Cybersecurity

IBM Maximo Asset Management DoS Vulnerability - CVSS 5.3

CERT-Bund published security advisory WID-SEC-2026-0965 disclosing a Denial of Service vulnerability in IBM Maximo Asset Management versions prior to 7.6.1.3 IF037. The vulnerability carries a CVSS Base Score of 5.3 (medium) and a Temporal Score of 4.6. Remote anonymous attackers can exploit this flaw to conduct DoS attacks against affected installations running on Linux, UNIX, or Windows systems.

ICE Arrests Rapists, Pedophiles, and Arsonists

DHS announced that ICE arrested criminal illegal aliens convicted of serious crimes including aggravated sexual assault of a child, sexual battery, lewd and lascivious acts with a child, arson, and robbery. The announcement highlighted that nearly 70% of ICE arrests involve illegal aliens charged or convicted of crimes in the United States.

Rakuten Symphony NGDU managing multiple radio carriers O-RAN 847 units

USPTO granted Patent US12598046B2 to Rakuten Symphony, Inc. covering a Near-Real Time Distributed Unit (NGDU) designed to manage multiple radio carriers in Open Radio Access Network (O-RAN) architectures. The patent describes technology for mapping CPRI ports connecting radio units to distributed units, enabling efficient communication management across O-RAN networks.

Mutable Digital Asset Storage Units for Decentralised Peer-to-Peer Verification

The USPTO granted Patent US12598058B2 to British Telecommunications Public Limited Company covering methods for managing mutable digital asset storage units in a decentralised peer-to-peer storage network using cryptographic verification. The patent includes 19 claims relating to selection criteria rules, cryptographic processing functions, and version management of storage units across peer computing systems.

Similarity Calculation System with Homomorphic Encryption

USPTO granted patent US12598057B2 to NEC Corporation on April 7, 2026, covering a similarity calculation system using homomorphic encryption. The system enables secure distance calculations between vectors where one vector remains encrypted on a similarity calculation apparatus while the other is input from a terminal. The invention uses weighted distance tables and additive homomorphic encryption to compute ciphertext sums of element distances.

DHS Requests Kentucky Not to Release Criminal Illegal Alien Detained for Sexual Assault

ICE has lodged a detainer requesting Kentucky authorities not release a criminal illegal alien who was arrested for sexually assaulting a teenager in his church office while working as a pastor. The individual has prior arrests for theft, forgery, and reckless driving. DHS is invoking federal immigration authority to ensure the individual remains detained pending removal proceedings.

Apache Traffic Server vulnerabilities allow DoS, request smuggling

CERT-Bund published security advisory WID-SEC-2026-0978 disclosing multiple vulnerabilities (CVSS Base Score 7.5, CVSS Temporal Score 6.5) in Apache Traffic Server. The vulnerabilities affect versions prior to 9.1.13 and 10.1.2 running on Linux and UNIX systems, including Debian Linux and Fedora Linux. Remote attackers can exploit these vulnerabilities to conduct Denial of Service or HTTP Request Smuggling attacks. Mitigations are available.

sudo Vulnerability Enables Privilege Escalation - CVSS 7.4

CERT-Bund issued security advisory WID-SEC-2026-0971 regarding a vulnerability in sudo (CVSS Base Score 7.4) affecting Linux and UNIX systems. The vulnerability enables local attackers to escalate privileges. Affected products include Microsoft Azure Linux azl3 and Open Source sudo. Mitigation measures are available.

Keycloak vulnerabilities CVSS 8.1, affects Linux

Keycloak vulnerabilities CVSS 8.1, affects Linux

MariaDB DoS Vulnerability - CVSS 6.5 Medium Severity

CERT-Bund issued advisory WID-SEC-2026-0972 disclosing a medium-severity denial-of-service vulnerability in MariaDB database systems. Affected versions include MariaDB prior to 11.4.10, 11.8.6, and 12.2.2, with a CVSS base score of 6.5. Remote authenticated attackers can exploit this vulnerability to conduct DoS attacks against affected installations on Linux, UNIX, and Windows platforms.