Serial number: AV26-551
Date: June 5, 2026
Updated: June 9, 2026

On June 4, 2026, Cisco published a security advisory to address a vulnerability in the following product:

• Cisco Catalyst SD-WAN Manager

Update 1

On June 9, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20245 to their Known Exploited Vulnerabilities (KEV) Database.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available.

• Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability (CVE-2026-20245)
• Cisco Security Advisories
• CISA KEV: CVE-2026-20245

Serial number: AV26-571
Date: June 9, 2026

On June 9, 2026, HPE published a security advisory to address vulnerabilities in the following products:

• HPE Aruba Networking Management Software (Airwave) – version 8.3.0.6 and prior
• HPE Aruba Networking Private 5G Management Dashboard – all versions

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• HPESBNW05064 rev.1 - Status of NGINX ngx_http_rewrite_module Vulnerability (CVE-2026-42945) in HPE Aruba Networking Products
• HPE Security Bulletin Library

Serial number: AV26-570
Date: June 9, 2026

On June 9, 2026, Adobe published security advisories to address critical vulnerabilities in the following products:

• Adobe Experience Manager (AEM) – version AEM Cloud Service (CS)
• Adobe Experience Manager (AEM) – version 6.5 LTS SP1 and prior
• Adobe Experience Manager (AEM) – version SP24 and prior
• Adobe Experience Manager 6.5 LTS – version SP1 and prior
• Adobe Experience Manager 6.5 – version 6.5.24.0 and prior
• Adobe InDesign – version ID21.3 and prior
• Adobe InDesign – version ID20.5.3 and prior
• Adobe InCopy – version 21.3 and prior
• Adobe InCopy – version 20.5.3 and prior
• Adobe Substance 3D Sampler – version 6.0.0 and prior
• Content Credentials JS SDK – version @contentauth/c2pa-web@0.8.3 and prior
• Content Credentials Rust SDK – version c2pa-v0.85.1 and prior
• Adobe Dreamweaver – version 21.7 and prior
• Adobe Acrobat – version 26.001.21651 and prior
• Adobe Reader – version 26.001.21651 and prior
• Adobe 2024 – version 24.001.30365 and prior
• Adobe ColdFusion 2025 – Update 8 and prior
• Adobe ColdFusion 2023 – Update 19 and prior
• Adobe Format Plugins – version 1.1.52 and prior
• Adobe Campaign Classic – version ACC v7: 7.4.3 build 9394 and prior

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Adobe Security Advisories

Serial number: AV26-569
Date: June 9, 2026

On June 9, 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:

• .NET 10.0
• .NET 8.0
• .NET 9.0
• ASP.NET
• Azure Connected Machine Agent
• Azure HorizonDB
• Azure Kubernetes Service
• Azure Local
• Azure Logic Apps
• Azure Machine Learning
• Azure Monitor Agent
• Azure Monitor Agent Metrics Extension
• Azure Orbital Spatio
• Azure Privileged Identity Management (PIM)
• Azure Resource Manager
• Azure SDK
• Azure Stack Edge
• Azure Stack HCI
• Azure Virtual Network Gateway
• Copilot Chat
• Linux kernel - Microsoft MANA Network Driver
• M365 Copilot for Desktop
• Microsoft .NET Framework
• Microsoft 365
• Microsoft 365 Copilot
• Microsoft Authenticator
• Microsoft Bing
• Microsoft Confluence SAML SSO plugin
• Microsoft Data Formulator
• Microsoft Defender for Endpoint for Mac
• Microsoft Dynamics 365
• Microsoft Edge
• Microsoft Entra ID
• Microsoft Excel
• Microsoft Excel 2016
• Microsoft Exchange Online
• Microsoft Exchange Server
• Microsoft Global Secure Access (GSA)
• Microsoft Graph
• Microsoft JIRA SAML SSO plugin
• Microsoft Live Share Canvas SDK
• Microsoft Malware Protection Engine
• Microsoft Office
• Microsoft Office 2016
• Microsoft Office 2019
• Microsoft Office 365
• Microsoft Office LTSC
• Microsoft Outlook for iOS
• Microsoft PC Manager
• Microsoft Planetary Computer Pro (GeoCatalog)
• Microsoft Power Pages
• Microsoft PowerPoint for Android
• Microsoft PowerToys
• Microsoft SQL Server 2016
• Microsoft SQL Server 2017
• Microsoft SQL Server 2019
• Microsoft SQL Server 2022
• Microsoft SQL Server 2025
• Microsoft SharePoint Enterprise Server 2016
• Microsoft SharePoint Server 2019
• Microsoft Teams
• Microsoft Visual Studio
• Microsoft Visual Studio 2026
• Microsoft Word
• Microsoft Word 2016
• Nuance PowerScribe 360
• Nuance PowerScribe One
• Office Online Server
• Power Automate for Desktop
• PowerScribe One
• Remote Desktop client
• Visual Studio
• Visual Studio Code
• Windows 10
• Windows 11
• Windows Admin Center
• Windows Admin Center in Azure Portal
• Windows App Client
• Windows Narrator Braille
• Windows Server 2012
• Windows Server 2016
• Windows Server 2019
• Windows Server 2022
• Windows Server 2025

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• June 2026 Security Updates

<

Serial number: AV26-561
Date: June 9, 2026

On June 8, 2026, Google published a security advisory to address vulnerabilities in the following product:

• Stable Channel Chrome for Desktop – versions prior to 149.0.7827.102/.103 (Windows/Mac), and 149.0.7827.102 (Linux)

Google is aware that an exploit for CVE-2026-11645 exists in the wild.

