Changeflow GovPing Search

Searching in Data Privacy & Cybersecurity · Search everything

679 changes Data Privacy & Cybersecurity

1h ago CERT-FR Security Advisories
Favicon for www.cert.ssi.gouv.fr

Multiples vulnérabilités dans Ivanti Neurons (XSS et contournement de sécurité)

CERT-FR a publié un avis de sécurité concernant deux vulnérabilités (CVE-2026-4913 et CVE-2026-4914) dans Ivanti Neurons for ITSM versions antérieures à 2025.4. Les failles permettent une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité. Les organisations utilisant ce logiciel doivent vérifier leur version et appliquer les correctifs disponibles via le bulletin de sécurité Ivanti du 14 avril 2026.

Priority review Guidance Cybersecurity
8m ago CISA Cybersecurity Advisories
Favicon for www.cisa.gov

CISA Adds CVE-2009-0238 and CVE-2026-32201 to Known Exploited Vulnerabilities Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation. CVE-2009-0238 is a Microsoft Office Remote Code Execution vulnerability and CVE-2026-32201 is a Microsoft SharePoint Server Improper Input Validation vulnerability. These vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Federal Civilian Executive Branch (FCEB) agencies are required to remediate these vulnerabilities pursuant to Binding Operational Directive 22-01.

Priority review Notice Cybersecurity
2h ago CERT-Bund Security Advisories
Favicon for wid.cert-bund.de

Critical Microsoft Windows Multiple Vulnerabilities CVSS 9.8

CERT-Bund issued advisory WID-SEC-2026-1104 detailing critical multiple vulnerabilities in Microsoft Windows products with a CVSS Base Score of 9.8 (critical) and Temporal Score of 8.5 (high). Affected products include Windows Server 2012 through 2025 and Windows 10 versions 1607 through 22H2 and Windows 11 versions 23H2 through 26H1, along with Microsoft Windows Admin Center. An attacker could exploit these vulnerabilities to achieve remote code execution, privilege escalation, information disclosure, security feature bypass, and denial of service attacks.

Priority review Guidance Cybersecurity
2h ago CERT-Bund Security Advisories
Favicon for wid.cert-bund.de

Dell PowerProtect Data Domain OS Critical Vulnerabilities

CERT-Bund issued security advisory WID-SEC-2026-1118 warning of multiple critical vulnerabilities in Dell PowerProtect Data Domain OS with CVSS Base Score 8.8 (High). Affected versions include OS builds prior to 8.7.0.0, 8.7.0.1, 8.3.1.30, 7.13.1.70, 8.6.0.0, 8.3.1.20, and 7.13.1.60. Remote attackers can exploit these flaws to execute arbitrary code with root privileges, escalate privileges to administrator level, bypass security controls, manipulate data, or disclose confidential information.

Priority review Notice Cybersecurity
2h ago CERT-Bund Security Advisories
Favicon for wid.cert-bund.de

Adobe Acrobat DC, Reader Multiple Vulnerabilities, CVSS 8.6

Adobe Acrobat DC, Reader Multiple Vulnerabilities, CVSS 8.6

Routine Notice
2h ago CERT-Bund Security Advisories
Favicon for wid.cert-bund.de

WID-SEC-2026-1103: Critical Microsoft SQL Server Vulnerabilities Allow Code Execution and Privilege Elevation

CERT-Bund issued security advisory WID-SEC-2026-1103 warning of multiple critical vulnerabilities in Microsoft SQL Server 2016, 2017, 2019, and 2022. The flaws carry a CVSS Base Score of 8.8 (high) and a Temporal Score of 7.7 (high). Attackers can exploit these vulnerabilities remotely to execute arbitrary code and escalate privileges. Mitigations are available.

Urgent Guidance Cybersecurity
2h ago CERT-Bund Security Advisories
Favicon for wid.cert-bund.de

Adobe ColdFusion Critical Flaws Allow Code Execution

CERT-Bund published security advisory WID-SEC-2026-1110 alerting to multiple critical vulnerabilities in Adobe ColdFusion 2023 (prior to Update 19) and Adobe ColdFusion 2025 (prior to Update 7). The vulnerabilities carry a CVSS Base Score of 9.3 (critical) and temporal score of 8.1 (high). An unauthenticated remote attacker can exploit these flaws to execute arbitrary code, bypass security controls, disclose information, and conduct denial of service attacks. Mitigation measures are available.

Urgent Guidance Cybersecurity
2h ago CERT-Bund Security Advisories
Favicon for wid.cert-bund.de

Keycloak Cross-Site Scripting Vulnerability CVSS 6.9 (Medium)

CERT-Bund has published a security advisory regarding a Cross-Site Scripting (XSS) vulnerability in Keycloak, an open-source identity and access management platform. The vulnerability has a CVSS Base Score of 6.9 (Medium) and CVSS Temporal Score of 6.3 (Medium). A remote, authenticated attacker can exploit this vulnerability to conduct XSS attacks. Affected systems run Keycloak on Linux and UNIX operating systems.

Priority review Notice Cybersecurity
2h ago CERT-Bund Security Advisories
Favicon for wid.cert-bund.de

Composer Multiple Vulnerabilities Allow Remote Code Execution

CERT-Bund published security advisory WID-SEC-2026-1128 disclosing multiple vulnerabilities in Open Source Composer (versions below 2.9.6 and 2.2.27 LTS) that allow remote attackers to execute arbitrary code. The CVSS Base Score is 8.8 (high) and the Temporal Score is 7.7 (high). Mitigation measures are available.

Urgent Notice Cybersecurity
2h ago CERT-Bund Security Advisories
Favicon for wid.cert-bund.de

Synology DiskStation Manager Multiple Vulnerabilities CVSS 8.0

CERT-Bund published security advisory WID-SEC-2026-1125 disclosing multiple vulnerabilities in Synology DiskStation Manager (DSM) with a CVSS Base Score of 8.0 (high) and Temporal Score of 7.0 (high). Remote exploitation is confirmed. Affected versions include DSM <7.3.2-86009-2, <7.2.2-72806-7, and <7.2.1-69057-10. The vulnerabilities allow attackers to bypass security measures, manipulate data, disclose confidential information, or cause denial of service.

Priority review Guidance Cybersecurity

Showing 11–20 of 679 changes

1 2 3 4 68

Filters

Clear

Browse Categories

Agriculture & Food Safety 64 AI Regulation 3 Banking & Finance 292 Consumer Protection 45 Courts & Legal 361 Data Privacy & Cybersecurity 76 Defense & National Security 51 Education 21 Energy 100 Environment 86 Environmental & Energy 4 Environmental Regulation 7 Financial Regulation 2 Government & Legislation 279 Government Operations 2 Healthcare 136 Healthcare & Life Sciences 3 Housing 16 Immigration 8 Immigration & Border Control 1 Insurance 58 Labor & Employment 113 Legal & Judicial 5 Pharma & Drug Safety 104 Public Health 2 Real Estate & Housing 2 Sanctions & Export Controls 1 Securities & Markets 103 Securities Regulation 6 Tax 65 Telecom & Technology 47 Trade & Commerce 2 Trade & Sanctions 135 Transportation 58