Checkmk Critical Vulnerabilities - Privilege Escalation and XSS

CERT-Bund issued security advisory WID-SEC-2026-0983 identifying critical vulnerabilities in Checkmk IT monitoring software. Multiple security flaws including privilege escalation and Cross-Site Scripting (XSS) were discovered affecting versions below 2.6.0b1, 2.5.0b3, 2.4.0p25, and 2.3.0p46. The vulnerabilities carry a CVSS Base Score of 9.0 (critical) and enable remote attackers to elevate privileges and execute XSS attacks on affected systems running Linux and UNIX.

OpenSSH Multiple Vulnerabilities - Remote Code Execution and Privilege Escalation

CERT-Bund issued security advisory WID-SEC-2026-0979 warning of multiple vulnerabilities in OpenSSH versions prior to 10.3. The vulnerabilities carry a CVSS Base Score of 7.5 (high) and enable remote attackers to execute arbitrary code, escalate privileges, or bypass security mechanisms on affected systems running Linux, UNIX, and Windows. Mitigation measures are available but immediate patching is required.

Keycloak vulnerabilities CVSS 8.1, affects Linux

Keycloak vulnerabilities CVSS 8.1, affects Linux

Apache Traffic Server vulnerabilities allow DoS, request smuggling

CERT-Bund published security advisory WID-SEC-2026-0978 disclosing multiple vulnerabilities (CVSS Base Score 7.5, CVSS Temporal Score 6.5) in Apache Traffic Server. The vulnerabilities affect versions prior to 9.1.13 and 10.1.2 running on Linux and UNIX systems, including Debian Linux and Fedora Linux. Remote attackers can exploit these vulnerabilities to conduct Denial of Service or HTTP Request Smuggling attacks. Mitigations are available.

OpenClaw Multiple Vulnerabilities - CVSS 5.3 (Medium)

CERT-Bund issued a security advisory identifying multiple vulnerabilities in OpenClaw, a personal AI assistant for Linux. The vulnerabilities carry a CVSS Base Score of 5.3 (medium) and allow remote anonymous attackers to manipulate data, bypass security mechanisms, or cause denial of service. Affected versions include OpenClaw prior to version 2026.4.2.

sudo Vulnerability Enables Privilege Escalation - CVSS 7.4

CERT-Bund issued security advisory WID-SEC-2026-0971 regarding a vulnerability in sudo (CVSS Base Score 7.4) affecting Linux and UNIX systems. The vulnerability enables local attackers to escalate privileges. Affected products include Microsoft Azure Linux azl3 and Open Source sudo. Mitigation measures are available.

MariaDB DoS Vulnerability - CVSS 6.5 Medium Severity

CERT-Bund issued advisory WID-SEC-2026-0972 disclosing a medium-severity denial-of-service vulnerability in MariaDB database systems. Affected versions include MariaDB prior to 11.4.10, 11.8.6, and 12.2.2, with a CVSS base score of 6.5. Remote authenticated attackers can exploit this vulnerability to conduct DoS attacks against affected installations on Linux, UNIX, and Windows platforms.

OpenBSD Vulnerability Enables Unspecified Remote Attack

CERT-Bund issued a security advisory regarding a high-severity vulnerability (CVSS 7.3) in OpenBSD versions 7.7 and 7.8 that enables remote attacks by unauthenticated threat actors. The vulnerability allows remote code execution without user interaction. Organizations running affected OpenBSD systems should review and apply available mitigations immediately.

Dell PowerScale OneFS Multiple Vulnerabilities, CVSS 6.6, Privilege Escalation

CERT-Bund issued security advisory WID-SEC-2026-0984 regarding multiple vulnerabilities in Dell PowerScale OneFS with CVSS Base Score 6.6 (medium). Affected organizations running Dell PowerScale NAS platforms below versions 9.10.1.7, 9.13.0.1, and 9.13.0.2 face risks of information disclosure and privilege escalation. Mitigation measures are available.

NCUA Ninth Round Deregulation Proposals - Field of Membership Eligibility

The National Credit Union Administration announced its ninth round of deregulation proposals under the ongoing Deregulation Project. The proposal targets 12 CFR 701, Appendix B concerning credit union chartering and field of membership eligibility. NCUA seeks to remove the automatic disqualification of associational groups that require purchase of a product or service as a condition of membership, replacing it with a more holistic evaluation approach.