Alerts

Drupal has released security updates to address several vulnerabilities affecting multiple Drupal products. The addressed vulnerabilities could allow the attacker to conduct cross-site scripting attacks, obtain sensitive information, escalate privileges, manipulate data, execute arbitrary SQL commands, and gain access to the affected products. Samples of the addressed vulnerabilities: 1. Drupal Date iCal Information Disclosure Vulnerability

Mozilla has released an updated Firefox version 151, Firefox ESR versions 115.36 and 140.11 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to conduct denial-of- service and spoofing attacks, obtain sensitive information, bypass security restrictions, gain elevated privileges, execute arbitrary code, and gain access to the affected system. Sample of the

Cisco has released security updates to address several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to conduct denial-of-service attacks, obtain sensitive information, make configuration changes across tenant boundaries with the privileges of the Site Admin user, execute arbitrary code/commands, and gain access to the affected systems. Sample of addressed vulnerabilities:

Microsoft has released a security update to address a critical vulnerability affecting multiple Microsoft Azure products. The addressed vulnerability could allow the remote unauthorized attacker to elevate privileges over a network. The addressed vulnerability: Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability (CVE-2026-42822): CVSS: 10.0 Attack Vector: Network Attack Complexity: Low Privileges Required: None

Google has released an updated Chrome version 148.0.7778.167/168 for Windows and Mac, and version 148.0.7778.167 for Linux. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform denial-of-service attacks, gain elevated privileges, obtain sensitive information, manipulate data, or execute arbitrary code and gain access to the affected systems. Sample of the addressed vulnerabilities:

Apache Tomcat has released a security update to address several vulnerabilities affecting Apache Tomcat. The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, obtain sensitive information, bypass security restrictions, or gain access to the affected system. Sample of the addressed vulnerabilities: 1. Apache Tomcat Digest Authentication Bypass Vulnerability (CVE-2026- 43512): CVSS: 9.8 Attack

Microsoft has released a security update to address a vulnerability affecting Microsoft Exchange Server. The addressed vulnerability could allow attackers to conduct spoofing attacks through a cross-site scripting (XSS) flaw, potentially leading to the execution of arbitrary JavaScript code within the victim’s web browser context. The addressed vulnerability: Microsoft Exchange Server 2016 Spoofing Vulnerability (CVE-2026-42897):

Cisco has released security updates to address several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, gain elevated privileges, bypass security restrictions, and gain access to the affected systems. Sample of addressed vulnerabilities: 1. Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability (CVE- 2026-20182): CVSS: 10 Attack Vector:

F5 has released security updates to address several vulnerabilities affecting multiple F5 products. The addressed vulnerabilities could allow the attacker to conduct denial-of-service and man-in-the-middle attacks, gain elevated privileges, bypass security restrictions, manipulate files, perform cross-site request forgery (CSRF) attacks, obtain sensitive information, execute arbitrary code/commands, and gain access to the affected systems. Sample of

Intel has released security updates to address several vulnerabilities in multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected product. Samples of the addressed vulnerabilities: 1. Intel® Data Center Graphics Driver for VMware ESXi Buffer Overflow Vulnerability (CVE-2026-20794): CVSS: 9.3