Update 1

On June 9, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-11645 to their Known Exploited Vulnerabilities (KEV) Database.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available.

• Google Chrome Security Advisory
• CISA KEV: CVE-2026-11645

Serial number: AV26-568
Date: June 9, 2026

On June 9, 2026, Fortinet published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• FortiSandbox 5.0 – versions 5.0.0 to 5.0.5
• FortiSandbox 4.4 – versions 4.4.0 to 4.4.8
• FortiSandbox Cloud 5.0 – versions 5.0.4 to 5.0.5
• FortiSandbox PaaS 5.0 – versions 5.0.4 through 5.0.5

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Second-Order OS Command Injection via JSON Input on start vnc feature
• Fortinet PSIRT Advisories

Serial number: AV26-567
Date: June 9, 2026

On June 9, 2026, Ivanti published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Ivanti Sentry – versions 10.5.1, 10.6.1, 10.7.0 and prior
• Ivanti Endpoint Manager Mobile – versions 12.9.0, 12.8.0.2, 12.7.0.1 and prior

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Security Advisory Ivanti Sentry (CVE-2026-10520, CVE-2026-10523)
• Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-6973 and CVE-2026-10727)
• Ivanti Security Advisories

Serial number: AV26-566
Date: June 9, 2026

On June 9, 2026, Siemens published a security advisory to address vulnerabilities in the following products. Included were updates for the following products:

• SINEC INS – versions prior to V1.0 SP2 Update 6
• Siemens Products – multiple versions and models
• SIPROTEC 5 - CP100 / CP150 / CP200 / CP300 / Devices – all versions
• SIPROTEC 5 Compact 7SX800 (CP050) – all versions
• Totally Integrated Automation Portal (TIA Portal) – all versions

The Cyber Centre encourages users and administrators to review the web links provided, perform the suggested mitigations and apply the necessary updates.

• SSA-860189: Multiple Vulnerabilities in SINEC INS Before V1.0 SP2 Update 6
• SSA-434797: Buffer Overflow Vulnerability in OpenSSL affecting Siemens Products
• SSA-139483: File Upload Vulnerability in SIPROTEC 5 Using DIGSI5 Protocol
• SSA-063511: Insufficient protection of key material in WinCC Certificate Manager
• Siemens Security Advisories

Serial number: AV26-565
Date: June 9, 2026

On June 4, 2026, MISP published a security advisory to address vulnerabilities in the following product:

• MISP (Malware Information Sharing Platform) – versions prior to v2.5.39

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• MISP
• MISP 2.5.39: New Dashboard Experience, Stronger STIX, Sharper Analyst Workflows

Serial number: AV26-564
Date: June 9, 2026

On June 9, 2026, Veeam published a security advisor to address a critical vulnerability in the following product:

• Veeam Backup and Replication – versions prior to 12.3.2.4854

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Vulnerability Resolved in Veeam Backup and Replication 12.3.2.4854
• Veeam Knowledge Base

Serial number: AV26-563
Date: June 9, 2026

On June 8, 2026, Apache published a security advisory to address vulnerabilities in the following product:

• Apache HTTP Server – versions prior to 2.4.68

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Apache HTTP Server 2.4 vulnerabilities
• Apache http Server Project

Serial number: AV26-562
Date: June 9, 2026

On June 9, 2026, SAP published security advisories to address vulnerabilities in the following products:

• SAP NetWeaver AS ABAP and ABAP Platform – versions SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816, SAP_BASIS 918, SAP_BASIS 919
• SAP NetWeaver AS ABAP and ABAP Platform – versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 722EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.16, 9.18, 91.9
• SAP Commerce Cloud and SAP Data Hub – versions HY_COM 2205, HY_DHUB 2205, COM_CLOUD 2211, 2211-JDK21, DHUB_CLOUD 2211
• SAP NetWeaver Application Server Java (Web Container) – version ENGINEAPI 7.50
• SAP Commerce Cloud – versions HY_COM 2205, COM_CLOUD 2211, 2211-JDK21
• SAP NetWeaver AS ABAP and ABAP Platform – versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816
• ODP Data Replication APIs – versions DW4CORE 200, 300, 400, PI_BASIS 2006_1_700, 701, 702, 731, 740, SAP_BW 750, 816
• SAP S/4HANA – versions S4FND 102, 103, 104, 105, 106, 107, 108, 109
• SAP NetWeaver AS Java (JDBC Test Servlet) – version BI_UDI 7.50
• SAP Wily Introscope Enterprise Manager – version WILY_INTRO_ENTERPRISE 10.8
• SAP MDG (Review Match Groups Application) – versions S4CORE 108, SAP_BASIS 916, SAP_BASIS 917, SAP_ABA 816
• SAP Business Objects Business Intelligence Platform – versions ENTERPRISE 430, 2025, 2027
• SAP Fiori (launchpad) – versions SAP_UI 754, 755, 756, 757, 758, 816
• SAP Business Objects – versions ENTERPRISE 430, 2025, 2027
• SAP NetWeaver AS Java – versions SERVERCORE 7.50, CORE-TOOLS 7.50, J2EE-APPS 7.50

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations, and apply the necessary updates.

