SUSE Linux Kernel Vulnerabilities Allow Code Execution

CERT-FR has issued an advisory regarding multiple vulnerabilities in the SUSE Linux kernel. These vulnerabilities could allow for code execution and data compromise. The advisory references numerous SUSE security bulletins detailing the affected components and recommended actions.

Microsoft Products Vulnerability Advisory CVE-2026-4519

CERT-FR has issued an advisory regarding a vulnerability (CVE-2026-4519) in Microsoft products, specifically affecting azl3 python3 versions prior to 3.12.9-10. The advisory directs users to Microsoft's security bulletin for patch information.

Zabbix Vulnerabilities Allow Remote Denial of Service

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Zabbix versions prior to 7.0.22 with the latest security patch. These vulnerabilities could allow remote denial of service and security policy bypass. Users are advised to consult the Zabbix security bulletin for patch information.

Traefik Vulnerabilities Allow Security Policy Bypass

The French National Cybersecurity Agency (ANSSI) has issued an advisory regarding multiple vulnerabilities discovered in Traefik software. These vulnerabilities could allow an attacker to bypass security policies. Affected versions of Traefik require immediate patching.

Spring AI Vulnerabilities Allow Code Execution, SSRF, Policy Bypass

CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Spring AI. These vulnerabilities could allow attackers to achieve remote code execution, server-side request forgery (SSRF), and security policy bypass. Affected versions include Spring AI 1.0.x prior to 1.0.5 and 1.1.x prior to 1.1.4.

Siemens Product Vulnerabilities Allow Remote Denial of Service

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Siemens products, including CPCI85 Central Processing/Communication and SICORE Base system. These vulnerabilities allow for remote denial of service attacks. Affected versions are prior to 26.10. Customers are advised to consult Siemens' security bulletin for patch information.

NetApp Products Vulnerabilities Affecting Data Integrity and Confidentiality

CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in NetApp products, including Active IQ Unified Manager and ONTAP. These vulnerabilities could lead to data integrity and confidentiality breaches, as well as remote denial-of-service attacks. Affected users are advised to consult NetApp security bulletins for patch information.

Duncan v. Roblox Corporation - Personal Injury Product Liability

A civil case, Duncan v. Roblox Corporation, was filed in the U.S. District Court for the Northern District of California on March 27, 2026. The case involves personal injury and product liability claims. The filing includes a complaint and proposed summons.

Luxembourg State Aid Scheme for Net-Zero Transition

The European Commission has approved Luxembourg's State Aid scheme (SA.120921) designed to support the transition towards a net-zero emission economy. The scheme, based on Article 107(3)(c) TFEU and the State Aid Framework for Climate, Environmental protection and Energy (CISAF), will be implemented through direct grants and will be in effect until December 31, 2030.

Merger M.12295: Valea / Rockaway Media / Rockaway Arts

The European Commission has initiated an ongoing merger investigation (M.12295) concerning the proposed combination of Valea, Rockaway Media, and Rockaway Arts. The case involves a simplified procedure under Council Regulation 139/2004, with a provisional deadline of March 31, 2026.