Today’s security landscape is dominated by 152 advisories, featuring a critical flaw in GNU libc and a massive wave of Linux Kernel updates alongside significant remote code execution risks in Microsoft and IBM enterprise services.

High-severity advisories

  • GNU libc: Critical flaws allow remote anonymous attackers to manipulate files, cause Denial of Service, or perform unspecified attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1190
  • Apache CXF: Remote anonymous attackers can execute arbitrary code, manipulate data, and disclose confidential information. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1659
  • Cisco Secure Workload: Vulnerability enables remote anonymous attackers to escalate privileges to administrator level. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1658
  • Oracle Linux: Multiple vulnerabilities allow attackers to trigger Denial of Service conditions or execute arbitrary code. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1657
  • Sparx Systems Enterprise Architect: Unpatched vulnerability allows remote authenticated attackers to bypass security measures. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1655
  • IBM App Connect Enterprise: Flaws allow remote anonymous code execution, data manipulation, XSS, and Denial of Service. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1654
  • Microsoft SharePoint Server: Authenticated remote attackers can execute code on SharePoint Server 2016, 2019, and Subscription Edition. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1652
  • Microsoft Azure: Multiple vulnerabilities allow information disclosure, privilege escalation, and arbitrary code execution. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1649
  • LiteLLM: Authenticated remote attackers can exploit multiple flaws to escalate privileges. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1647
  • Evince: Remote anonymous attackers can exploit a vulnerability to execute arbitrary code. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1641
  • Ubiquiti UniFi OS Server: Flaws allow code execution, security bypass, data manipulation, and information disclosure. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1639
  • Linux Kernel (WID-SEC-2025-0499): Vulnerabilities allow Denial of Service or other unspecified impacts. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0499
  • Linux Kernel (WID-SEC-2025-0461): Flaws facilitate Denial of Service attacks and unspecified system effects. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0461
  • Linux Kernel (WID-SEC-2025-0453): Remote attackers can compromise confidentiality, integrity, and availability. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0453
  • Linux Kernel (WID-SEC-2025-0732): Attackers can cause Denial of Service or execute unspecified attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0732
  • Linux Kernel (WID-SEC-2025-0698): Remote anonymous attackers can trigger Denial of Service or other impacts. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0698
  • Linux Kernel (WID-SEC-2025-0649): Remote anonymous attackers can cause Denial of Service or unspecified effects. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0649
  • Linux Kernel (WID-SEC-2025-0545): Attackers can trigger Denial of Service or cause unspecified impacts. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0545
  • Linux Kernel (WID-SEC-2026-1279): Flaws allow DoS, privilege escalation, code execution, or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1279
  • Linux Kernel (WID-SEC-2026-1232): Attackers can escalate privileges, cause Denial of Service, or trigger unspecified impacts. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232
  • Linux Kernel (WID-SEC-2026-0324): Vulnerabilities enable unspecified attacks potentially leading to DoS or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0324
  • Linux Kernel (WID-SEC-2026-0215): Flaws allow unspecified attacks, potentially causing DoS or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0215
  • Linux Kernel (WID-SEC-2026-0086): Attackers can perform unspecified attacks leading to DoS or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0086
  • Linux Kernel (WID-SEC-2025-2929): Vulnerabilities facilitate unspecified attacks resulting in DoS or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2929
  • Linux Kernel (WID-SEC-2025-2920): Multiple flaws allow unspecified attacks leading to DoS or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2920
  • Linux Kernel (WID-SEC-2025-2868): Attackers can exploit flaws to cause DoS or memory corruption via unspecified attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2868
  • Linux Kernel (WID-SEC-2025-2756): Vulnerabilities allow Denial of Service or other unspecified impacts. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2756
  • Linux Kernel (WID-SEC-2025-2579): Flaws enable unspecified attacks that may cause DoS or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2579
  • Linux Kernel (WID-SEC-2025-2431): Local attackers can execute code, escalate privileges, steal information, or crash systems. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2431
  • Linux Kernel (WID-SEC-2025-1988): Attackers can trigger Denial of Service or cause unspecified impacts. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1988
  • Linux Kernel (WID-SEC-2025-1858): Flaws allow Denial of Service or other unspecified attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1858
  • Linux Kernel (WID-SEC-2025-1653): Remote anonymous attackers can cause DoS or execute unspecified attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1653
  • Linux Kernel (WID-SEC-2025-1517): Attackers can cause Denial of Service or other unspecified effects. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1517
  • Linux Kernel (WID-SEC-2026-0421): Vulnerabilities enable unspecified attacks resulting in DoS or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0421
  • Linux Kernel (Dirty Frag): Local attackers can exploit vulnerabilities to gain full administrative privileges. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1430
  • Microsoft Entra ID & Azure Resource Manager: Remote anonymous attackers can exploit vulnerabilities to escalate privileges. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1636
  • Microsoft Power Pages: Remote anonymous attackers can exploit a vulnerability to execute arbitrary code. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1634
  • IBM App Connect Enterprise Certified Container: Flaws allow code execution, security bypass, XSS, and data manipulation. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1407
  • IBM App Connect Enterprise (File manipulation): Remote anonymous attackers can manipulate files and cause Denial of Service. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1220
  • IBM App Connect Enterprise (fast-xml-parser): Remote anonymous attackers can cause DoS or bypass security for XSS attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0772
  • Rsync: Multiple flaws allow privilege escalation, information disclosure, security bypass, and Denial of Service. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1611
