Critical Vulnerability in F5 Traffix SDC

A critical vulnerability has been discovered in F5 Traffix SDC, linked to Apache Tomcat, which could allow attackers to gain unauthorized access to compromised systems.

Security Updates - NVIDIA

NVIDIA has released security updates to address multiple vulnerabilities in the NVIDIA Container Toolkit and NVIDIA GPU Operator.

Critical Vulnerability in FortiSwitch Devices

A critical vulnerability (CVE-2023-37936) has been discovered in multiple versions of Fortinet FortiSwitch devices. This vulnerability, classified as a use of hard-coded cryptographic key [CWE-321], allows a remote unauthenticated attacker in possession of the key to execute unauthorized code via crafted cryptographic request.

Critical Vulnerabilities in Ivanti Products

Ivanti has released security updates to address multiple vulnerabilities, including critical and high-severity issues in Ivanti Endpoint Manager (EPM), Ivanti Avalanche and Ivanti Application Control Engine.

Critical Vulnerability in FortiOS and FortiProxy

Fortinet has identified a severe vulnerability in FortiOS and FortiProxy that allows unauthenticated remote attackers to bypass authentication mechanisms and gain “super-admin” privileges.

Security Updates - Adobe

Adobe has released important security updates to fix several vulnerabilities in its products. If these issues are exploited by attackers, they could allow harmful code to run on your system, potentially compromising it.

Security Updates - SAP

SAP released 14 new Security Notes as part of its monthly Security Patch Day. These patches address critical vulnerabilities in various SAP products and components, improving the overall security posture of SAP environments. The vulnerabilities covered in this update could potentially allow attackers to exploit security weaknesses, leading to unauthorized access, data breaches, or system disruptions.

Security Updates – Juniper Junos OS

Juniper Networks has recently disclosed two high-severity vulnerabilities in their Junos OS and Junos OS Evolved systems: CVE-2025-21598 and CVE-2025-21599. These vulnerabilities are critical because they can be exploited by unauthenticated attackers, posing a significant risk of Denial of Service (DoS) attacks and network-wide disruptions.Both vulnerabilities have been assigned a CVSSv3 score of 7.5, indicating high severity.

Actively Exploited Command Injection Vulnerability in BeyondTrust Software

A critical command injection vulnerability, identified as CVE-2024-12686, has been discovered in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) software. This vulnerability is actively being exploited in ongoing attacks. It allows attackers with administrative privileges to inject malicious operating system commands, which could lead to a complete system compromise.