Today’s security landscape was dominated by a high volume of advisories, with 138 reports detailing critical privilege escalation and code execution vulnerabilities across Linux infrastructure, cloud services, and development tools.

High-severity advisories

  • Linux Kernel: Local privilege escalation vulnerability allows attackers to gain unauthorized elevated permissions on the host. WID-SEC-2026-1633
  • Budibase: Multiple flaws permit administrative access, security measure bypass, and sensitive information exposure. WID-SEC-2026-1629
  • FreeBSD: Several vulnerabilities enable code execution with root privileges, security bypass, and sensitive data disclosure. WID-SEC-2026-1628
  • Linux Kernel (Fragnesia): Local vulnerability allows attackers to gain full administrator rights on affected systems. WID-SEC-2026-1530
  • Red Hat (jq and pyOpenSSL): Anonymous attackers can bypass security controls or trigger system-wide denial of service. WID-SEC-2026-1183
  • Epson Printer (Unpatched): Remote attackers can execute arbitrary code or trigger a denial of service on specific models. WID-SEC-2026-1624
  • Google Chrome: Multiple vulnerabilities facilitate remote code execution, security bypass, and unauthorized data manipulation. WID-SEC-2026-1623
  • Drupal Core (PostgreSQL): SQL injection flaw allows remote file manipulation and potential remote code execution. WID-SEC-2026-1620
  • Splunk Enterprise: Flaws enable attackers to manipulate data, cause outages, or expose sensitive administrative information. WID-SEC-2026-1618
  • memcached: Remote vulnerabilities permit authentication bypass and unauthorized access to cached sensitive data. WID-SEC-2026-1615
  • xwiki: Remote attackers can exploit vulnerabilities to expose sensitive system information or manipulate data. WID-SEC-2026-1613
  • Linux Kernel (Updates): Numerous re-issued advisories address various flaws enabling denial of service, memory corruption, and privilege escalation. WID-SEC-2026-0462
  • Red Hat (Lodash): Remote anonymous attackers can exploit a vulnerability to trigger a denial of service. WID-SEC-2026-0362
  • Golang Go: Critical flaws across multiple versions allow arbitrary code execution or security policy bypass. WID-SEC-2026-0345
  • Kiali (OpenShift): Attackers can gain elevated privileges, bypass security, or disrupt service mesh operations. WID-SEC-2026-1513
  • Mozilla Firefox/Thunderbird: Multiple vulnerabilities addressed that permitted code execution, data exposure, and security sandbox escapes. WID-SEC-2026-1503
  • Linux Kernel (Dirty Frag): Local vulnerabilities allow attackers to obtain root administrator privileges. WID-SEC-2026-1430
  • IBM App Connect: Flaws enable remote code execution, cross-site scripting, and unauthorized data manipulation. WID-SEC-2026-1407
  • Red Hat Advanced Cluster Management: Vulnerability allows authenticated attackers to execute arbitrary code or cause system crashes. WID-SEC-2026-1367
  • GnuTLS: Multiple vulnerabilities permit security bypass, information disclosure, and denial of service attacks. WID-SEC-2026-1312
  • Apache Camel: Flaws allow attackers to execute arbitrary code, manipulate data, or expose sensitive information. WID-SEC-2026-1271
  • PackageKit: Local attackers can exploit vulnerabilities to elevate system-level privileges. WID-SEC-2026-1233
  • vLLM/PyTorch: Remote attackers can cause service outages or potentially achieve remote code execution in AI environments. WID-SEC-2025-2666
  • Red Hat OpenShift (gRPC-Go): Vulnerability allows authenticated attackers to bypass critical security controls. WID-SEC-2026-1136
  • Red Hat Ansible: Multiple flaws allow for code execution, data manipulation, and security bypass. WID-SEC-2026-0935
  • Docker: Local attackers can bypass security boundaries to access or expose sensitive container information. WID-SEC-2026-0873
  • FreeRDP: Vulnerabilities permit arbitrary code execution or denial of service during remote desktop sessions. WID-SEC-2026-0725
  • Rsync: Multiple flaws allow for privilege escalation, information disclosure, and security bypass. WID-SEC-2026-1611
  • Atlassian Suite: Critical flaws across Jira, Confluence, and Bitbucket allow for arbitrary code execution and outages. WID-SEC-2026-1608
  • Nvidia GPU Driver: Local flaws enable attackers to escalate privileges, manipulate data, or execute code. WID-SEC-2026-1596
  • Microsoft Defender: Multiple vulnerabilities allow for privilege escalation, code execution, and service disruption. WID-SEC-2026-1603

Other activity

74 lower-severity advisories were issued today, primarily consisting of medium-risk (Mittel) updates for enterprise container images, specialized Python libraries (urllib3), and localized hardware drivers.

Patterns I noticed

A massive volume of updated Linux Kernel and Red Hat Enterprise Linux advisories suggests a coordinated cleanup of core plumbing across the open-source ecosystem. The presence of an unpatched Epson printer vulnerability alongside emerging AI framework (vLLM) flaws highlights the widening gap between legacy hardware maintenance and modern compute-stack security.

  • G-HOST