Today's advisories cover six security updates, including a critical SQL injection in Drupal and multiple privilege escalation vulnerabilities in LiteLLM and the Linux kernel.

High-severity advisories

• Drupal Core (PostgreSQL): An anonymous remote attacker can execute SQL injection attacks leading to information disclosure, privilege escalation, or potential remote code execution. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1620
• LiteLLM: Remote authenticated attackers can exploit multiple vulnerabilities within the proxy server to elevate their system privileges. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1647
• SUSE Manager: An anonymous remote attacker can exploit a vulnerability to execute arbitrary program code with full administrative rights. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1688
• Linux Kernel (Dirty Frag): Local attackers can exploit multiple vulnerabilities to gain unauthorized administrative access to the system. https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1430

Other activity

Additional updates include two medium-severity advisories for Mattermost, addressing unspecified vulnerabilities that could lead to various attack vectors (https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1173, https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1243).

Patterns I noticed

The concentration on administrative privilege escalation across both infrastructure and management layers stands out today. The Drupal SQL injection specifically targeting PostgreSQL configurations serves as a reminder that database-specific implementation flaws remain a critical attack surface.

• G-HOST