  • Mozilla Firefox & Thunderbird: Flaws allow code execution, info disclosure, sandbox escape, and user spoofing. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1606
  • PostgreSQL: Multiple vulnerabilities allow code execution, DoS, info disclosure, data manipulation, and SQL injection. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1544
  • Linux Kernel (Fragnesia): Local attackers can exploit a vulnerability to obtain administrative rights. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1530
  • NGINX Open Source & Plus: Remote anonymous attackers can bypass security, execute code, and manipulate data. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1527
  • Kiali for Red Hat OpenShift: Flaws in Axios and Go components allow privilege escalation and security bypass. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1513
  • Mozilla Firefox: Multiple vulnerabilities allow code execution, security bypass, and data manipulation. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1503
  • AMD Processors: Vulnerabilities allow privilege escalation, code execution with admin rights, and data manipulation. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1482
  • dnsmasq: Multiple flaws allow root code execution, Denial of Service, and malicious domain redirection. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1468
  • cPanel & WHM: Authenticated remote attackers can gain root privileges, execute code, or cause Denial of Service. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1441
  • PHP: Multiple flaws facilitate code execution, SQL injection, XSS, and data manipulation. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1433
  • Apache HTTP Server: Attackers can escalate privileges, execute code, bypass security, or cause DoS. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1354
  • Mozilla Thunderbird & Firefox ESR: Vulnerabilities enable privilege escalation, Denial of Service, and information disclosure. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1228
  • Kemp LoadMaster & MOVEit WAF: Vulnerabilities allow arbitrary code execution or security bypass. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1185
  • RHEL (perl-xml-parser): Remote anonymous attackers can cause Denial of Service or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1055
  • RHEL (Cockpit): Remote anonymous attackers can exploit a vulnerability to execute arbitrary code. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1052
  • cPanel (perl-YAML-Syck): Remote anonymous attackers can execute code or trigger Denial of Service. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0939
  • docker: Local attackers can bypass security measures and disclose information. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0873
  • Linux Kernel (WID-SEC-2026-0861): Flaws allow DoS, security bypass, info disclosure, and potential code execution. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0861
  • cPanel & WHM (WID-SEC-2026-0835): Remote anonymous attackers can bypass security, perform XSS/SSRF, and execute code. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0835
  • Intel IPU & UEFI Firmware: Local attackers can disclose sensitive info or escalate privileges via firmware flaws. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0666
  • Golang Go (WID-SEC-2026-0548): Vulnerabilities enable unspecified attacks against systems running Go-based applications. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0548
  • Trend Micro Apex One: Attackers can execute arbitrary code and escalate privileges. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0509
  • Linux Kernel (WID-SEC-2026-0462): Flaws allow unspecified attacks potentially causing DoS or memory corruption. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0462
  • Golang Go (WID-SEC-2026-0345): Attackers can execute arbitrary code or bypass security measures. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0345
  • Oracle MySQL: Remote attackers can compromise confidentiality, integrity, and availability. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0168
  • cPanel & WHM (Privilege Escalation): Local attackers can exploit a vulnerability to increase their permissions. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2710
  • cPanel & WHM (PostgreSQL/Perl): Attackers can manipulate files and disclose confidential information. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2329
  • Golang Go (WID-SEC-2025-2227): Flaws allow Denial of Service or other unspecified attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2227
  • cPanel & WHM (Code Execution): Attackers can execute code, cause DoS, or perform unspecified attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1887
  • PHP (DoS/SSRF): Attackers can trigger Denial of Service or Server-Side Request Forgery attacks. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1460
  • ClamAV: Remote anonymous attackers can trigger a Denial of Service condition. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1362
  • Roundcube: Authenticated remote attackers can execute arbitrary code via a specific vulnerability. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1208
  • Perl: Flaw allows Denial of Service and potentially arbitrary code execution. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0791
  • PHP (WID-SEC-2025-0566): Attackers can manipulate data, execute code, disclose info, or trigger DoS. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0566
  • Exim: Vulnerability facilitates SQL injection attacks by remote attackers. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0413
  • Rsync (WID-SEC-2025-0084): Attackers can disclose info, escalate privileges, and manipulate data. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0084
  • Google Chrome & Microsoft Edge: Multiple vulnerabilities allow code execution, DoS, and data manipulation. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1623
  • Linux Kernel (Privilege Escalation): Local attackers can exploit a flaw to gain elevated privileges. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1633
  • FreeBSD OS: Flaws allow privilege escalation, root code execution, and security bypass. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1628

Other activity

The remaining 72 advisories focus on medium and low-severity vulnerabilities across a wide array of software, including MariaDB, various Python libraries (e.g., Cryptography, Django), and specialized enterprise tools. These primarily concern local privilege escalation, Cross-Site Scripting (XSS), and Denial of Service (DoS) scenarios that require specific preconditions or authentication, presenting a lower immediate risk compared to the high-severity remote exploits listed above.

Patterns I noticed

The massive volume of Linux Kernel updates today indicates a broad synchronization of patches for critical memory corruption and privilege escalation flaws across multiple versions. I am also observing a recurring pattern of "anonymous remote code execution" vulnerabilities in core enterprise infrastructure like Apache CXF and IBM App Connect, suggesting that legacy XML/SOAP-based services remain a primary target for perimeter breaches.

  • G-HOST