• SAP Security Patch Day - June 2026

Serial number: AV26-559
Date: June 8, 2026
Updated: June 9, 2026

On June 8, 2026, Check Point published a security advisory to address a critical vulnerability in the following products:

• Mobile Access / SSL VPN, Remote Access VPN, Spark Firewall – multiple versions
• Security Gateways, Spark Firewall – multiple versions

Check Point has observed active exploitation of this vulnerability.

Update 1

On June 8, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-50751 to their Known Exploited Vulnerabilities (KEV) Database.

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)
• Check Point Security
• CISA KEV: CVE-2026-50751

Serial number: AV26-560
Date: June 8, 2026

On June 8, 2026, Broadcom published a security advisory to address vulnerabilities in the following products:

• VMware Cloud Foundation – versions prior to 9.1.0.0
• VMware vSphere Foundation – versions prior to 9.1.0.0
• VMware Cloud Foundation – versions prior to 9.0.2.0 EP2
• VMware vSphere Foundation – versions prior to 9.0.2.0 EP2
• VMware Aria Operations – versions prior to 8.18.7
• VMware Aria Operations – versions prior to 8.18.6
• VMware Cloud Foundation – versions prior to 5.x
• VMware Telco Cloud Platform – versions prior to 5.x

The Cyber Centre encourages users and administrators to review the web links provided and apply the necessary updates.

• VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)
• Security Advisories - VMware Cloud Foundation

Serial number: AV26-558
Date: June 9, 2026

On June 8, 2026, Spring published security advisories to address vulnerabilities in the following products:

• Micrometer / Micrometer-core / jetty11 / jetty12 – multiple versions
• Spring LDAP – multiple versions
• Spring Framework – multiple versions

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• CVE-2026-40984: Micrometer HTTP server instrumentations DoS vulnerability
• CVE-2026-40983: Micrometer gRPC server instrumentation DoS vulnerability
• CVE-2026-41720: Authentication Bypass with Empty Password in Spring LDAP
• CVE-2026-41842: Spring Framework Denial of Service via Versioned Resources in Spring MVC and WebFlux
• Spring Security Advisories

Serial number: AV26-557
Date: June 8, 2026

Between June 1 and 7, 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat CodeReady Linux Builder – multiple versions and platforms
• Red Hat Enterprise Linux – multiple versions and platforms
• Red Hat Enterprise Linux Server – multiple versions and platforms
• Red Hat Enterprise Linux for Real Time – multiple versions and platforms

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Red Hat Security Advisories

Serial number: AV26–556
Date: June 8, 2026

Between June 1 and 7, 2026, CISA published ICS advisories to address vulnerabilities in the following products:

• B&R Industrial Automation GmbH PPT30 Operating System – versions prior to 1.8.0
• Hitachi Energy ITT600 Explorer – version prior to 2.1 SP6
• Hitachi Energy MACH HiDraw – version 9.22 and prior
• Hitachi Energy RTU500 – multiple versions
• NAVTOR NavBox – version 4.16.1.20

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

• CISA ICS Advisories

Serial number: AV26-555
Date: June 8, 2026

Between June 1 and 7, 2026, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 14.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 18.04 LTS
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 24.04 LTS
• Ubuntu 25.10
• Ubuntu 26.04 LTS

The Cyber Centre encourages users and administrators to review the web link provided and apply the necessary updates.

• Ubuntu Security Notices

Serial number: AV26-554
Date: June 8, 2026

Between June 1 and 7, 2026, Dell published security advisories to address vulnerabilities in multiple products:

• Dell Private Cloud -VMware – versions prior to 01.04.00.00
• PowerSwitch Z9864F-ON – versions prior to v3.5.0
• Dell Automation Platform – versions prior to 2.1.0.0
• Dell VxRail Appliance – versions prior to 8.0.390

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• DSA-2026-242: Security Update for Dell Private Cloud - VMware for Multiple Third-Party Component Vulnerabilities
• DSA-2026-252: Security Update for Dell Networking Products for AMI MegaRAC SPx13
• DSA-2026-244: Security Update for Dell Automation Platform for Multiple Third-Party Component Vulnerabilities
• DSA-2026-245: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities
• Dell Security advisories and notices

