Searching in Data Privacy & Cybersecurity · Search everything
687 changes Data Privacy & Cybersecurity
Vercel Next.js Vulnerabilities Allow DoS or Security Bypass
CERT-Bund has issued a security advisory for Vercel Next.js, detailing vulnerabilities that could allow remote attackers to perform Denial of Service attacks or bypass security measures. The advisory affects versions prior to 16.1.7 and 15.5.13, with a CVSS base score of 6.5.
NetBox Cross-Site Scripting Vulnerability Advisory
CERT-Bund has issued a security advisory for NetBox, detailing a vulnerability that allows for Cross-Site Scripting attacks. The advisory affects NetBox version 4.3.5 and provides information on mitigation strategies.
Gitea Vulnerabilities Allow Bypass, Data Manipulation, Disclosure
CERT-Bund has issued a security advisory for Gitea, detailing multiple vulnerabilities with a CVSS base score of 7.3. These vulnerabilities can allow attackers to bypass security measures, manipulate data, and disclose confidential information. Users are advised to update to Gitea version 1.25.5 or later.
Kubernetes Vulnerability Allows Remote File Manipulation
CERT-Bund has issued a security advisory (WID-SEC-2026-0738) regarding a vulnerability in Kubernetes that allows remote authenticated attackers to manipulate files. The vulnerability affects the Open Source Kubernetes CSI Driver for NFS versions prior to 4.13.1 and has a CVSS Base Score of 6.5.
Octopus Deploy Vulnerability Allows Remote File Manipulation
CERT-Bund has issued a security advisory for Octopus Deploy, detailing a vulnerability that allows remote authenticated attackers to manipulate files. The advisory affects specific versions of Octopus Deploy running on Linux and Windows and provides mitigation information.
ENISA Chairs EU Agencies Network, Strengthens Cybersecurity
ENISA has taken over the chair of the EU Agencies Network (EUAN) for 2025-2026, focusing on implementing a new governance framework and strengthening cybersecurity across EU agencies. A Memorandum of Understanding was signed to reassert cooperation on shared services, including HR, cybersecurity, and legal services.
CISA KEV: Wing FTP Server Path Disclosure Vulnerability
CISA has added CVE-2025-47813, a path disclosure vulnerability in Wing FTP Server, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability affects versions prior to 7.4.4 and requires specific conditions to exploit.
GNU InetUtils Multiple Vulnerabilities (CVSS 9.8)
CERT-Bund has issued a security advisory (WID-SEC-2026-0734) regarding critical vulnerabilities in GNU InetUtils versions up to 2.7. These vulnerabilities, rated CVSS 9.8, allow for remote code execution and information disclosure on Linux and UNIX systems. Users are advised to update their systems.
CERT-Bund Security Advisory WID-SEC-2026-0733
CERT-Bund has issued security advisory WID-SEC-2026-0733, detailing a new vulnerability. This advisory provides technical details and recommendations for affected parties to mitigate potential security risks.
Dell Secure Connect Gateway Vulnerability Allows Code Execution
CERT-Bund has issued a security advisory for Dell Secure Connect Gateway, identifying a vulnerability that allows remote code execution. The advisory affects versions prior to 5.34.00.00 on Windows systems. Users are advised to apply available mitigations.