Alerts

Ivanti has released security updates to fix several vulnerabilities across multiple Ivanti products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, gain elevated privileges, perform SQL injection attacks, manipulate data, or conduct remote code execution attacks. Sample of the addressed vulnerabilities: 1. Ivanti Xtraction Information Disclosure Vulnerability (CVE-2026-8043): CVSS: 9.6 Attack Vector:

Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed 120 flaws across multiple products. Microsoft has addressed multiple vulnerabilities in this release that could allow attackers to gain elevated privileges, perform spoofing attacks, bypass security restrictions, obtain sensitive information, conduct denial-of-service attacks, or execute arbitrary code and

Fortinet has released security updates to fix several vulnerabilities affecting multiple Fortinet products. The addressed vulnerabilities could allow the attacker to conduct denial-of-service attacks, bypass security restrictions, obtain sensitive information, gain elevated privileges, execute unauthorized code or commands, and gain access to the affected system via specially crafted requests. Sample of the addressed vulnerabilities: 1.

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released security updates to address vulnerabilities across multiple SAP products, including SAP S/4HANA, SAP BusinessObjects Business Intelligence Platform, SAP NetWeaver Application Server, SAP Commerce Cloud, SAP HANA, SAP Financial Consolidation, and SAP Incentive and Commission Management. The addressed vulnerabilities could

Mozilla has released an updated Firefox version 150.0.2, Firefox ESR versions 115.35.2 and 140.10.2 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform denial-of- service attacks, execute arbitrary code, and gain access to the affected systems. Sample of the addressed vulnerabilities: 1. Mozilla Firefox Incorrect Boundary Conditions in The Audio/Video:

Microsoft has released security updates to address several vulnerabilities affecting multiple Microsoft products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, conduct spoofing attacks, execute arbitrary code, or gain elevated privileges on the affected systems. Sample of the addressed vulnerabilities: 1. Microsoft Azure DevOps Information Disclosure Vulnerability (CVE-2026- 42826): CVSS: 10.0 Attack

Palo Alto Networks has released a security update to address a critical vulnerability affecting Palo Alto PAN-OS versions 12.1, 11.2, 11.1, and 10.2. The addressed vulnerability could allow the remote attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The addressed vulnerability: PAN-OS: Unauthenticated User-Initiated

OpenSSL has released security updates to address several vulnerabilities affecting OpenSSL Software Services. The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, execute arbitrary code, or obtain sensitive information from the affected system. Sample of the addressed vulnerabilities: 1. OpenSSL Hexadecimal Conversion Heap Buffer Overflow Vulnerability (CVE- 2026-31789): CVSS: 9.8 Attack Vector: Network

Progress Software Corporation has released a security update to fix two vulnerabilities affecting MOVEit Automation. The addressed vulnerabilities could allow the attacker to gain elevated privileges or bypass authentication and gain access to the affected system. The addressed vulnerabilities: 1. Progress MOVEit Automation Authentication Bypass Vulnerability (CVE- 2026-4670): CVSS: 9.8 Attack Vector: Network Attack Complexity:

Apache Tomcat has released a security update to address several vulnerabilities affecting Apache Tomcat. The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform request smuggling attacks, obtain sensitive information from server logs, or redirect victims to attacker-controlled sites to perform phishing or other social engineering attacks. Sample of the addressed vulnerabilities: 1.

cPanel has released a security update to address a vulnerability in cPanel software and WebHost Manager (WHM) affecting all versions after 11.40. The addressed vulnerability could allow the remote unauthorized attacker to bypass authentication and gain access to the affected systems. The addressed vulnerability: cPanel & WHM Login Flow Authentication Bypass Vulnerability (CVE-2026- 41940): CVSS: