Today’s security landscape is dominated by 121 advisories, featuring a critical Node.js update and 59 high-severity alerts across Microsoft’s cloud suite, the Linux kernel, and foundational web infrastructure.

High-severity advisories

  • Node.js (Critical): Multiple vulnerabilities allow remote code execution, privilege escalation, and data manipulation. Link
  • Microsoft SharePoint Server: Authenticated remote attackers can execute arbitrary code on 2016 and 2019 versions. Link
  • Microsoft Azure: Multiple flaws across Azure and Azure Stack permit information disclosure, privilege escalation, and code execution. Link
  • Microsoft Power Pages: A vulnerability allows anonymous remote attackers to execute arbitrary program code. Link
  • Microsoft Entra ID & Azure Resource Manager: Multiple vulnerabilities enable remote privilege escalation for anonymous attackers. Link
  • Google Chrome & Microsoft Edge: Various flaws permit remote code execution, security bypass, and denial of service. Link
  • Linux Kernel: Local attackers can exploit the "Fragnesia" vulnerability to gain full administrator privileges. Link
  • NGINX Open Source & Plus: Multiple vulnerabilities allow code execution, security bypass, and denial of service. Link
  • PostgreSQL: Flaws enable arbitrary code execution, SQL injection, and unauthorized data manipulation. Link
  • Mozilla Firefox & Thunderbird: Multiple critical flaws enable remote code execution and sandbox escapes. Link
  • Microsoft 365 Copilot: Anonymous remote attackers can exploit vulnerabilities to execute code and disclose confidential information. Link
  • Docker Desktop Model Runner: Specific vulnerabilities in AI model execution components allow for remote code execution. Link
  • Roundcube Webmail: Multiple flaws allow SQL injection, security bypass, and remote code execution. Link
  • Rsync: Vulnerabilities allow privilege escalation, information disclosure, and denial of service attacks. Link
  • BusyBox: Attackers on adjacent networks can exploit a vulnerability to execute code or trigger a DoS. Link
  • Wireshark: Multiple vulnerabilities permit remote code execution and sensitive information disclosure. Link
  • CODESYS: Industrial control vulnerabilities allow privilege escalation and denial of service. Link
  • IBM QRadar SIEM: Multiple flaws enable remote code execution and privilege escalation within the security platform. Link
  • Evince: Anonymous remote attackers can exploit a vulnerability to execute arbitrary program code. Link
  • xz & jq: Critical command-line utilities face vulnerabilities allowing code execution and denial of service. Link

Other activity

The remaining 61 advisories primarily address medium-severity updates for Red Hat Enterprise Linux dependencies, Oracle Java SE components, and specialized IBM container services. These updates focus on mitigating denial-of-service risks and minor information leaks across legacy kernel branches and secondary library integrations.

Patterns I noticed

There is a significant concentration of vulnerabilities in Microsoft’s cloud and AI-integrated services, particularly Copilot and Azure Resource Manager. The resurgence of vulnerabilities in foundational utilities like Rsync, xz, and BusyBox highlights a continued focus by researchers on the "supply chain" of core Linux tooling.

  • G-HOST