EG-FinCIRT

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References

The post Mozilla Firefox Security Updates – 21 May 2026 appeared first on EG-FinCIRT.

Cisco Security Updates – 21 May 2026

Thu, 21 May 2026 06:46:55 +0000

145/2026

Critical

May 21, 2026

9:46 am

Cisco has released security updates to address several vulnerabilities affecting multiple Cisco products.

The addressed vulnerabilities could allow the attacker to conduct denial-of-service attacks, obtain sensitive information, make configuration changes across tenant boundaries with the privileges of the Site Admin user, execute arbitrary code/commands, and gain access to the affected systems.

Sample of addressed vulnerabilities:

1. Cisco Secure Workload Unauthorized API Access Vulnerability (CVE-2026-20223):

CVSS: 10
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Gain Access

2. Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability (CVE-2026-20171):

CVSS: 6.8
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Consequences: Denial of Service

The affected products:

Cisco Secure Workload Cluster Software.
Cisco ThousandEyes Virtual Appliance.
Cisco ThousandEyes BrowserBot.
Cisco Nexus 3000 Series and 9000 Series Switches.

Vulnerabilities

CVE-2026-20223
CVE-2026-20199
CVE-2026-20206
CVE-2026-20171

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References

The post Cisco Security Updates – 21 May 2026 appeared first on EG-FinCIRT.

F5 Security Update – 20 May 2026

Wed, 20 May 2026 08:54:58 +0000

144/2026

High

May 20, 2026

11:54 am

F5 has released a security update to address a vulnerability across F5 NGINX JavaScript (njs).

The addressed vulnerability could allow the remote attacker to perform denial of service (DoS) attacks on the NGINX system, or to possibly trigger code execution.

The addressed vulnerability:

NGINX ngx_Http_Js_Module Denial of Service Vulnerability (CVE-2026-8711):

CVSS: 8.1
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Consequences: Denial of Service

Vulnerabilities

CVE-2026-8711

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References

The post F5 Security Update – 20 May 2026 appeared first on EG-FinCIRT.

Microsoft Security Update – 20 May 2026

Wed, 20 May 2026 08:46:08 +0000

143/2026

High

May 20, 2026

11:46 am

Microsoft has released security updates to address several vulnerabilities affecting multiple Microsoft products.

The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, bypass security restrictions, execute arbitrary code, or gain elevated privileges on the affected systems.

Sample of the addressed vulnerabilities:

1. Microsoft Defender Remote Code Execution Vulnerability (CVE-2026-45584):

CVSS: 8.1
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Consequences: Remote Code Execution

2. Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability (CVE-2026-42834):

CVSS: 7.8
Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Consequences: Gain Privileges

Sample of the affected products:

Windows Admin Center in Azure Portal.
Microsoft Malware Protection Engine.
Microsoft Defender Antimalware Platform.

Vulnerabilities

CVE-2026-45584
CVE-2026-45585
CVE-2026-45498
CVE-2026-41091
CVE-2026-42834

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References

The post Microsoft Security Update – 20 May 2026 appeared first on EG-FinCIRT.

Microsoft Security Update -19 May 2026

Tue, 19 May 2026 08:37:51 +0000

142/2026

Critical

May 19, 2026

11:37 am

Microsoft has released a security update to address a critical vulnerability affecting multiple Microsoft Azure products.

The addressed vulnerability could allow the remote unauthorized attacker to elevate privileges over a network.

The addressed vulnerability:

Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability (CVE-2026-42822):

CVSS: 10.0
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Gain Privileges

The affected products:

Azure Resource Manager.
Azure Local.

Vulnerabilities

CVE-2026-42822

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References

Google Chrome Security Updates

The post Microsoft Security Update -19 May 2026 appeared first on EG-FinCIRT.

Google Chrome Security Updates – 18 May 2026

Mon, 18 May 2026 08:21:27 +0000

141/2026

Critical

May 18, 2026

11:21 am

Google has released an updated Chrome version 148.0.7778.167/168 for Windows and Mac, and version 148.0.7778.167 for Linux.

The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform denial-of-service attacks, gain elevated privileges, obtain sensitive information, manipulate data, or execute arbitrary code and gain access to the affected systems.