Serial number: AV26-553
Date: June 8, 2026

Between June 1 and 7, 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Decision Optimization for Cloud Pak for Data – version 5.0 to 5.3.1 - Patch 2 releases
• DevOps Test UI (Test UI) – versions Test UI 11.0 to 11.0.6
• DevOps Test UI (Test UI) – versions Test UI 11.0 to 11.0.7
• FileNet Content Manager – multiple versions
• IBM App Connect Enterprise Certified Containers Operands - multiple versions
• IBM App Connect Operator – multiple versions
• IBM Automation Assets in IBM Cloud Pak for Integration (CP4I) – multiple versions
• IBM Big SQL on Cloud Pak for Data – multiple versions
• IBM Bob – versions 1.0.0, 1.0.1 and 1.0.2
• IBM Business Automation Insights – multiple versions
• IBM Business Automation Workflow traditional and IBM Business Automation Workflow Enterprise Service Bus – multiple versions
• IBM Enterprise Content Management Text Search – multiple versions
• IBM ICP – Discovery – version 5.0.0 to 5.3.1
• IBM InfoSphere Optim Archive Viewer – versions 11.7.0.0 to 11.7.0.13
• IBM Maximo Application Suite - Visual Inspection Component – multiple versions
• IBM Maximo Application Suite – versions 9.0 and 9.1
• IBM Netezza Appliance – versions 1.0.0.0 and 1.0.0.1
• IBM Observability with Instana (OnPrem) – all versions
• IBM Platform Navigator in IBM Cloud Pak for Integration (CP4I) – multiple versions;
• IBM Security QRadar EDR – versions 3.12 to 3.12.24
• IBM Security SOAR – multiple versions
• IBM Sterling Connect:Direct Web Services – versions 6.3.0 to 6.3.0.18
• IBM Sterling Connect:Direct Web Services – versions 6.4.0 to 6.4.0.7
• IBM Sterling Connect:Direct for Microsoft Windows – versions 6.3.0.0 to 6.3.0.6_iFix050
• IBM Sterling Connect:Direct for Microsoft Windows – versions 6.4.0.0 to 6.4.0.4_iFix021
• IBM Storage Scale – versions 6.0.0.0 to 6.0.0.2
• IBM Storage Scale – versions 5.2.0.0 to 5.2.3.7
• IBM Verify Antenna – versions 25.05.0 to 26.03.0
• IBM Verify Identity Access Container – multiple versions
• IBM Verify Identity Access – multiple versions
• IBM WebSphere Application Server – versions 9.0 and 8.5
• IBM WebSphere Remote Server – versions 8.5, 9.0 and 9.1
• Jazz for Service Management – version 1.1.3 to 1.1.3.27
• Maximo AI Service – version 9.1.0
• QRadar AI Assistant – versions 1.0.0 to 1.5.0
• QRadar Log Source Management App – versions 1.0.0 to 7.0.14
• Rational Functional Tester (RFT) – multiple versions

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• IBM Product Security Incident Response

Serial number: AV26-549
Date: June 4, 2026
Updated: June 5, 2026

Between June 2 and 3, 2026, SolarWinds published security advisories to address vulnerabilities in the following products:

• SolarWinds Serv-U – versions prior to 15.5.4 HF1
• SolarWinds Web Help Desk – versions prior to 2026.2

Update 1

On June 5, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-28318 to their Known Exploited Vulnerabilities (KEV) Database.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• SolarWinds Web Help Desk Denial-of-Service Vulnerability (CVE-2026-28299)
• SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability (CVE-2026-28318)
• SolarWinds Security Vulnerabilities
• CISA KEV: CVE-2026-28318

Serial number: AV26-552
Date: June 5, 2026

Between June 2 and 4, 2026, Progress published security advisories to address vulnerabilities in the following products. Included was a critical update for the following:

• Sitefinity CMS and Sitefinity Insight – multiple versions
• Progress Kemp LoadMaster – version GA v7.2.63.1 and prior
• Progress Kemp LoadMaster - version LTSF v7.2.54.17 and prior

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Sitefinity Security Advisory for Addressing Security Vulnerabilities CVE-2026-7312, CVE-2026-7198, CVE-2026-7195, CVE-2026-7201, CVE-2026-7313, May 2026
• LoadMaster Critical Security Bulletin – June 2026 – (CVE-2026-8037, CVE-2026-33691)
• Progress Trust Center

Serial number: AV26–550
Date: June 4, 2026

On June 1, 2026, Docker published a security advisory to address a vulnerability in the following product:

• Docker Desktop – versions prior to 4.76.0

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Docker Desktop Release Notes
• Docker security announcements

Serial number: AV26-548
Date: June 3, 2026

On June 2, 2026, Broadcom published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• VMware Tanzu GemFire Management Console - versions prior to 1.4.5
• VMware Tanzu Data Lake - versions prior to 4.1.0
• VMware Tanzu for Postgres - versions prior to 18.4.0
• VMware Tanzu for Postgres - versions prior to 17.10.0
• VMware Tanzu for Postgres - versions prior to 16.14.0
• VMware Tanzu for Postgres - versions prior to 15.18.0
• VMware Tanzu for Postgres - versions prior to 14.23.0

The Cyber Centre encourages users and administrators to review the web links provided and apply the necessary updates.

