home.social

#advisory — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #advisory, aggregated by home.social.

  1. #OT #Advisory VDE-2026-059
    Helmholz: Multiple vulnerabilities in REX100/REX200/REX250

    Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
    #CVE CVE-2026-40851, CVE-2026-40852

    certvde.com/en/advisories/vde-

    #CSAF helmholz.csaf-tp.certvde.com/.

  2. #OT #Advisory VDE-2026-059
    Helmholz: Multiple vulnerabilities in REX100/REX200/REX250

    Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
    #CVE CVE-2026-40851, CVE-2026-40852

    certvde.com/en/advisories/vde-

    #CSAF helmholz.csaf-tp.certvde.com/.

  3. #OT #Advisory VDE-2026-059
    Helmholz: Multiple vulnerabilities in REX100/REX200/REX250

    Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
    #CVE CVE-2026-40851, CVE-2026-40852

    certvde.com/en/advisories/vde-

    #CSAF helmholz.csaf-tp.certvde.com/.

  4. #OT #Advisory VDE-2026-054
    MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.mini

    Two command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
    #CVE CVE-2026-40851, CVE-2026-40852

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

  5. #OT #Advisory VDE-2026-054
    MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.mini

    Two command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
    #CVE CVE-2026-40851, CVE-2026-40852

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

  6. #OT #Advisory VDE-2026-054
    MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.mini

    Two command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
    #CVE CVE-2026-40851, CVE-2026-40852

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

  7. #OT #Advisory VDE-2026-058
    Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

    Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
    #CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

    certvde.com/en/advisories/vde-

    #CSAF helmholz.csaf-tp.certvde.com/.

  8. #OT #Advisory VDE-2026-058
    Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

    Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
    #CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

    certvde.com/en/advisories/vde-

    #CSAF helmholz.csaf-tp.certvde.com/.

  9. #OT #Advisory VDE-2026-058
    Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

    Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
    #CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

    certvde.com/en/advisories/vde-

    #CSAF helmholz.csaf-tp.certvde.com/.

  10. #OT #Advisory VDE-2026-044
    MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

    Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
    #CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

  11. #OT #Advisory VDE-2026-044
    MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

    Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
    #CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

  12. #OT #Advisory VDE-2026-044
    MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

    Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
    #CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

  13. #OT #Advisory VDE-2026-050
    Phoenix Contact: PLCnext Firmware Security Issues Related to APPs and Configuration Files

    This advisory addresses security issues in PLCnext firmware versions prior to 2026.0.3 that are related to APP handling and the processing of configuration files. The identified vulnerabilities affect APP installation authenticity as well as the handling of configuration data in writable directories. Successful exploitation may allow authenticated attackers with different privilege levels to compromise integrity, availability, and system security of affected PLCnext Control. Both issues are resolved starting with PLCnext firmware version 2026.0.3.
    #CVE CVE-2025-41669, CVE-2025-41670

    certvde.com/en/advisories/vde-

    #CSAF phoenixcontact.csaf-tp.certvde

  14. #OT #Advisory VDE-2026-050
    Phoenix Contact: PLCnext Firmware Security Issues Related to APPs and Configuration Files

    This advisory addresses security issues in PLCnext firmware versions prior to 2026.0.3 that are related to APP handling and the processing of configuration files. The identified vulnerabilities affect APP installation authenticity as well as the handling of configuration data in writable directories. Successful exploitation may allow authenticated attackers with different privilege levels to compromise integrity, availability, and system security of affected PLCnext Control. Both issues are resolved starting with PLCnext firmware version 2026.0.3.
    #CVE CVE-2025-41669, CVE-2025-41670

    certvde.com/en/advisories/vde-

    #CSAF phoenixcontact.csaf-tp.certvde

  15. #OT #Advisory VDE-2026-050
    Phoenix Contact: PLCnext Firmware Security Issues Related to APPs and Configuration Files