Sample of the addressed vulnerabilities:

1. Google Chrome UI Use-After-Free Vulnerability (CVE-2026-8511):

CVSS: 9.6
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Consequences: Security Bypass

2. Google Chrome Skia Integer Overflow Vulnerability (CVE-2026-8510):

CVSS: 7.5
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: Required
Consequences: Data Manipulation

Vulnerabilities

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Google Chrome Security Updates

References

Google Chrome Security Updates

The post Google Chrome Security Updates – 18 May 2026 appeared first on EG-FinCIRT.

Linux Security Updates – 17 May 2026

Sun, 17 May 2026 06:17:23 +0000

140/2026

High

May 17, 2026

9:17 am

Linux has released security updates to address several vulnerabilities in Linux Kernel.

The addressed vulnerabilities could allow the attacker to perform denial of service attacks, obtain sensitive information, or gain elevated privileges on the affected system.

Sample of the addressed vulnerabilities:

1. Linux Kernel Local Privilege Escalation Vulnerability (CVE-2026-46300):

CVSS: 7.8
Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Consequences: Gain Privileges

2. Linux Kernel Local Information Disclosure Vulnerability (CVE-2026-46333):

CVSS: 7.8
Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Consequences: Obtain Information

It should be highlighted that security researchers disclosed a proof-of-concept (PoC) exploit that exists in the wild for the vulnerability “CVE-2026-46300”.

Vulnerabilities

CVE-2026-46300
CVE-2026-46333
CVE-2026-8449

Mitigations

The enterprise should deploy the patches as soon as the testing phase is completed and should check with its vendors for updates, if any.

Below is a sample of the distributors’ fixes:

References

The post Linux Security Updates – 17 May 2026 appeared first on EG-FinCIRT.

Grafana Security Updates – 17 May 2026

Sun, 17 May 2026 06:07:34 +0000

139/2026

High

May 17, 2026

9:07 am

Grafana has released security updates to fix several vulnerabilities across multiple Grafana products.

The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, obtain sensitive information, gain elevated privileges, manipulate files, or bypass security restrictions on the affected systems.

Sample of the addressed vulnerabilities:

1. Grafana Auth Proxy IPv6 Whitelist Bypass Vulnerability (CVE-2026-33376):

CVSS: 7.4
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Consequences: Security Bypass

2. Dashboard Import Overwrites ACL — Editor Privilege Escalation to Dashboard Admin Vulnerability (CVE-2026-33377):

CVSS: 7.1
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Consequences: Gain Privileges

Vulnerabilities

CVE-2026-33376
CVE-2026-28380
CVE-2026-33377
CVE-2026-33378
CVE-2026-28376
CVE-2026-28383
CVE-2026-28374
CVE-2026-33380
CVE-2026-33381
CVE-2026-28379

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Grafana Security Advisory

References

Grafana Security Advisory

The post Grafana Security Updates – 17 May 2026 appeared first on EG-FinCIRT.

Apache Tomcat Security Update – 17 May 2026

Sun, 17 May 2026 06:02:17 +0000

138/202

Critical

May 17, 2026

9:02 am

Apache Tomcat has released a security update to address several vulnerabilities affecting Apache Tomcat.

The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, obtain sensitive information, bypass security restrictions, or gain access to the affected system.

Sample of the addressed vulnerabilities:

1. Apache Tomcat Digest Authentication Bypass Vulnerability (CVE-2026- 43512):

CVSS: 9.8
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Gain Access

2. Apache Tomcat HTTP/2 Request Header Validation Vulnerability (CVE-2026- 41293):

CVSS: 9.8
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Bypass Security

Vulnerabilities

CVE-2026-43512
CVE-2026-43513
CVE-2026-43514
CVE-2026-43515
CVE-2026-42498
CVE-2026-41293
CVE-2026-41284

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Apache Tomcat Security Advisory

References

Apache Tomcat Security Advisory

The post Apache Tomcat Security Update – 17 May 2026 appeared first on EG-FinCIRT.

Apple Security Updates – 17 May 2026

Sun, 17 May 2026 05:55:09 +0000

137/2026

High

May 17, 2026

8:55 am

Apple has released security updates to address multiple vulnerabilities across macOS Tahoe, macOS Sequoia, macOS Sonoma, and Safari.

The addressed vulnerabilities could allow the attacker to conduct denial-ofservice attacks, gain elevated privileges, obtain sensitive information, bypass security restrictions, or execute arbitrary code and gain access to affected systems.