• Product Release Advisory - VMware Tanzu GemFire Management Console
• Product Release Advisory - VMware Tanzu Data Lake 4.1.0
• Product Release Advisory - VMware Tanzu for Postgres 18.4.0, 17.10.0, 16.14.0, 15.18.0, 14.23.0
• Security Advisories - VMware Cloud Foundation

Serial number: AV26-547
Date: June 3, 2026

On June 3, 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following:

• Cisco Unified Communications Manager (CM) Release 14 – versions prior to 14SU6
• Cisco Unified Communications Manager (CM) Release 15 – versions prior to 15SU5 (Sep 2026) or COP
• Cisco Unified Communications Manager Session Management Edition (CM SME) release 14 – versions prior to 14SU6
• Cisco Unified Communications Manager Session Management Edition (CM SME) release 15 – versions prior to 15SU5 (Sep 2026) or COP

Cisco has indicated that a proof-of-concept exploit code is available for CVE-2026-20230.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
• Cisco Security Advisories

Number: AV26-546
Date: June 3, 2026

On June 3, 2026, Phoenix Contact published a security advisory to address a vulnerability in the following products:

• CHARX SEC-3150 – firmware version prior to 1.9.0
• CHARX SEC-3050 – firmware version prior to 1.9.0
• CHARX SEC-3000 – firmware version prior to 1.9.0

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• VDE-2026-060: Phoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllers (PDF)
• Phoenix Contact Security Advisories

Serial number: AV26-545
Date: June 3, 2026

On June 3, 2026, ABB published a security advisory to address vulnerabilities in the following product:

• T-MAC Plus – versions prior to 4.0-24.

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• Vulnerabilities in T-MAC Plus (CVE-2025-14771, CVE-2025-14772, CVE2025-14773, CVE-2025-14774)
• ABB Cyber security alerts and notifications

Serial number: AV26-544
Date: June 3, 2026

On June 2, 2026, Google published a security advisory to address vulnerabilities in the following product:

• Stable Channel Chrome for Desktop – versions prior to 149.0.7827.53/54 (Windows/Mac), and 149.0.7827.53 (Linux)

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.

• Google Chrome Security Advisory

Serial number: AV26-543
Date: June 2, 2026

On June 2, 2026, HPE published security advisories to address vulnerabilities, including some critical ones, in the following products:

• HPE Telco Network Function Virtualization Orchestrator – version 7.6.0 and prior
• HPE Aruba Networking ArubaOS-CX Switches – version 10.16.1000 and prior
• HPE Aruba Networking ArubaOS-CX Switches – version 10.15.0005 and prior
• HPE Aruba Networking ArubaOS-CX Switches – version 10.13.1080 and prior
• HPE Aruba Networking ArubaOS-CX Switches – version 10.16.1000 and prior

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• HPESBNW05062 rev.1 - Status of OpenSSH Keystroke Obfuscation Bypass (CVE-2024-39894) on Aruba OS-CX
• HPESBNW05060 rev.1 - HPE Telco Network Function Virtualization Orchestrator, Multiple Vulnerabilities
• HPE Security Bulletin Library

Serial number: AV26-542
Date: June 2, 2026

On June 2, 2026, Mozilla published a security advisory to address vulnerabilities in the following product:

• Firefox – versions prior to 151.0.3

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Mozilla Foundation Security Advisory 2026-54
• Mozilla Security Advisories

Serial number: AV26-541
Date: June 2, 2026

On May 29, 2026, JetBrains published security advisories to address vulnerabilities in the following products:

• JetBrains IntelliJ IDEA – versions prior to 2026.1.1
• JetBrains TeamCity – versions prior to 2026.1.1 and 2025.11.5
• JetBrains YouTrack – versions prior to 2026.1.13162

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• JetBrains – Fixed security issues

Serial number: AV26-540
Date: June 2, 2026

On June 2, 2026, Siemens published a security advisory to address critical vulnerabilities in the following product:

• RUGGEDCOM RST2428P (6GK6242-6PA00) – versions prior to V4.0

The Cyber Centre encourages users and administrators to review the web links provided, perform the suggested mitigations and apply the necessary updates.

• SSA-253495: Multiple Vulnerabilities in SINEC OS before V4.0
• Siemens Security Advisories

Serial number: AV26-538
Date: June 2, 2026

On June 1, 2026, Android published a security bulletin to address vulnerabilities affecting Android devices.

The vendor indicates that CVE-2025-48595 may be under limited, targeted exploitation.

Update 1
On June 2, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-48595 to their Known Exploited Vulnerabilities (KEV) Database.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Android Security Bulletin
• CISA KEV: CVE-2025-48595

Serial number: AV26-539
Date: June 2, 2026

On June 1, 2026, HP published a security advisory to address a critical vulnerability in the following products:

• HP Poly VVX – versions prior to UCS 6.4.8 – Pending
• HP Poly Trio 8300 – versions prior to UCS 8.1.7
• HP Poly Trio 8500 – versions prior to UCS 7.2.8
• HP Poly Trio 8800 – versions prior to UCS 7.2.8

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, once available.

• Poly Voice – Possible Remote Control of Certain Poly Devices

Serial number: AV26-537
Date: June 2, 2026

On June 2, 2026, Samsung published a security update to address vulnerabilities in the following product:

• Samsung mobile devices – versions prior to SMR-JUN-2026

The most recent security update resolves multiple identified vulnerabilities.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.

