CERT-Bund Security Advisories

NetX Vulnerability Allows Unspecified Attack

CERT-Bund has issued a security advisory (WID-SEC-2026-0731) regarding a vulnerability in NetX, a digital inventory management system. The vulnerability, with a CVSS base score of 6.5, allows for an unspecified remote attack and affects Linux, UNIX, and Windows operating systems.

Microsoft Edge Android Vulnerability Allows Display of False Information

CERT-Bund has issued a security advisory for a vulnerability in Microsoft Edge for Android, allowing remote attackers to display false information. The advisory details affected versions and provides mitigation information.

FreeRDP Vulnerabilities - Remote Code Execution

CERT-Bund has issued an advisory for multiple vulnerabilities in FreeRDP, a Remote Desktop Protocol implementation. The vulnerabilities have a CVSS base score of 8.8 and allow for remote code execution, denial-of-service, and information disclosure.

CPython Vulnerabilities Allow Remote Code Execution

The German Federal Office for Information Security (BSI) has issued a security advisory regarding multiple vulnerabilities in CPython, with a CVSS base score of 7.7. These vulnerabilities allow remote attackers to manipulate files or execute arbitrary code on affected systems.

Vim Vulnerability Allows Code Execution (CVSS 6.6)

The German National Cybersecurity Agency (BSI) has issued a security advisory for a vulnerability in the Vim text editor. The vulnerability, with a CVSS score of 6.6, allows local attackers to execute arbitrary code. Mitigation is available.

Mozilla Firefox, Thunderbird Vulnerabilities (CVSS 8.8)

CERT-Bund has issued an advisory regarding multiple vulnerabilities in Mozilla Firefox, Firefox ESR, and Thunderbird, with a CVSS Base Score of 8.8. The advisory has been updated multiple times to include specific product versions and affected operating systems.

Microsoft ASP.NET/.NET Vulnerabilities Advisory

This advisory updates information on multiple vulnerabilities in Microsoft ASP.NET and .NET, with a CVSS Base Score of 7.8. The update includes affected products on Ubuntu, Oracle, and Red Hat Linux, in addition to previously listed Microsoft ASP.NET Core and .NET versions.