CERT-FR Security Advisories

CERT-FR: Multiple vulnerabilities in Mattermost Server

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Mattermost Server. These vulnerabilities could allow an attacker to bypass security policies. Users are advised to consult Mattermost's security bulletins for patch information.

Multiple Vulnerabilities in Kaspersky Products Identified

CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in various Kaspersky product versions. These vulnerabilities could allow an attacker to cause unspecified security issues. Users are advised to consult Kaspersky's security bulletin for patch information.

Multiple Python Vulnerabilities Affect CPython Systems

CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Python, specifically affecting CPython systems without the latest security patches. These vulnerabilities could lead to security policy bypass. Users are advised to consult the editor's security bulletins for available patches.

Microsoft Edge Vulnerability CVE-2026-3909

CERT-FR has issued a security advisory regarding a vulnerability in Microsoft Edge, identified as CVE-2026-3909. The advisory notes that this vulnerability is actively being exploited and affects versions prior to 146.0.3856.62.

CERT-FR: Multiple Xen Vulnerabilities Disclosed

CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Xen versions 4.17.x and 4.18.x. These vulnerabilities could lead to data breaches, remote denial of service, and privilege escalation. Users are advised to apply security patches provided by Xen.

CERT-FR: Multiple Spring AI Vulnerabilities, SQL Injection Risks

CERT-FR has issued an advisory regarding multiple vulnerabilities in Spring AI, versions 1.0.x prior to 1.0.4 and 1.1.x prior to 1.1.3. These vulnerabilities allow for SQL injection and security policy bypass. Users are advised to consult the vendor's security bulletins for patch information.

CERT-FR: Multiple Redmine Vulnerabilities Identified

CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Redmine software. The vulnerabilities include Cross-Site Scripting (XSS) and security policy bypass, affecting specific versions of Redmine. Users are advised to consult the Redmine security advisories for patch information.

Microsoft Products Vulnerability CVE-2026-32249 Discovered

CERT-FR has issued a notice regarding a vulnerability (CVE-2026-32249) discovered in Microsoft products. The advisory details affected systems and directs users to Microsoft's security bulletin for patches.

OpenSSL Vulnerability Advisory

CERT-FR has issued an advisory regarding a vulnerability discovered in specific versions of OpenSSL. The advisory, dated March 16, 2026, references CVE-2026-2673 and urges users to consult the OpenSSL security bulletin for patch information.

Google Chrome Vulnerability Advisory

CERT-FR has issued an advisory regarding a vulnerability in Google Chrome, affecting versions prior to 146.0.7680.80. The vulnerability (CVE-2026-3909) is reportedly being actively exploited, and users are advised to update their software.