• Samsung Security Updates

Serial number: AV26-536
Date: June 1, 2026

On May 29, 2026, Broadcom published a security advisory to address vulnerabilities in the following product. Included were critical updates for the following:

• VMware Tanzu for Valkey – versions prior to 7.2.13
• VMware Tanzu for Valkey – versions prior to 8.0.9
• VMware Tanzu for Valkey – versions prior to 8.1.7
• VMware Tanzu for Valkey – versions prior to 9.0.4

The Cyber Centre encourages users and administrators to review the web links provided and apply the necessary updates.

• Product Release Advisory - VMware Tanzu for Valkey 7.2.13, 8.0.9, 8.1.7, 9.0.4
• Security Advisories - VMware Cloud Foundation

Serial number: AV26-535
Date: June 1, 2026

On June 1, 2026, Qualcomm published a security bulletin to address vulnerabilities affecting Qualcomm products.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Qualcomm Security Bulletin – June

Serial number: AV24-401
Date: July 17, 2024
Updated: June 1, 2026

On July 16, 2024, Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:

• Oracle Analytics
• Oracle Communications Applications
• Oracle Communications
• Oracle Financial Services Application
• Oracle Fusion Middleware
• Oracle MySQL
• Oracle Siebel CRM

Update 1

On June 1, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-21182 to their Known Exploited Vulnerabilities (KEV) Database.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Oracle Critical Patch Update Advisory – July 2024
• CISA KEV: CVE-2024-21182

Serial number: AV26-534
Date: June 1, 2026

On May 27, 2026, Plesk published a security advisory to address a vulnerability in the following product:

• Plesk for Linux – versions prior to 18.0.75.1
• Plesk for Linux – versions prior to 18.0.76.2

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Vulnerability CVE-2026-44962 in Plesk's APS Catalog
• Plesk Support

Serial number: AV26-533
Date: June 1, 2026

On June 1, 2026, Ivanti published a security advisory to address a vulnerability in the following products:

• Ivanti Neurons for ITSM (On-Premises) – version 2025.4 and prior
• Ivanti Neurons for ITSM (Cloud) – version 2026.1 and prior

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Security Advisory Ivanti Neurons for ITSM (CVE-2026-9614)
• Ivanti Security Advisories

Serial number: AV26-532
Date: June 1, 2026

On June 1, 2026, Mozilla published a security advisory to address vulnerabilities in the following product:

• Firefox for iOS – versions prior to 151.2

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Mozilla Foundation Security Advisory 2026-53
• Mozilla Security Advisories

Serial number: AV26-531
Date: June 1, 2026

Between May 25 and 31, 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat CodeReady Linux Builder – multiple versions and platforms
• Red Hat Enterprise Linux – multiple versions and platforms
• Red Hat Enterprise Linux Server – multiple versions and platforms
• Red Hat Enterprise Linux for Real Time – multiple versions and platforms

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Red Hat Security Advisories

Serial number: AV26–530
Date: June 1, 2026

Between May 25 and 31, 2026, CISA published ICS advisories to address vulnerabilities in the following products:

• ABB AC500 V2 – versions prior to 2.5.2 and 2.5.3
• ABB Ability Camera Connect – versions prior to 1.5.0.14 and 1.5.0.15
• ABB Ability Zenon – versions 7.50 to 14
• ABB B&R Automation Runtime – versions prior to 6.3 and Q4.93
• ABB EIBPORT V3 KNX (2CLA963710W1001) / (2CSM256242R2001) – versions prior to 3.9.2
• ABB EIBPORT V3 KNX GSM (2CLA963720W1001) – versions prior to 3.9.2
• ABB LVS MConfig – versions 1.4.9.21 and prior
• CP Plus 8 Ch. Network Video Recorder – multiple versions
• Eppendorf BioFlo 320 – all versions
• Frontier X Android application – versions prior to v15.0.0
• Frontier X IOS application– versions prior to v25.0.0
• Frontier X2 – all versions
• Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter – version 7.03T.07
• KMW CCTV Security Cameras – versions KM-IP521 IPCAM_V4.04.91.230307 and KM-IP421 IPCAM_V4.04.53.210416
• MacGregor Voyage Data Recorder (VDR) G4e – versions prior to V5.250
• Schneider Electric EcoStruxure Machine Expert HVAC – versions prior to 1.10.0
• Switch Actuator 4 DU – all versions
• Switch Actuator, door/light 4 DU – all versions
• Terra AC Wallbox – multiple versions and models
• XCharge C6 – version C6

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates if available.

• CISA ICS Advisories

Serial number: AV26-529
Date: June 1, 2026

Between May 25 and 31, 2026, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 24.04 LTS
• Ubuntu 25.10

The Cyber Centre encourages users and administrators to review the web links provided and apply the necessary updates.