Sample of the addressed vulnerabilities:

1. Apple Safari Use-After-Free Vulnerability (CVE-2026-28947):

CVSS: 8.8
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Consequences: Denial of Service

2. Apple macOS Disclose Sensitive User Information Vulnerability (CVE-2026- 28995):

CVSS: 7.5
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Obtain Information

Vulnerabilities

Apple Security Advisory

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Apple Security Advisory

References

Apple Security Advisory

The post Apple Security Updates – 17 May 2026 appeared first on EG-FinCIRT.

Microsoft Security Update – 15 May 2026

Fri, 15 May 2026 12:38:26 +0000

136/2026

High

May 15, 2026

3:38 pm

Microsoft has released a security update to address a vulnerability affecting Microsoft Exchange Server.

The addressed vulnerability could allow attackers to conduct spoofing attacks through a cross-site scripting (XSS) flaw, potentially leading to the execution of arbitrary JavaScript code within the victim’s web browser context.

The addressed vulnerability:

Microsoft Exchange Server 2016 Spoofing Vulnerability (CVE-2026-42897):

CVSS: 8.1
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Consequences: Cross-Site Scripting

The affected products:

Microsoft Exchange Server 2016.
Microsoft Exchange Server 2019.
Microsoft Exchange Server Subscription Edition RTM.

It should be highlighted that Microsoft is aware that the vulnerability “CVE-2026- 42897” is being exploited in the wild.

Vulnerabilities

CVE-2026-42897

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References

The post Microsoft Security Update – 15 May 2026 appeared first on EG-FinCIRT.

Cisco Security Updates – 15 May 2026

Fri, 15 May 2026 12:26:48 +0000

135/2026

Critical

May 15, 2026

3:26 pm

Cisco has released security updates to address several vulnerabilities affecting multiple Cisco products.

The addressed vulnerabilities could allow the attacker to obtain sensitive information, gain elevated privileges, bypass security restrictions, and gain access to the affected systems.

Sample of addressed vulnerabilities:

1. Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability (CVE- 2026-20182):

CVSS: 10
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Consequences: Security Bypass

2. Cisco Catalyst SD-WAN Manager XML External Entity Injection Vulnerability (CVE-2026-20224):

CVSS: 8.6
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Obtain Information

The affected products:

Cisco Catalyst SD-WAN Controller.
Cisco Catalyst SD-WAN Manager.

It should be highlighted that Cisco is aware that the vulnerability “CVE-2026- 20182” is being exploited in the wild.

Vulnerabilities

CVE-2026-20182
CVE-2026-20224
CVE-2026-20209
CVE-2026-20210

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References

Palo Alto Security Advisory

The post Cisco Security Updates – 15 May 2026 appeared first on EG-FinCIRT.

Palo Alto Security Updates – 14 May 2026

Thu, 14 May 2026 12:14:09 +0000

133/2026

High

May 14, 2026

3:14 pm

Palo Alto has released security updates to address several vulnerabilities affecting multiple Palo Alto products.

The addressed vulnerabilities could allow the attacker to conduct denial-of-service and man-in-the middle attacks, bypass security restrictions, obtain sensitive information, manipulate data, gain elevated privileges, perform stored cross-site scripting, execute arbitrary code/commands, and gain access to the affected systems.

Sample of the addressed vulnerabilities:

1. PAN-OS: Remote Code Execution in IKEv2 Processing Vulnerability (CVE-2026- 0263):

CVSS: 7.2
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Consequences: Remote Code Execution

2. PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) Enabled Vulnerability (CVE-2026-0265):

CVSS: 7.2
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Security Bypass

Sample of the affected products:

PAN-OS.
Prisma Access & Prisma Access Agent (Endpoint DLP).
WildFire WF-500 and WF-500-B.
GlobalProtect App.

Vulnerabilities

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Palo Alto Security Advisory

References

Palo Alto Security Advisory

The post Palo Alto Security Updates – 14 May 2026 appeared first on EG-FinCIRT.

Aruba Security Updates – 14 May 2026

Thu, 14 May 2026 12:00:53 +0000

132/2026

High

May 14, 2026

3:00 pm

HPE Aruba has released security updates to fix several vulnerabilities affecting multiple HPE Aruba products.

The addressed vulnerabilities could allow the remote attacker to perform SQL injection, conduct denial of service attacks, manipulate data, obtain sensitive information, gain elevated privileges, or execute arbitrary code and gain access to the affected product.

