Canonical Snap Vulnerability Allows Administrator Rights Escalation

CERT-Bund has issued a security advisory (WID-SEC-2026-0758) regarding a vulnerability in Canonical Snap that allows for administrator rights escalation on Linux systems. The advisory details affected versions of Ubuntu Linux snapd and provides mitigation information.

IBM Planning Analytics Vulnerabilities Allow DoS, Info Disclosure

CERT-Bund has issued a security advisory for IBM Planning Analytics, detailing multiple vulnerabilities. These flaws, with a CVSS base score of 7.5, can be exploited for denial of service, information disclosure, and bypass of security measures. The advisory applies to versions prior to 2.1.18.

Xen, Citrix XenServer Vulnerabilities - Local Privilege Escalation

CERT-Bund has issued a security advisory (WID-SEC-2026-0760) regarding multiple vulnerabilities in Xen and Citrix XenServer. These vulnerabilities, with a CVSS Base Score of 7.8, could allow local attackers to escalate privileges, cause a denial-of-service, or disclose confidential information.

Red Hat JBoss Platform Denial of Service Vulnerability

CERT-Bund has issued a security advisory for Red Hat JBoss Enterprise Application Platform, detailing a vulnerability that allows remote attackers to cause a Denial of Service. The advisory provides information on affected versions and mitigation strategies.

Apple iOS, iPadOS, macOS Vulnerability Allows Security Bypass

CERT-Bund has issued a security advisory for a vulnerability in Apple iOS, iPadOS, and macOS that allows security bypass. The advisory details affected versions and provides mitigation information. The vulnerability has a high CVSS base score.

ConnectWise ScreenConnect Privilege Escalation Vulnerability

CERT-Bund has issued a security advisory (WID-SEC-2026-0763) regarding a critical vulnerability in ConnectWise ScreenConnect versions prior to 26.1. The flaw allows remote attackers to bypass security measures and potentially escalate privileges on affected systems running Linux, UNIX, or Windows.

Grafana Tempo Vulnerability Allows Information Disclosure

CERT-Bund has issued a security advisory for Grafana Tempo, detailing a vulnerability (CVSS 7.5) that allows remote attackers to disclose information. Affected versions are prior to 2.10.3, impacting Linux and UNIX systems.

Phoenix Contact FL SWITCH Multiple Vulnerabilities

CERT-Bund has issued a security advisory for Phoenix Contact FL SWITCH industrial network switches due to multiple vulnerabilities. The vulnerabilities could allow remote attackers to execute arbitrary code, cause denial-of-service, or manipulate data.

Dell Remote Access Controller Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Dell Remote Access Controller (iDRAC) versions. The vulnerabilities could allow attackers to execute arbitrary code or disclose sensitive information. Mitigation is available.

Atlassian Confluence Vulnerability Allows Code Execution

CERT-Bund has issued a security advisory for Atlassian Confluence, detailing a vulnerability that allows remote code execution. Affected versions include Confluence Data Center and Server prior to specific releases. Mitigation is available.