    This advisory addresses security issues in PLCnext firmware versions prior to 2026.0.3 that are related to APP handling and the processing of configuration files. The identified vulnerabilities affect APP installation authenticity as well as the handling of configuration data in writable directories. Successful exploitation may allow authenticated attackers with different privilege levels to compromise integrity, availability, and system security of affected PLCnext Control. Both issues are resolved starting with PLCnext firmware version 2026.0.3.
    #CVE CVE-2025-41669, CVE-2025-41670

    certvde.com/en/advisories/vde-

    #CSAF phoenixcontact.csaf-tp.certvde

  16. #OT #Advisory VDE-2026-053
    METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities

    Titration software versions prior to 2.0.2.6 are affected by libpng vulnerabilities CVE-2026-33416 and CVE-2026-33636.
    #CVE CVE-2026-33636, CVE-2026-33416

    certvde.com/en/advisories/vde-

    #CSAF mettler-toledo.csaf-tp.certvde

  17. #OT #Advisory VDE-2026-053
    METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities

    Titration software versions prior to 2.0.2.6 are affected by libpng vulnerabilities CVE-2026-33416 and CVE-2026-33636.
    #CVE CVE-2026-33636, CVE-2026-33416

    certvde.com/en/advisories/vde-

    #CSAF mettler-toledo.csaf-tp.certvde

  18. #OT #Advisory VDE-2026-053
    METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities

    Titration software versions prior to 2.0.2.6 are affected by libpng vulnerabilities CVE-2026-33416 and CVE-2026-33636.
    #CVE CVE-2026-33636, CVE-2026-33416

    certvde.com/en/advisories/vde-

    #CSAF mettler-toledo.csaf-tp.certvde

  19. #OT #Advisory VDE-2026-009
    JUMO: Multiple products affected by nodejs vulnerability

    A vulnerability in the REST API of the JUMO device allows an attacker to trigger a denial‑of‑service (DoS) condition. Due to an incorrect implementation of the arrayLimit option in the Node.js qs module, limits for incoming request parameters are not properly enforced. As a result, an attacker can send specially crafted requests containing excessively large or deeply nested arrays, causing the web server to become unresponsive. This condition leads to a crash of the web server, followed by an automatic restart of the device.
    #CVE CVE-2025-15284

    certvde.com/en/advisories/vde-

    #CSAF jumo.csaf-tp.certvde.com/.well

  20. #OT #Advisory VDE-2026-009
    JUMO: Multiple products affected by nodejs vulnerability

    A vulnerability in the REST API of the JUMO device allows an attacker to trigger a denial‑of‑service (DoS) condition. Due to an incorrect implementation of the arrayLimit option in the Node.js qs module, limits for incoming request parameters are not properly enforced. As a result, an attacker can send specially crafted requests containing excessively large or deeply nested arrays, causing the web server to become unresponsive. This condition leads to a crash of the web server, followed by an automatic restart of the device.
    #CVE CVE-2025-15284

    certvde.com/en/advisories/vde-

    #CSAF jumo.csaf-tp.certvde.com/.well

  21. #OT #Advisory VDE-2026-009
    JUMO: Multiple products affected by nodejs vulnerability

    A vulnerability in the REST API of the JUMO device allows an attacker to trigger a denial‑of‑service (DoS) condition. Due to an incorrect implementation of the arrayLimit option in the Node.js qs module, limits for incoming request parameters are not properly enforced. As a result, an attacker can send specially crafted requests containing excessively large or deeply nested arrays, causing the web server to become unresponsive. This condition leads to a crash of the web server, followed by an automatic restart of the device.
    #CVE CVE-2025-15284

    certvde.com/en/advisories/vde-

    #CSAF jumo.csaf-tp.certvde.com/.well

  22. #OT #Advisory VDE-2026-057
    CODESYS Control - Out-of-bounds Write

    Successful exploitation allows an unauthenticated remote attacker to trigger an out-of-bounds write, causing the CODESYS Control Runtime to crash and resulting in a denial of service on the affected device.
    #CVE CVE-2026-8047

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  23. #OT #Advisory VDE-2026-057
    CODESYS Control - Out-of-bounds Write

    Successful exploitation allows an unauthenticated remote attacker to trigger an out-of-bounds write, causing the CODESYS Control Runtime to crash and resulting in a denial of service on the affected device.
    #CVE CVE-2026-8047

