Searching in Data Privacy & Cybersecurity · Search everything

685 changes Data Privacy & Cybersecurity

Microsoft Multiples vulnérabilités - 6 CVEs identifiées

CERT-FR issued an advisory on 6 Microsoft CVEs affecting azl3 nodejs24 (versions prior to 24.14.1-1), azl3 opensc (prior to 0.27.1-1), and azl3/cbl2 polkit packages. The vulnerabilities allow attackers to cause unspecified security issues. Affected organizations should apply vendor patches immediately.

Priority review Guidance Cybersecurity

6d ago • CERT-FR Security Advisories

Juniper Networks Multiple Vulnerabilities Allow Remote Code Execution

CERT-FR issued advisory CERTFR-2026-AVI-0408 covering 26 Juniper Networks security bulletins (JSA106016 through JSA107875), addressing multiple critical vulnerabilities in Junos OS and Junos OS Evolved across SRX, MX, and PTX Series platforms. Affected versions span from 21.4-EVO through 25.2R1, with risks including remote code execution, data confidentiality and integrity compromise, denial of service, and privilege escalation. Organizations running affected Juniper devices must apply available patches immediately.

Priority review Notice Cybersecurity

6d ago • CERT-FR Security Advisories

Multiple Elastic Vulnerabilities Allow Remote Code Execution

CERT-FR issued advisory CERTFR-2026-AVI-0413 alerting organizations to multiple critical vulnerabilities in Elastic products (Kibana and Logstash, versions 8.x and 9.x). The vulnerabilities allow remote code execution, data integrity compromise, confidentiality breaches, and denial of service. Organizations using these products must update to patched versions immediately.

Priority review Guidance Cybersecurity

6d ago • CERT-FR Security Advisories

GitLab Multiple Vulnerabilities Allow Remote Code Execution, DoS, Data Breach

CERT-FR issued an alert on 11 critical vulnerabilities in GitLab Community and Enterprise Edition affecting versions before 18.10.3, 18.9.5, and 18.8.9. The flaws allow remote code execution, denial of service attacks, and data confidentiality breaches. Users must patch to version 18.10.3 or later to remediate.

Urgent Notice Cybersecurity

6d ago • CERT-FR Security Advisories

Multiple Vulnerabilities in SonicWall SMA1000 Products

CERT-FR issued advisory CERTFR-2026-AVI-0409 warning of four critical vulnerabilities (CVE-2026-4112 through CVE-2026-4116) in SonicWall SMA1000 secure mobile access products. Affected versions include 12.4.3-x prior to 12.4.3-03387 and 12.5.0-x prior to 12.5.0-02624. Successful exploitation could result in data confidentiality breaches, security policy bypass, and privilege escalation.

Priority review Notice Cybersecurity

6d ago • CERT-Bund Security Advisories

OpenCTI Remote Code Execution Vulnerability - CVSS 9.1 Critical

CERT-Bund issued a critical security advisory for OpenCTI (an open-source cyber threat intelligence platform), disclosing a remote code execution vulnerability with CVSS Base Score 9.1. The flaw affects all versions prior to 6.9.5 on Linux and UNIX systems, allowing authenticated remote attackers to execute arbitrary code. Mitigation measures are available.

Urgent Guidance Cybersecurity

6d ago • CERT-Bund Security Advisories

Linux Kernel Denial of Service Vulnerability - CVSS 4.0 Medium

CERT-Bund issued advisory WID-SEC-2026-1037 identifying a medium-severity (CVSS 4.0) denial-of-service vulnerability in multiple Linux Kernel versions. The flaw affects kernel versions prior to 5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.14, 6.19.4, and 7.0-rc1. A local attacker could exploit this vulnerability to cause system unavailability.

Priority review Guidance Cybersecurity

6d ago • CERT-Bund Security Advisories

OpenClaw Multiple Vulnerabilities CVSS 6.3 Affecting Linux/UNIX

CERT-Bund issued a security advisory disclosing multiple vulnerabilities in OpenClaw (open source) versions prior to 2026.4.8 affecting Linux and UNIX operating systems. The vulnerabilities have a CVSS Base Score of 6.3 (medium) and enable remote attackers to disclose information, bypass security measures, or conduct unspecified attacks. Mitigation measures are available.

Routine Guidance Cybersecurity

6d ago • CERT-Bund Security Advisories

Proxmox VE Vulnerability Allows Information Disclosure

Routine Notice

6d ago • NSA Cybersecurity Advisories

Iranian Actors Target US Critical Infrastructure PLCs

NSA, FBI, CISA, EPA, DOE, and US Cyber Command issued a joint cybersecurity advisory warning that Iranian-affiliated APT actors are actively exploiting internet-facing Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs) across U.S. critical infrastructure sectors. The advisory provides TTPs and IOCs and recommends urgent network audits, removal of PLCs from direct internet exposure, and logging review for ports 44818, 2222, 102, and 502.

Priority review Guidance Cybersecurity

Showing 111–120 of 685 changes

← 1 … 10 11 12 13 14 … 69 →

Filters

Clear

Priority

Instrument type

Regulatory area

Stage

Role

Browse Categories

Agriculture & Food Safety 65 AI Regulation 3 Banking & Finance 314 Consumer Protection 46 Courts & Legal 361 Data Privacy & Cybersecurity 76 Defense & National Security 51 Education 22 Energy 100 Environment 86 Environmental & Energy 11 Environmental Regulation 7 Financial Regulation 2 Government & Legislation 279 Government Operations 5 Healthcare 136 Healthcare & Life Sciences 5 Housing 16 Immigration 8 Immigration & Border Control 1 Insurance 58 Labor & Employment 114 Legal & Judicial 9 Pharma & Drug Safety 104 Public Health 2 Real Estate & Housing 3 Sanctions & Export Controls 1 Securities & Investments 10 Securities & Markets 103 Securities Regulation 6 Tax 65 Tax & Revenue 1 Telecom & Technology 47 Trade & Commerce 2 Trade & Sanctions 135 Transportation 60