Cybersecurity

Dell Secure Connect Gateway Vulnerability Allows Code Execution

CERT-Bund has issued a security advisory for Dell Secure Connect Gateway, identifying a vulnerability that allows remote code execution. The advisory affects versions prior to 5.34.00.00 on Windows systems. Users are advised to apply available mitigations.

CISA Adds Wing FTP Server Vulnerability to KEV Catalog

CISA has added CVE-2025-47813, a Wing FTP Server information disclosure vulnerability, to its Known Exploited Vulnerabilities (KEV) Catalog. This addition is based on evidence of active exploitation and poses significant risks to federal agencies.

Google Chrome Vulnerability Advisory

CERT-FR has issued an advisory regarding a vulnerability in Google Chrome, affecting versions prior to 146.0.7680.80. The vulnerability (CVE-2026-3909) is reportedly being actively exploited, and users are advised to update their software.

Multiple vulnerabilities found in Microsoft products

CERT-FR has issued a notice regarding multiple vulnerabilities discovered in various Microsoft products. The advisory lists affected systems and directs users to Microsoft's security bulletins for patches.

Microsoft Edge Multiple Vulnerabilities Disclosed

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Microsoft Edge. One vulnerability, CVE-2026-3910, is reported to be actively exploited. Users are advised to update their software to the latest versions.

OpenSSL Vulnerability Advisory

CERT-FR has issued an advisory regarding a vulnerability discovered in specific versions of OpenSSL. The advisory, dated March 16, 2026, references CVE-2026-2673 and urges users to consult the OpenSSL security bulletin for patch information.

FedRAMP Updates: Marketplace, RFC Outcomes, RSS Feed

FedRAMP has updated its Marketplace with a new URL and user experience, and introduced an RSS feed for its Changelog. Several public notices were published detailing the outcomes of various RFCs concerning program certifications, external frameworks, and authorization designations.

OpenSSL Vulnerability Allows Bypassing Security Measures

CERT-Bund has issued a security advisory for OpenSSL versions prior to 3.6.2 and 3.5.6. A remote, authenticated attacker can exploit a vulnerability to bypass security measures. Mitigation is available.

OpenClaw Vulnerabilities Allow Code Execution and Privilege Escalation

CERT-Bund has issued a security advisory (WID-SEC-2026-0727) regarding critical vulnerabilities in OpenClaw, a personal AI assistant. The vulnerabilities, with a CVSS Base Score of 9.9, allow for code execution, privilege escalation, data manipulation, and denial-of-service attacks.

Angular XSS Vulnerability Advisory

CERT-Bund has issued a security advisory for Angular, detailing a Cross-Site Scripting (XSS) vulnerability with a CVSS score of 8.0. The advisory affects specific versions of open-source Angular and provides mitigation information.