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  24. #OT #Advisory VDE-2026-057
    CODESYS Control - Out-of-bounds Write

    Successful exploitation allows an unauthenticated remote attacker to trigger an out-of-bounds write, causing the CODESYS Control Runtime to crash and resulting in a denial of service on the affected device.
    #CVE CVE-2026-8047

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  25. #OT #Advisory VDE-2026-056
    CODESYS Control - Incorrect Authorization

    The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users.
    #CVE CVE-2026-8046

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  26. #OT #Advisory VDE-2026-056
    CODESYS Control - Incorrect Authorization

    The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users.
    #CVE CVE-2026-8046

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  27. #OT #Advisory VDE-2026-056
    CODESYS Control - Incorrect Authorization

    The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users.
    #CVE CVE-2026-8046

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  28. #OT #Advisory VDE-2026-055
    CODESYS Development System - Incorrect Default Permissions

    Two local privilege escalation vulnerabilities were identified in the CODESYS Development System. Specifically, the PackageManager and the IPM create temporary directories with insecure default permissions when executed with administrative privileges. This allows low-privileged local users to modify a temporary bootstrap file to force the deployment of arbitrary components, or to exploit a Time-of-Check to Time-of-Use (TOCTOU) race condition to replace digitally verified installation files with malicious ones prior to installation. Both flaws bypass intended security boundaries during the installation of packages or add-ons.
    #CVE CVE-2026-44469, CVE-2026-44468

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  29. #OT #Advisory VDE-2026-055
    CODESYS Development System - Incorrect Default Permissions

    Two local privilege escalation vulnerabilities were identified in the CODESYS Development System. Specifically, the PackageManager and the IPM create temporary directories with insecure default permissions when executed with administrative privileges. This allows low-privileged local users to modify a temporary bootstrap file to force the deployment of arbitrary components, or to exploit a Time-of-Check to Time-of-Use (TOCTOU) race condition to replace digitally verified installation files with malicious ones prior to installation. Both flaws bypass intended security boundaries during the installation of packages or add-ons.
    #CVE CVE-2026-44469, CVE-2026-44468

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  30. #OT #Advisory VDE-2026-055
    CODESYS Development System - Incorrect Default Permissions

    Two local privilege escalation vulnerabilities were identified in the CODESYS Development System. Specifically, the PackageManager and the IPM create temporary directories with insecure default permissions when executed with administrative privileges. This allows low-privileged local users to modify a temporary bootstrap file to force the deployment of arbitrary components, or to exploit a Time-of-Check to Time-of-Use (TOCTOU) race condition to replace digitally verified installation files with malicious ones prior to installation. Both flaws bypass intended security boundaries during the installation of packages or add-ons.
    #CVE CVE-2026-44469, CVE-2026-44468

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  31. Laravel-Lang Supply Chain Attack: Every Tag Across Multiple Composer Packages Rewritten to Steal CI Secrets

    A supply chain attack on Laravel-Lang involved rewriting all git tags across four Composer packages to inject a secret-stealing payload that triggers during the PHP autoload process.

    **If your project uses any Laravel-Lang Composer packages (laravel-lang/lang, http-statuses, actions, or attributes), do not run `composer update` and check whether your lockfile points to a tag pulled on or after May 22, 2026. If you did, assume every secret reachable from that build environment (CI tokens, cloud keys, GitHub PATs, deploy keys, database credentials) is stolen and rotate them all immediately. Block the domain flipboxstudio.info at your DNS and firewall, and only restore builds by pinning to a pre-attack commit SHA you've verified against a local clone.**
    #cybersecurity #infosec #advisory #databreach
    beyondmachines.net/event_detai

  32. #OT #Advisory VDE-2026-052
    CODESYS Visualization - Insufficiently Protected Credentials

    A vulnerability in the CODESYS Visualization login dialog has been identified. During logins within the CODESYS Visualization, authentication data may not be sufficiently isolated when multiple users perform login operations concurrently.
    #CVE CVE-2026-0393

