Squid Vulnerabilities Allow Denial of Service Attacks

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Squid, an open-source web proxy cache. These vulnerabilities, with a CVSS base score of 8.6, can be exploited by remote attackers to cause a Denial of Service. The advisory applies to Squid versions prior to 7.5 on Linux, UNIX, and Windows systems.

Xen Vulnerability Allows Security Bypass

CERT-Bund has issued a security advisory regarding a vulnerability in Xen, a virtual machine monitor, that allows local attackers from a guest VM to bypass security measures. The advisory, dated March 24, 2026, notes a CVSS base score of 6.7 and indicates that mitigation is available.

OpenClaw Vulnerabilities

CERT-Bund has issued a security advisory for OpenClaw, detailing multiple critical vulnerabilities with a CVSS score of 9.9. These vulnerabilities allow for remote code execution, privilege escalation, data manipulation, and denial-of-service attacks. A mitigation is available.

Zabbix Vulnerabilities Allow Remote Attacks

CERT-Bund has issued a security advisory for Zabbix, detailing multiple vulnerabilities with a CVSS base score of 8.8. These vulnerabilities affect various Zabbix versions and allow remote attackers to disclose information, inject shell commands, perform SQL injection, and cause denial of service.

NATS Server Vulnerabilities Allow Remote Attackers to Disclose/Manipulate Info, Cause DoS

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in NATS Server versions prior to 2.12.6 and 2.11.15. These vulnerabilities, with a CVSS base score of 8.6, allow remote attackers to disclose or manipulate information, cause denial-of-service, and bypass security mechanisms.

Apple Xcode Vulnerabilities Allow Information Disclosure, Denial of Service

CERT-Bund has issued a security advisory for Apple Xcode, detailing multiple vulnerabilities that could allow remote attackers to disclose information or cause a denial of service. The advisory notes a CVSS Base Score of 5.5 (medium) and affects versions prior to 26.4 on MacOS X.

NGINX Plus and NGINX Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in NGINX and NGINX Plus, with a CVSS base score of 8.2. The vulnerabilities affect Linux, UNIX, and Windows operating systems and can be exploited remotely to cause denial of service, data manipulation, bypass security measures, and potentially execute arbitrary code.

Linux Kernel Vulnerabilities Allow DoS, Code Execution

CERT-Bund has issued a security advisory regarding multiple critical vulnerabilities in the Linux Kernel, with a CVSS base score of 9.8. These vulnerabilities can allow attackers to cause denial of service, bypass security measures, disclose information, and potentially execute code remotely. Mitigation measures are available.

US Department of State Celebrates Greece National Day

The U.S. Department of State, through Secretary of State Marco Rubio, issued a statement congratulating Greece on its National Day. The statement highlighted shared democratic ideals, NATO alliance cooperation, and commitment to deepening commercial ties, particularly in energy.

Court Affirms Dismissal of Campaign Finance Violations

The Commonwealth Court of Pennsylvania affirmed the dismissal of a campaign finance violation complaint against Jeff Brown, a former mayoral candidate, and two associated organizations. The court found that the lower court correctly sustained preliminary objections, upholding the dismissal of the complaint.