affected versions and references Splunk's security bulletin for patch information. The vulnerabilities could allow an attacker to cause unspecified security issues.

CERT-FR: Multiple vulnerabilities in Roundcube software

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Roundcube webmail software. The vulnerabilities could lead to data confidentiality breaches, server-side request forgery (SSRF), and remote code injection (XSS). Users are advised to consult the editor's security bulletin for patch information.

Mitel Products Vulnerability - XSS

CERT-FR has issued an advisory regarding a remote code injection (XSS) vulnerability affecting various Mitel product versions. Affected systems include specific versions of MCX and MiContact Center Business. Users are advised to consult Mitel's security bulletin for patch information.