Search

Security Flaw in Dell EMC Isilon, CVSS 8.8

Security Flaw in Dell EMC Isilon, CVSS 8.8

Multiple Vulnerabilities in Helm Allow Arbitrary Code Execution

CERT-Bund published security advisory WID-SEC-2026-1048 disclosing multiple vulnerabilities in Helm (Kubernetes package manager) with a CVSS Base Score of 8.6 (high). Affected versions include helm <4.1.4 and helm <3.20.2. An attacker can exploit these vulnerabilities to manipulate files, bypass security measures, and potentially execute arbitrary code.

Red Hat Products Multiple Vulnerabilities Allow Admin Privilege Escalation

CERT-Bund issued security advisory WID-SEC-2026-1033 warning of multiple vulnerabilities in Red Hat products including Ansible Automation Platform, Enterprise Linux, OpenShift, and Process Automation Manager. Local attackers can exploit these flaws to gain administrator privileges. CVSS base score is 6.4 (medium) with temporal score of 5.9. No remote attack vector exists.

Linux Kernel Vulnerability Allows Physical Access Attacks

CERT-Bund issued security advisory WID-SEC-2026-1049 warning of a vulnerability in the Linux kernel affecting versions prior to 6.1.167, 6.6.130, 6.12.78, 6.18.19, 6.19.9, and 7.0-rc4. Attackers with physical access can exploit the flaw to cause denial of service, execute arbitrary code, or disclose information. The CVSS Base Score is 6.8 (medium). Remote attack is not possible, and mitigations are available.

Adobe Acrobat Reader Remote Code Execution Vulnerability CVE-2026-1047

CERT-Bund issued a critical security advisory for Adobe Acrobat Reader vulnerability CVE-2026-1047 with CVSS Base Score of 9.6. The flaw allows remote, unauthenticated attackers to execute arbitrary code and gain full administrative control of affected systems running Windows, UNIX, and other operating systems. Adobe Acrobat Reader versions up to and including 26.001.21367 are affected.

Checkmk Multiple Vulnerabilities Allow Remote Attackers Unspecified Impacts

CERT-Bund issued security advisory WID-SEC-2026-1050 regarding multiple vulnerabilities in Checkmk IT monitoring software. Affected versions include those prior to 2.6.0b1, 2.5.0b4, 2.4.0p26, and 2.3.0p47. An authenticated remote attacker can exploit these vulnerabilities for unspecified impacts. CVSS Base Score is 6.3 (medium) with CVSS Temporal Score of 5.5.

Stryker Corp Amends Cybersecurity Disclosure Under Item 1.05

Stryker Corp filed an amended Form 8-K with the SEC under Item 1.05 (Cybersecurity Incident Disclosure) to update a prior cybersecurity disclosure. The filing amends a previously submitted disclosure related to a cybersecurity matter at the company's Portage, MI operations. Public companies are required to disclose material cybersecurity incidents on Form 8-K Item 1.05 within four business days of determining materiality.

SugarCRM Sugar Enterprise Multiple Vulnerabilities Allow Admin Access

CERT-Bund published security advisory WID-SEC-2026-1021 disclosing multiple critical vulnerabilities in SugarCRM Sugar Enterprise versions prior to 25.1.3 and 14.0.4. The vulnerabilities carry a CVSS Base Score of 8.8 (high), allowing remote attackers to gain administrator privileges, execute cross-site scripting attacks, bypass security controls, manipulate data, disclose confidential information, and cause denial of service.

Mitel MiCollab Multiple Critical Vulnerabilities Including SQL Injection CVSS 9.8

CERT-Bund issued security advisory WID-SEC-2026-1026 warning of multiple critical vulnerabilities in Mitel MiCollab communication suite. The vulnerabilities carry a CVSS Base Score of 9.8 (critical) and enable remote SQL injection attacks and privilege escalation. Affected versions include MiCollab prior to version 10.2 SP1 running on Linux, UNIX, Windows, and other platforms. Mitigation measures are available.

Juniper Critical Vulnerabilities April 2026: CVSS 10.0 Remote Code Execution, Root Privilege Escalation

CERT-Bund issued security advisory WID-SEC-2026-1022 identifying critical vulnerabilities (CVSS 10.0) in Juniper Apstra, JUNOS OS, JUNOS OS Evolved, QFX Series, MX Series, SRX Series, and Junos Space. Remote attackers can exploit these flaws to gain root privileges, execute arbitrary code, bypass security controls, and exfiltrate sensitive data. Organizations must apply patches immediately to affected systems.