Search

CPython Vulnerabilities Allow Remote Code Execution

The German Federal Office for Information Security (BSI) has issued a security advisory regarding multiple vulnerabilities in CPython, with a CVSS base score of 7.7. These vulnerabilities allow remote attackers to manipulate files or execute arbitrary code on affected systems.

Mozilla Firefox, Thunderbird Vulnerabilities (CVSS 8.8)

CERT-Bund has issued an advisory regarding multiple vulnerabilities in Mozilla Firefox, Firefox ESR, and Thunderbird, with a CVSS Base Score of 8.8. The advisory has been updated multiple times to include specific product versions and affected operating systems.

Vim Vulnerability Allows Code Execution (CVSS 6.6)

The German National Cybersecurity Agency (BSI) has issued a security advisory for a vulnerability in the Vim text editor. The vulnerability, with a CVSS score of 6.6, allows local attackers to execute arbitrary code. Mitigation is available.

FreeRDP Vulnerabilities - Remote Code Execution

CERT-Bund has issued an advisory for multiple vulnerabilities in FreeRDP, a Remote Desktop Protocol implementation. The vulnerabilities have a CVSS base score of 8.8 and allow for remote code execution, denial-of-service, and information disclosure.

Microsoft ASP.NET/.NET Vulnerabilities Advisory

This advisory updates information on multiple vulnerabilities in Microsoft ASP.NET and .NET, with a CVSS Base Score of 7.8. The update includes affected products on Ubuntu, Oracle, and Red Hat Linux, in addition to previously listed Microsoft ASP.NET Core and .NET versions.

CISA Adds Two Exploited Vulnerabilities to KEV Catalog

CISA has added two new vulnerabilities, CVE-2026-3909 and CVE-2026-3910, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. Federal Civilian Executive Branch (FCEB) agencies are required to remediate these vulnerabilities per Binding Operational Directive (BOD) 22-01.

Microsoft Security Patches for Critical Vulnerabilities

The Cyber Security Agency of Singapore (CSA) has issued an alert regarding Microsoft's release of security patches for critical vulnerabilities in its software. These patches address multiple security flaws, some with a base score of 9.8, requiring immediate attention from users and organizations.

Microsoft Edge Vulnerability Poses Data Confidentiality Risk

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding a vulnerability in Microsoft Edge for Android and iOS. The vulnerability, identified as CVE-2026-26133, poses a risk of data confidentiality breaches. Users are advised to refer to Microsoft's security bulletin for patch information.

Microsoft Office Vulnerability Advisory CVE-2026-26133

The French National Cybersecurity Agency (ANSSI) has issued an advisory regarding a vulnerability (CVE-2026-26133) in Microsoft Office applications. The vulnerability could lead to data confidentiality breaches.

Microsoft Loop, PowerBI, Teams Vulnerability Disclosure

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding a vulnerability (CVE-2026-26133) affecting Microsoft Loop, PowerBI, and Teams. The vulnerability can lead to data confidentiality breaches. Users are advised to consult Microsoft's security bulletin for patch information.