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  33. #OT #Advisory VDE-2026-052
    CODESYS Visualization - Insufficiently Protected Credentials

    A vulnerability in the CODESYS Visualization login dialog has been identified. During logins within the CODESYS Visualization, authentication data may not be sufficiently isolated when multiple users perform login operations concurrently.
    #CVE CVE-2026-0393

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  34. #OT #Advisory VDE-2026-052
    CODESYS Visualization - Insufficiently Protected Credentials

    A vulnerability in the CODESYS Visualization login dialog has been identified. During logins within the CODESYS Visualization, authentication data may not be sufficiently isolated when multiple users perform login operations concurrently.
    #CVE CVE-2026-0393

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

  35. Linux Kernel Race Condition 'ssh-keysign-pwn' Exposes SSH Keys and Shadow Passwords

    A six-year-old Linux kernel race condition (CVE-2026-46333) allows local attackers to steal SSH private keys and password hashes by hijacking file descriptors during process termination. The flaw affects major distributions including Ubuntu and Debian, and a public exploit is available.

    **Apply the latest Linux kernel patches ASAP to all affected systems (Ubuntu 22.04/24.04/26.04, Debian 13, Arch, CentOS 9, Raspberry Pi OS, CloudLinux 8/9/10), and rotate all SSH host keys on systems that allowed shell access to untrusted users. Until patched, restrict local shell access to trusted users only and monitor for suspicious use of pidfd_getfd or SUID binaries like ssh-keysign and chage.**
    #cybersecurity #infosec #advisory #vulnerability
    beyondmachines.net/event_detai

  36. Google Chrome 148 Patches 79 Vulnerabilities Including 14 Critical Flaws

    Google released Chrome 148 to patch 79 vulnerabilities, including 14 critical flaws primarily involving use-after-free and memory corruption issues across all major platforms.

    **One more huge patch for Chrome and Chromium based browsers (Edge, Opera, Brave, Vivaldi...). Don't delay, it has 14 critical flaws and a whole list bunch of others. Don't debate the severity, it's pointless. Updating the browser is easy, all your tabs reopen after the patch.**
    #cybersecurity #infosec #advisory #vulnerability
    beyondmachines.net/event_detai

  37. Authentication Bypass Flaw in Palo Alto Networks PAN-OS Sparks Severity Dispute

    Palo Alto Networks disclosed a high-severity authentication bypass vulnerability (CVE-2026-0265) in PAN-OS affecting firewalls and Panorama appliances using Cloud Authentication Service. The flaw allows unauthenticated attackers to bypass security controls on management interfaces and GlobalProtect portals.

    **Make sure all PAN-OS firewall and Panorama management interfaces are isolated from the internet and accessible only from trusted internal networks. If you use Cloud Authentication Service (CAS), upgrade PAN-OS to a fixed version ASAP, or as a temporary fix switch the authentication profile to SAML or RADIUS until you can patch.**
    #cybersecurity #infosec #advisory #vulnerability
    beyondmachines.net/event_detai

  38. Windows BitLocker and CTFMON Zero-Day Vulnerabilities Reported

    A researcher released two unpatched zero-day vulnerabilities, YellowKey and GreenPlasma, which allow attackers to bypass BitLocker encryption with physical access to the devices and escalate system privileges on Windows 11 and Server environments.

    **If you use Windows 11 or Windows Server 2022/2025, set a custom BitLocker PIN and a strong BIOS password to block unauthorized booting from USB or external media. Educate users to limit physical access to their devices until Microsoft releases official fixes.**
    #cybersecurity #infosec #advisory #vulnerability
    beyondmachines.net/event_detai

  39. Critical Path Traversal Vulnerability in Ivanti Xtraction

    Ivanti released a critical security update for Xtraction to patch a path traversal vulnerability CVE-2026-8043) that allows authenticated attackers to read sensitive files and write malicious HTML content.

    **Patch your Xtraction instances to version 2026.2 immediately and verify that Multi-Factor Authentication is active for all users. Even though this requires authentication, assume attackers can easily find low-level credentials.**
    #cybersecurity #infosec #advisory #vulnerability
    beyondmachines.net/event_detai