Search

CPython Vulnerabilities Allow Remote Code Execution

The German Federal Office for Information Security (BSI) has issued a security advisory regarding multiple vulnerabilities in CPython, with a CVSS base score of 7.7. These vulnerabilities allow remote attackers to manipulate files or execute arbitrary code on affected systems.

Mozilla Firefox, Thunderbird Vulnerabilities (CVSS 8.8)

CERT-Bund has issued an advisory regarding multiple vulnerabilities in Mozilla Firefox, Firefox ESR, and Thunderbird, with a CVSS Base Score of 8.8. The advisory has been updated multiple times to include specific product versions and affected operating systems.

FreeRDP Vulnerabilities - Remote Code Execution

CERT-Bund has issued an advisory for multiple vulnerabilities in FreeRDP, a Remote Desktop Protocol implementation. The vulnerabilities have a CVSS base score of 8.8 and allow for remote code execution, denial-of-service, and information disclosure.

CISA Adds Two Exploited Vulnerabilities to KEV Catalog

CISA has added two new vulnerabilities, CVE-2026-3909 and CVE-2026-3910, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. Federal Civilian Executive Branch (FCEB) agencies are required to remediate these vulnerabilities per Binding Operational Directive (BOD) 22-01.

Critical Cisco Secure Firewall Management Center Vulnerabilities Addressed

Cisco has released security updates for critical vulnerabilities (CVSS 10.0) in its Secure Firewall Management Center software. Users of affected on-premises versions are advised to update immediately to prevent root access and arbitrary code execution.

Fortinet Vulnerabilities Require Immediate Updates

The Cyber Security Agency of Singapore (CSA) has issued an alert regarding high-severity vulnerabilities in multiple Fortinet enterprise products. Users are strongly advised to update affected systems immediately to mitigate risks of unauthorized code execution, authentication bypass, and privilege escalation.

Microsoft Security Patches for Critical Vulnerabilities

The Cyber Security Agency of Singapore (CSA) has issued an alert regarding Microsoft's release of security patches for critical vulnerabilities in its software. These patches address multiple security flaws, some with a base score of 9.8, requiring immediate attention from users and organizations.

HPE Patches Critical Aruba Networking AOS-CX Vulnerabilities

Hewlett Packard Enterprise (HPE) has released patches for critical vulnerabilities in its Aruba Networking AOS-CX operating system. The most severe flaw (CVE-2026-23813) allows unauthenticated remote attackers to reset administrator passwords. Users are urged to update immediately.

Multiple Vulnerabilities Found in IBM Products

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding multiple vulnerabilities discovered in various IBM products. These vulnerabilities could allow remote code execution, denial of service, and data breaches. Affected users are advised to consult IBM's security bulletins for patch information.

Microsoft Edge Vulnerability Poses Data Confidentiality Risk

The French National Cybersecurity Agency (ANSSI) has issued a notice regarding a vulnerability in Microsoft Edge for Android and iOS. The vulnerability, identified as CVE-2026-26133, poses a risk of data confidentiality breaches. Users are advised to refer to Microsoft's security bulletin for patch information.