FTA Seeks Comments on National Transit Database Information Collection

The Federal Transit Administration (FTA) is seeking public comments on its intention to request an extension without change for the National Transit Database (NTD) information collection. This request is made in accordance with the Paperwork Reduction Act and requires approval from the Office of Management and Budget (OMB).

FTA - Central Florida Lynx Rebuttal to Empire Coach Line Complaint

The Federal Transit Administration (FTA) has received a rebuttal from Central Florida Regional Transportation Authority (Lynx) concerning a complaint filed by Empire Coach Line Inc. This filing is part of an ongoing dispute resolution process managed by the FTA.

Department of Education Teacher Directory Information Collection

The Department of Education is seeking public comment on an extension without change of an existing information collection request (ICR) related to the Teacher Cancellation Low Income Directory. The comment period closes on May 26, 2026.

GIMP Vulnerability: Denial of Service and Information Disclosure

CERT-Bund has issued a security advisory for GIMP, detailing a vulnerability that could allow remote attackers to cause a denial of service or disclose information. The advisory provides a CVSS Base Score of 4.4 (medium) and a Temporal Score of 4.1 (medium). Mitigation measures are not yet available.

IBM License Metric Tool Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in IBM License Metric Tool versions prior to 9.2.43. The vulnerabilities, with a CVSS base score of 7.5, could allow remote attackers to disclose information, perform cross-site scripting attacks, or cause a denial of service. Mitigation is available.

BIND Vulnerabilities Allow Remote Denial of Service Attacks

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Internet Systems Consortium BIND software. These vulnerabilities, with a CVSS Base Score of 7.5, could allow remote attackers to perform denial-of-service attacks or bypass security measures. Affected versions include BIND <9.18.47, <9.20.21, and <9.21.20.

FreeRDP Vulnerabilities Allow Remote Code Execution, DoS

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in FreeRDP, a Remote Desktop Protocol implementation. The vulnerabilities could allow remote attackers to execute arbitrary code, cause denial-of-service, or disclose sensitive information. The advisory affects Fedora Linux and Open Source FreeRDP versions prior to 3.24.2.

Linux Kernel Multiple Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in the Linux Kernel, with a base CVSS score of 7.3. The advisory indicates that remote attacks are possible and mitigation measures are available. The affected products include the Open Source Linux Kernel.

FreeBSD OS Vulnerabilities Allow DoS, Code Execution, Bypass

CERT-Bund has issued a security advisory for FreeBSD OS, detailing multiple vulnerabilities with a CVSS base score of 7.5. Exploitation could lead to denial of service, arbitrary code execution, and security bypass. The advisory affects FreeBSD OS versions prior to 15.0, 14.4, and 13.5.

n8n Workflow Tool Critical Vulnerabilities

CERT-Bund has issued a security advisory for the n8n workflow automation tool, highlighting critical vulnerabilities with a CVSS score of 9.9. The advisory affects versions prior to n8n <2.13.4 and warns of potential remote attacks leading to privilege escalation, code execution, and data manipulation.