• USN-8305-2: Linux kernel (Low Latency) vulnerabilities
• USN-8305-1: Linux kernel (Intel IoTG Real-time) vulnerabilities
• USN-8310-1: Linux kernel (Azure) vulnerabilities
• Ubuntu Security Notices

Serial number: AV26-528
Date: June 1, 2026

Between May 25 and 31, 2026, Dell published security advisories to address vulnerabilities in multiple products:

• PowerEdge Server Chipset Driver – multiple applications and versions
• Data Lakehouse – versions prior to 1.8.0.0
• Dell Enterprise SONiC Distribution – versions prior to 4.5.2
• Dell Unity – versions prior to 5.5.4

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• DSA-2026-232: Security Update for AMD-based PowerEdge Server Chipset Driver Vulnerabilities
• DSA-2026-199: Security Update for Dell Data Lakehouse Multiple Third-Party Component Vulnerabilities
• DSA-2026-241: Security Update for Dell Enterprise SONiC Distribution Vulnerabilities
• DSA-2026-211 -: Security Update for Dell Unity, Dell UnityVSA and Dell Unity XT Security Update for Multiple Vulnerabilities
• Dell Security advisories and notices

Serial number: AV26-527
Date: June 1, 2026

Between May 25 and 31, 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• IBM Aspera Enterprise WebApps – versions 1.0.0 to 1.0.2.1
• IBM Business Automation Workflow containers and traditional – multiple versions
• IBM Cloud Pak for Business Automation – multiple versions
• IBM Cloud Pak for Security – versions 1.10.0.0 to 1.10.11.0
• IBM Control Center – multiple versions
• IBM DataStax Enterprise – versions 5.1, 6.7, 6.8 and 6.9
• IBM Edge Application Manager – multiple versions
• IBM Engineering Lifecycle Management - Jazz Foundation – multiple versions
• IBM Library Support for Spring – version 3.3
• IBM License Metric Tool – versions 9.2.0 to 9.2.43
• IBM Maximo Application Suite - Monitor Component – version 9.1.0.0
• IBM Observability with Instana (Agent) – versions Build 1.0.303 to 1.0.318
• IBM Process Mining – versions 2.0.0 to 2.1.1 IF001
• IBM Security SOAR – multiple versions
• IBM Tivoli Application Dependency Discovery Manager – versions 7.3.0.0 to 7.3.0.12
• QRadar Suite Software – versions 1.10.12.0 to 1.11.10.0
• WebSphere Service Registry and Repository – version 8.5

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• IBM Product Security Incident Response

Serial number: AV26-456
Date: May 12, 2026
Updated: June 1, 2026

On May 12, 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:

• .NET 10.0 installed on Linux
• .NET 10.0 installed on Mac OS
• .NET 10.0 installed on Windows
• .NET 8.0 installed on Linux
• .NET 8.0 installed on Mac OS
• .NET 8.0 installed on Windows
• .NET 9.0 installed on Linux
• .NET 9.0 installed on Mac OS
• .NET 9.0 installed on Windows
• Azure AI Foundry
• Azure Cloud Shell
• Azure Connected Machine Agent
• Azure DevOps
• Azure Logic Apps
• Azure Machine Learning
• Azure Managed Instance for Apache Cassandra
• Azure Monitor Action Group notification system
• Azure Monitor Agent
• Azure Monitor Agent Metrics Extension
• Azure SDK for Java
• Copilot Chat (Microsoft Edge)
• Dynamics 365 Customer Insights
• M365 Copilot for Desktop
• Microsoft .NET Framework 3.5
• Microsoft .NET Framework 3.5 AND 4.7.2
• Microsoft .NET Framework 3.5 AND 4.8
• Microsoft .NET Framework 3.5 AND 4.8.1
• Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
• Microsoft .NET Framework 4.8
• Microsoft 365
• Microsoft 365 Copilot for Android
• Microsoft 365 Copilot's Business Chat
• Microsoft Confluence SAML SSO plugin
• Microsoft Data Formulator
• Microsoft Dynamics 365
• Microsoft Dynamics 365 Business Central
• Microsoft Edge (Chromium-based)
• Microsoft Enterprise Security Token Service (ESTS)
• Microsoft Excel 2016
• Microsoft Excel for Android
• Microsoft JIRA SAML SSO plugin
• Microsoft Office 2016
• Microsoft Office 2019
• Microsoft Office LTSC 2021
• Microsoft Office LTSC 2024
• Microsoft Office LTSC for Mac 2021
• Microsoft Office LTSC for Mac 2024
• Microsoft Office for Android
• Microsoft Outlook for iOS
• Microsoft Partner Center
• Microsoft PowerPoint for Android
• Microsoft SQL Server 2016
• Microsoft SQL Server 2017
• Microsoft SQL Server 2019
• Microsoft SQL Server 2022
• Microsoft SQL Server 2025
• Microsoft SharePoint Enterprise Server 2016
• Microsoft SharePoint Server 2019
• Microsoft SharePoint Server Subscription Edition
• Microsoft Teams
• Microsoft Teams for Android
• Microsoft Visual Studio 2017
• Microsoft Visual Studio 2019
• Microsoft Visual Studio 2022
• Microsoft Visual Studio 2026
• Microsoft Word 2016
• Microsoft Word for Android
• Office Online Server
• Power Automate for Desktop
• Visual Studio Code
• Visual Studio Code - Live Preview extension
• Windows 10
• Windows 11
• Windows Admin Center
• Windows Admin Center in Azure Portal
• Windows Server 2012
• Windows Server 2016
• Windows Server 2019
• Windows Server 2025

Update 1

On May 21, 2026, Microsoft published an out-of-band (OOB) security update to address CVE-2026-45659, an additional vulnerability impacting Microsoft SharePoint Enterprise Server 2019, Microsoft SharePoint Server 2016 and Microsoft SharePoint Server Subscription Edition. The CVE was inadvertently omitted from the May 2026 Security Updates.

