RSS Parrot

2026-004: Critical Vulnerability in SharePoint Exploited

https://cert.europa.eu/publications/security-advisories/2026-004/

Published: March 25, 2026 08:51

On 17 March 2026, Microsoft updated one of its January 2026 security advisories related to a remote code execution vulnerability in Microsoft SharePoint. Specifically, Microsoft raised the CVSS score and changed the FAQ section to indicate that the…

2026-003: Multiple Vulnerabilities in Citrix NetScaler and Citrix ADC

https://cert.europa.eu/publications/security-advisories/2026-003/

Published: March 23, 2026 19:03

On 23 March 2026, Citrix published a security advisory addressing multiple vulnerabilities affecting NetScaler ADC and NetScaler Gateway. These vulnerabilities may lead to sensitive information disclosure and user session mix-up under specific…

2026-002: Multiple Vulnerabilities in Cisco Products

https://cert.europa.eu/publications/security-advisories/2026-002/

Published: February 26, 2026 19:38

On 25 February 2026, Cisco released security advisories addressing multiple high and critical severity vulnerabilities in Cisco Catalyst SD-WAN controllers and Cisco SD-WAN Manager. If exploited, these vulnerabilities could allow attackers to gain…

2026-001: Critical vulnerabilities in Ivanti EPMM

https://cert.europa.eu/publications/security-advisories/2026-001/

Published: January 30, 2026 10:09

On 29 January 2026, Ivanti released a security advisory addressing two critical vulnerabilities in their EPMM products. An attacker could exploit those flaws to achieve unauthenticated remote code execution on the vulnerable device. One of these…

2025-042: Critical Vulnerability in Cisco Secure Email and Web Manager

https://cert.europa.eu/publications/security-advisories/2025-042/

Published: December 18, 2025 10:08

On December 17, 2025, Cisco released a security advisory for a critical vulnerability affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager products. It is recommended to follow Cisco's recommendations to check whether vulnerable…

2025-041: Critical Security Vulnerability in React Server Components

https://cert.europa.eu/publications/security-advisories/2025-041/

Published: December 4, 2025 14:50

On December 3, 2025, the React Team publicly disclosed a critical security vulnerability affecting React Server Components (RSC) and related packages. The vulnerability allows for unauthenticated remote code execution (RCE) via maliciously crafted HTTP…

2025-040: Critical Vulnerability in Windows Server Update Service (WSUS)

https://cert.europa.eu/publications/security-advisories/2025-040/

Published: October 24, 2025 18:42

On October 23, 2025, Microsoft released an out-of-band update to address a critical vulnerability in Windows Server Update Service (WSUS). This vulnerability could allow a remote unauthenticated attacker to execute code on the targeted systems. A…

2025-039: High Severity Vulnerability in FortiOS

https://cert.europa.eu/publications/security-advisories/2025-039/

Published: October 15, 2025 20:41

On October 14, 2025, Fortinet released a security advisory addressing a high severity vulnerability in its FortiOS product. It is recommended updating affected products.

2025-038: Critical Vulnerabilities in Veeam Backup

https://cert.europa.eu/publications/security-advisories/2025-038/

Published: October 15, 2025 20:40

On October 14, 2025, Veeam released a security advisory addressing multiple vulnerabilities including 2 critical in its Veeam Backup product. CERT-EU recommends updating affected software as soon as possible and following Veeam implementation best…

2025-037: Multiple Vulnerabilities in F5 Products

https://cert.europa.eu/publications/security-advisories/2025-037/

Published: October 15, 2025 19:01

On October 15, 2025, F5 disclosed that a sophisticated nation-state actor breached its systems and maintained long-term persistent access into F5's infrastructure. This included access to BIG-IP product development source code and to information related to…