Sample of the addressed vulnerabilities:

1. Error in SSID Processing allows Stored XSS in AOS Web Interface Vulnerability (CVE-2026-23819):

CVSS: 8.8
Attack Vector: Adjacent Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Consequences: Data Manipulation

2. Unauthenticated Denial-of-Service in Network Protocol Handling Component Vulnerability (CVE-2026-23824):

CVSS: 7.5
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Denial of Service

The affected products:

HPE Aruba Networking Mobility Conductors/ Controllers.
HPE Aruba Networking WLAN and SD-WAN Gateways Managed by HPE Aruba Networking Central.
HPE Aruba Networking Access Points running AOS-8 Instant.
HPE Aruba Networking Access Points running AOS-10 AP.

Vulnerabilities

Aruba Security Advisory

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

Aruba Security Advisory

References

Aruba Security Advisory

The post Aruba Security Updates – 14 May 2026 appeared first on EG-FinCIRT.

cPanel Security Updates – 14 May 2026

Thu, 14 May 2026 11:44:18 +0000

131/2026

High

May 14, 2026

2:44 pm

cPanel has released security updates to address several vulnerabilities affecting multiple cPanel & WHM versions, as well as the third-party mail transfer agent Exim.

The addressed vulnerabilities could allow the attacker to conduct denial-of-service or man-in-the-middle attacks, obtain sensitive information, gain elevated privileges, execute arbitrary code, and gain access to the affected products.

Sample of the addressed vulnerabilities:

1. cPanel & WHM/WP2 Unsafe Symlink Handling Vulnerability (CVE-2026-29203):

CVSS: 8.8
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Consequences: Denial of Service

2. cPanel & WHM/WP2 Disabled SSL Verification in the DNS Cluster System Vulnerability (CVE-2026-32992):

CVSS: 8.2
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Man-in-the-Middle

Vulnerabilities

CVE-2026-29201
CVE-2026-29202
CVE-2026-29203
CVE-2026-29205
CVE-2026-29206
CVE-2026-32991
CVE-2026-32992
CVE-2026-32993
CVE-2026-40684
CVE-2026-40685
CVE-2026-40686
CVE-2026-40687

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

cPanel Security

References

cPanel Security

The post cPanel Security Updates – 14 May 2026 appeared first on EG-FinCIRT.

Mozilla Firefox Security Update – 14 May 2026

Thu, 14 May 2026 11:34:09 +0000

130/2026

High

May 14, 2026

2:34 pm

Mozilla has released an updated Firefox version 150.0.3 to fix multiple vulnerabilities.

The addressed vulnerabilities could allow the attacker to conduct denial-of-service attacks, bypass security restrictions, or execute arbitrary code and gain access to the affected system.

Sample of the addressed vulnerabilities:

Mozilla Firefox Use-After-Free in the JavaScript: WebAssembly Component (CVE- 2026-8390):

CVSS: 7.3
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Consequences: Gain Access

Vulnerabilities

CVE-2026-8388
CVE-2026-8389
CVE-2026-8390
CVE-2026-8391
CVE-2026-8401

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References

The post Mozilla Firefox Security Update – 14 May 2026 appeared first on EG-FinCIRT.

F5 Security Updates – 14 May 2026

Thu, 14 May 2026 10:33:02 +0000

129/2026

Critical

May 14, 2026

1:33 pm

F5 has released security updates to address several vulnerabilities affecting multiple F5 products.

The addressed vulnerabilities could allow the attacker to conduct denial-of-service and man-in-the-middle attacks, gain elevated privileges, bypass security restrictions, manipulate files, perform cross-site request forgery (CSRF) attacks, obtain sensitive information, execute arbitrary code/commands, and gain access to the affected systems.

Sample of the addressed vulnerabilities:

1. BIG-IP iControl REST Vulnerability (CVE-2026-41225):

CVSS: 9.1
Attack Vector: Network
Attack Complexity: Low
Privileges Required: High
User Interaction: None
Consequences: Security Bypass

2. BIG-IP and BIG-IQ Configuration Utility Vulnerability (CVE-2026-41957):

CVSS: 8.8
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Consequences: Gain Access

Sample of the affected products:

BIG-IP and BIG-IP PEM.
BIG-IQ.
NGINX Plus, NGINX Open Source, and NGINX Instance Manager.
F5 WAF for NGINX.
NGINX Ingress Controller.

Vulnerabilities

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

References