Update 2

Open-source reporting indicates that CVE-2026-41089 is being exploited in the wild.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• May 2026 Security Updates
• Security Update Guide
• Microsoft SharePoint Remote Code Execution Vulnerability CVE-2026-45659
• Windows Netlogon Remote Code Execution Vulnerability CVE-2026-41089

Serial number: AV26-462
Date: May 13, 2026
Updated: May 29, 2026

On May 13, 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:

• PAN-OS 12.1 – versions prior to 12.1.4-h5
• PAN-OS 12.1 – versions prior to 12.1.7
• PAN-OS 11.2 – multiple versions
• PAN-OS 11.1 – multiple versions
• PAN-OS 10.2 – multiple versions

Update 1

On May 29, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-0257 to their Known Exploited Vulnerabilities (KEV) Database.

Impacted products for CVE-2026-0257:

• PAN-OS 12.1 – versions prior to 12.1.4-h6
• PAN-OS 12.1 – versions prior to 12.1.7
• PAN-OS 11.2 – multiple versions
• PAN-OS 11.1 – multiple versions
• PAN-OS 10.2 – multiple versions
• Prisma Access 11.2.0 – versions prior to 11.2.7-h13
• Prisma Access 10.2.0 – versions prior to 10.2.10-h36

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.

• CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
• CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution
• CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing
• Palo Alto Network Security Advisories
• CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities
• CISA KEV: CVE-2026-0257

Number: AL26-013
Date: May 29, 2026

Audience

This Alert is intended for IT professionals and managers.

Purpose

An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.

Details

On May 18, 2026, GitHub detected unauthorized access to its internal systems originating from a compromised employee device^{Footnote 1}. The intrusion was facilitated by a maliciously modified version of the Nx Console Visual Studio Code extension (version 18.95.0)^{Footnote 2}. The attacker successfully exfiltrated approximately 3,800 internal GitHub repositories, containing proprietary source code and internal configuration data. GitHub Enterprise Server customers are advised to follow vendors recommendations. No action is required for GitHub Enterprise Cloud clients.

In response to this security incident, and the release of the GitHub Security Notification, the Cyber Centre released AV26-512 on May 27, 2026^{Footnote 3}.

The purpose of this alert is to increase awareness of the reported incident and to take necessary measures.

Suggested actions

The Cyber Centre suggests the following actions:

• Monitor for compromise by reviewing CI/CD (Continuous Integration/Continuous Deployment) logs for unexpected repository access/cloning, unauthorized admin actions, authentication/access control changes, unauthorized pushes or orphan commits, and suspicious commits after May 18, 2026 — especially from bot/service accounts (e.g., ci-bot, build-bot).
• Remove Nx Console v18.95.0 from all environments and downgrade/upgrade to a known good version (18.94.0 or 18.96.0+).
• If the malicious version of Nx Console is present:
  • Check macOS systems for ~/.local/share/kitty/cat.py and related persistence (launch agents)
  • Immediately rotate all credentials (AWS, GCP, Azure, GitHub, npm) exposed on developer machines between May 11–20, 2026.
• Strengthen controls by disabling IDE extension auto-updates in high-security environments and enforcing an approved allowlist of developer tools.
• Rotate GitHub Enterprise Server GPG (GNU Privacy Guard) public keys per vendor guidance, as future patches/releases require the new key before installation.

In addition, the Cyber Centre strongly recommends that organizations review and implement the Cyber Centre’s Top 10 IT Security Actions with an emphasis on the following topics^{Footnote 4}.

• Patch operating systems and applications
• Harden operating systems and applications
• Isolate web-facing applications

Should activity matching the content of this alert be discovered, recipients are encouraged to report via My Cyber Portal, or email contact@cyber.gc.ca.

Serial number: AV26-526 
Date: May 29, 2026

On May 28, 2026, Oracle published a security advisory to address critical vulnerabilities in the following products:

• Oracle Communications Unified Assurance - versions 6.1.1 to 7.0.0
• Oracle Database Server - versions 23.4.0 to 23.26.2
• Oracle E-Business Suite - versions 12.2.3 to 12.2.15
• Oracle Hospitality OPERA 5 Property Services - versions 5.6.19.24, 5.6.22, 5.6.25.19, 5.6.27.6 and 5.6.28
• Oracle REST Data Services - versions 24.2.0 to 26.1.0

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• Oracle Critical Security Patch Update Advisory - May 2026
• Oracle Critical Patch Updates, Security Alerts and Bulletins