Keycloak vulnerabilities CVSS 8.1, affects Linux

Keycloak vulnerabilities CVSS 8.1, affects Linux

Apache Traffic Server vulnerabilities allow DoS, request smuggling

CERT-Bund published security advisory WID-SEC-2026-0978 disclosing multiple vulnerabilities (CVSS Base Score 7.5, CVSS Temporal Score 6.5) in Apache Traffic Server. The vulnerabilities affect versions prior to 9.1.13 and 10.1.2 running on Linux and UNIX systems, including Debian Linux and Fedora Linux. Remote attackers can exploit these vulnerabilities to conduct Denial of Service or HTTP Request Smuggling attacks. Mitigations are available.

OpenClaw Multiple Vulnerabilities - CVSS 5.3 (Medium)

CERT-Bund issued a security advisory identifying multiple vulnerabilities in OpenClaw, a personal AI assistant for Linux. The vulnerabilities carry a CVSS Base Score of 5.3 (medium) and allow remote anonymous attackers to manipulate data, bypass security mechanisms, or cause denial of service. Affected versions include OpenClaw prior to version 2026.4.2.

sudo Vulnerability Enables Privilege Escalation - CVSS 7.4

CERT-Bund issued security advisory WID-SEC-2026-0971 regarding a vulnerability in sudo (CVSS Base Score 7.4) affecting Linux and UNIX systems. The vulnerability enables local attackers to escalate privileges. Affected products include Microsoft Azure Linux azl3 and Open Source sudo. Mitigation measures are available.

MariaDB DoS Vulnerability - CVSS 6.5 Medium Severity

CERT-Bund issued advisory WID-SEC-2026-0972 disclosing a medium-severity denial-of-service vulnerability in MariaDB database systems. Affected versions include MariaDB prior to 11.4.10, 11.8.6, and 12.2.2, with a CVSS base score of 6.5. Remote authenticated attackers can exploit this vulnerability to conduct DoS attacks against affected installations on Linux, UNIX, and Windows platforms.

OpenBSD Vulnerability Enables Unspecified Remote Attack

CERT-Bund issued a security advisory regarding a high-severity vulnerability (CVSS 7.3) in OpenBSD versions 7.7 and 7.8 that enables remote attacks by unauthenticated threat actors. The vulnerability allows remote code execution without user interaction. Organizations running affected OpenBSD systems should review and apply available mitigations immediately.

Dell PowerScale OneFS Multiple Vulnerabilities, CVSS 6.6, Privilege Escalation

CERT-Bund issued security advisory WID-SEC-2026-0984 regarding multiple vulnerabilities in Dell PowerScale OneFS with CVSS Base Score 6.6 (medium). Affected organizations running Dell PowerScale NAS platforms below versions 9.10.1.7, 9.13.0.1, and 9.13.0.2 face risks of information disclosure and privilege escalation. Mitigation measures are available.

NCUA Ninth Round Deregulation Proposals - Field of Membership Eligibility

The National Credit Union Administration announced its ninth round of deregulation proposals under the ongoing Deregulation Project. The proposal targets 12 CFR 701, Appendix B concerning credit union chartering and field of membership eligibility. NCUA seeks to remove the automatic disqualification of associational groups that require purchase of a product or service as a condition of membership, replacing it with a more holistic evaluation approach.

AML/CFT Program Requirements - Joint Notice of Proposed Rulemaking

The FDIC, OCC, and NCUA have issued a joint notice of proposed rulemaking to amend AML/CFT program requirements for supervised banks and credit unions. The proposed amendments would align agency regulations with FinCEN requirements and the Anti-Money Laundering Act of 2020, introducing risk-based program requirements, US-based designated AML/CFT officer requirements, and a new FinCEN consultation framework for supervisory and enforcement actions.

U.S. Embassy Philippines Public Diplomacy Section Annual Program Statement 2026

The U.S. Embassy in the Philippines Public Diplomacy Section announced grant funding opportunities ranging from $5,000 to $50,000 for public diplomacy programs. Eligible applicants include not-for-profit organizations, think tanks, civil society/NGOs, educational institutions, and individuals. Applications close July 31, 2026.