Apple iOS, iPadOS, macOS Vulnerability Allows Security Bypass

CERT-Bund has issued a security advisory for a vulnerability in Apple iOS, iPadOS, and macOS that allows security bypass. The advisory details affected versions and provides mitigation information. The vulnerability has a high CVSS base score.

ConnectWise ScreenConnect Privilege Escalation Vulnerability

CERT-Bund has issued a security advisory (WID-SEC-2026-0763) regarding a critical vulnerability in ConnectWise ScreenConnect versions prior to 26.1. The flaw allows remote attackers to bypass security measures and potentially escalate privileges on affected systems running Linux, UNIX, or Windows.

Grafana Tempo Vulnerability Allows Information Disclosure

CERT-Bund has issued a security advisory for Grafana Tempo, detailing a vulnerability (CVSS 7.5) that allows remote attackers to disclose information. Affected versions are prior to 2.10.3, impacting Linux and UNIX systems.

Phoenix Contact FL SWITCH Multiple Vulnerabilities

CERT-Bund has issued a security advisory for Phoenix Contact FL SWITCH industrial network switches due to multiple vulnerabilities. The vulnerabilities could allow remote attackers to execute arbitrary code, cause denial-of-service, or manipulate data.

Dell Remote Access Controller Vulnerabilities

CERT-Bund has issued a security advisory regarding multiple vulnerabilities in Dell Remote Access Controller (iDRAC) versions. The vulnerabilities could allow attackers to execute arbitrary code or disclose sensitive information. Mitigation is available.

Atlassian Confluence Vulnerability Allows Code Execution

CERT-Bund has issued a security advisory for Atlassian Confluence, detailing a vulnerability that allows remote code execution. Affected versions include Confluence Data Center and Server prior to specific releases. Mitigation is available.

Keycloak Vulnerability Allows Information Disclosure

CERT-Bund has issued a security advisory regarding a vulnerability in Keycloak that allows for information disclosure. The vulnerability affects Keycloak versions running on Linux and UNIX operating systems. Users are advised to consult the advisory for mitigation details.

Kentucky AG Secures Indictment for Child Abuse Charges

The Kentucky Attorney General's Office announced the indictment of Aaron Alderman on charges of Criminal Abuse First Degree Child 12 or Under. The indictment alleges Alderman physically abused his infant son in June 2025, causing serious injuries.

Kentucky AG Secures 8-Year Sentence in Strangulation Case

Kentucky Attorney General Russell Coleman announced that the Special Prosecutions Unit helped secure an 8-year prison sentence for Hunter Diel, who pleaded guilty to strangulation and assault charges. The offender has a violent criminal past and was sentenced in McCracken County Circuit Court.

Kentucky AG Indicts Man for Secretly Recording Minors

The Kentucky Attorney General's Special Prosecutions Unit has secured an indictment against Ryan Conn for allegedly secretly recording minors in his home. The charges include promoting sexual performance by a minor, possession of child pornography, and voyeurism.