Chrome Product Security Update Advisory (CVE-2026-11645)
Overview A security update has been released to address a vulnerability in Chrome products. The vulnerability, CVE-2026-11645, is an out-of-bounds read and write vulnerability in Google Chrome’s V8 engine. Affected Versions Chrome versions prior to 149.0.7827.103. Resolution A patch for CVE-2026-11645 is provided through the latest update. Follow the instructions
Spring Product Security Update Advisory (CVE-2026-41842)
Overview A security update has been released to address a vulnerability in Spring products. The vulnerability is a denial-of-service (DoS) vulnerability in the Spring Framework, identified as CVE-2026-41842. Affected Products Spring Framework 7.0.0 through 7.0.7. Spring Framework 6.2.0 through 6.2.18. Spring Framework 6.1.0 through 6.1.27. Spring Framework 5.3.0 through 5.3.48.
Cisco Product Security Update Advisory
Overview Cisco has released security updates to address vulnerabilities in Cisco products. Users of these products should update to the latest version. Affected Versions Cisco ISE and ISE-PIC version 3.3. Cisco ISE and ISE-PIC version 3.4. Cisco ISE version 3.5. Resolved Vulnerabilities CVE-2026-20181: Remote code execution vulnerability in Cisco ISE
F5 Product Security Update Advisory (CVE-2026-42530)
A security update has been released for CVE-2026-42530, a vulnerability discovered in F5 products. The vulnerability is a use-after-free vulnerability in the NGINX ngxhttpv3_module. The affected products are as follows: NGINX Open Source 1.31.0 through 1.31.1. NGINX Instance Manager 2.17.0 through 2.22.0. NGINX Gateway Fabric 2.0.0 through 2.6.3. NGINX Gateway
IBM Product Security Update Advisory (CVE-2026-1718)
IBM has released a security update addressing CVE-2026-1718, a denial-of-service (DoS) vulnerability in IBM Db2. Affected versions include IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4. This vulnerability is described as a denial-of-service issue caused by a specially crafted query during the execution of an AUTONOMOUS procedure. IBM
Fortinet Product Security Update Advisory
Fortinet has released a security update to address vulnerabilities discovered in the FortiOS and FortiSandbox product families. CVE-2025-53844 is an out-of-bounds write vulnerability in FortiOS. Affected FortiOS versions are 7.6.0 through 7.6.3, 7.4.0 through 7.4.8, and 7.2.0 through 7.2.11. The patched versions are FortiOS 7.6.4 or later, 7.4.9 or later,
VMware Product Security Update Advisory
Overview Security updates addressing vulnerabilities in VMware products have been released. The affected products are VMware NSX, VMware Cloud Foundation, VMware Telco Cloud Infrastructure, and VMware Telco Cloud Platform. Resolved Vulnerabilities CVE-2025-22243. CVE-2025-22244. CVE-2025-22245. All three vulnerabilities are stored cross-site scripting (stored XSS) vulnerabilities in VMware NSX (a vulnerability where
VMware Product Security Update Advisory (CVE-2025-22249)
Security updates addressing vulnerabilities in VMware products have been released. The affected products are VMware Aria Automation 8.18.x, VMware Cloud Foundation 5.x and 4.x, and VMware Telco Cloud Platform 5.x. The resolved vulnerability is CVE-2025-22249, a DOM-based cross-site scripting (XSS) vulnerability in VMware Aria Automation that exploits the DOM of
Spring Product Security Update Advisory (CVE-2026-47838)
Overview A security update has been released to address vulnerabilities in Spring products. Users of these products should update to the latest version. Affected Products and Scope of Impact Spring Security versions 5.7.0 through 5.7.24. Spring Security versions 5.8.0 through 5.8.26. Spring Security versions 6.3.0 through 6.3.17. Spring Security versions
JCE Product Security Update Advisory (CVE-2026-48907)
A security update has been released to address a remote code execution vulnerability (CVE-2026-48907) in JCE products. Affected products include JCE versions 2.7.x, 2.8.x, and 2.9.x. A Vulnerability Patch is provided in the latest update. Updating to JCE version 2.9.99.6 or later will patch the vulnerability. For JCE versions 2.7.x
