Search

CUPS Vulnerability Allows Code Execution with Administrator Rights

CERT-Bund issued a security advisory regarding a vulnerability in CUPS (Common Unix Printing System) that allows local attackers to execute arbitrary code with administrator privileges. The vulnerability has a CVSS Base Score of 5.2 (medium) and affects multiple operating systems including Linux, UNIX, and Windows. Organizations using CUPS should assess their exposure and apply available patches or workarounds.

Google Android Multiple Vulnerabilities CVSS 7.3

CERT-Bund issued a security advisory warning of multiple vulnerabilities in Google Android with a CVSS Base Score of 7.3 (high severity) and Temporal Score of 6.4 (medium). The vulnerabilities affect Android devices with security patch levels prior to April 1, 2026 and April 5, 2026. Remote attackers can exploit these flaws to conduct unspecified attacks and denial of service attacks against affected devices.

Keycloak Information Disclosure Vulnerability (CVSS 3.7)

CERT-Bund issued a security advisory (WID-SEC-2026-0970) reporting an information disclosure vulnerability in Keycloak, an open-source identity and access management platform. The vulnerability carries a CVSS Base Score of 3.7 (low severity) and allows remote anonymous attackers to potentially expose sensitive information. Affected systems include Keycloak deployments running on Linux and UNIX operating systems.

IBM Maximo Asset Management DoS Vulnerability - CVSS 5.3

CERT-Bund published security advisory WID-SEC-2026-0965 disclosing a Denial of Service vulnerability in IBM Maximo Asset Management versions prior to 7.6.1.3 IF037. The vulnerability carries a CVSS Base Score of 5.3 (medium) and a Temporal Score of 4.6. Remote anonymous attackers can exploit this flaw to conduct DoS attacks against affected installations running on Linux, UNIX, or Windows systems.

Red Hat Enterprise Linux crun Privilege Escalation Vulnerability, CVSS 7.8

CERT-Bund issued a security advisory regarding a high-severity vulnerability (CVSS 7.8) in Red Hat Enterprise Linux's crun container runtime. The flaw allows local attackers to escalate privileges on affected systems. Versions prior to RHEL 9 and RHEL 10 are affected. System administrators should apply available mitigations or updates immediately.

Avahi DoS Vulnerability Advisory - CVSS 5.5 Medium Severity

CERT-Bund issued advisory WID-SEC-2026-0975 regarding a denial of service vulnerability in Avahi, an open-source network service discovery implementation for Linux/UNIX systems. The vulnerability (CVSS Base Score 5.5, Temporal Score 5.0) allows a local attacker to crash the Avahi service, impacting system availability. Affected products include Open Source avahi versions prior to 0.9-rc4. Organizations running vulnerable Avahi installations should apply patches immediately.

Dell PowerScale OneFS Multiple Vulnerabilities, CVSS 6.6, Privilege Escalation

CERT-Bund issued security advisory WID-SEC-2026-0984 regarding multiple vulnerabilities in Dell PowerScale OneFS with CVSS Base Score 6.6 (medium). Affected organizations running Dell PowerScale NAS platforms below versions 9.10.1.7, 9.13.0.1, and 9.13.0.2 face risks of information disclosure and privilege escalation. Mitigation measures are available.

OpenBSD Vulnerability Enables Unspecified Remote Attack

CERT-Bund issued a security advisory regarding a high-severity vulnerability (CVSS 7.3) in OpenBSD versions 7.7 and 7.8 that enables remote attacks by unauthenticated threat actors. The vulnerability allows remote code execution without user interaction. Organizations running affected OpenBSD systems should review and apply available mitigations immediately.

MariaDB DoS Vulnerability - CVSS 6.5 Medium Severity

CERT-Bund issued advisory WID-SEC-2026-0972 disclosing a medium-severity denial-of-service vulnerability in MariaDB database systems. Affected versions include MariaDB prior to 11.4.10, 11.8.6, and 12.2.2, with a CVSS base score of 6.5. Remote authenticated attackers can exploit this vulnerability to conduct DoS attacks against affected installations on Linux, UNIX, and Windows platforms.

Keycloak vulnerabilities CVSS 8.1, affects Linux

Keycloak vulnerabilities CVSS 8.1, affects Linux