<?xml version="1.0" encoding="UTF-8"?><feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en"><id>https://cyber.gc.ca/api/cccs/atom/v1/get?feed=alerts_advisories&amp;lang=en</id><link rel="self" href="https://cyber.gc.ca/api/cccs/atom/v1/get?feed=alerts_advisories&amp;lang=en"/><title>Alerts and advisories</title><updated>2026-07-15T19:20:48Z</updated><entry><id>https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-706</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-706"/><title><![CDATA[Cisco security advisory (AV26-706)]]></title><updated>2026-07-15T19:20:48Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7993" about="/en/alerts-advisories/cisco-security-advisory-av26-706" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26-706<br /><strong>Date:</strong> July 15, 2026</p>

<p>On July 15, 2026, Cisco published security advisories to address vulnerabilities in the following products:</p>

<ul><li>Cisco RoomOS Release 11 and earlier On-Premises Operation – versions prior to 11.32.6.0</li>
	<li>Cisco RoomOS Release 11 and earlier Cloud-Aware Operation – versions prior to RoomOS 11.39.1.1</li>
	<li>Cisco RoomOS Release 26 On-Premises Operation – versions prior to 26.5.2.2</li>
	<li>Cisco RoomOS Release 26 Cloud-Aware Operation – versions prior to RoomOS June 2026 (26.7.1.7)</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available.</p>

<ul class="list-unstyled"><li><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq">Cisco RoomOS Security Hardening Release: July 2026</a></li>
	<li><a href="https://sec.cloudapps.cisco.com/security/center/publicationListing.x">Cisco Security Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/oracle-security-advisory-av26-526</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/oracle-security-advisory-av26-526"/><title><![CDATA[Oracle security advisory (AV26-526) – Update 2]]></title><updated>2026-07-15T19:12:30Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7761" about="/en/alerts-advisories/oracle-security-advisory-av26-526" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-526<br /><strong>Date:</strong> May 29, 2026<br /><strong>Updated:</strong> July 15, 2026</p>

<p>On May 28, 2026, Oracle published a security advisory to address critical vulnerabilities in the following products:</p>

<ul><li>Oracle Communications Unified Assurance - versions 6.1.1 to 7.0.0</li>
	<li>Oracle Database Server - versions 23.4.0 to 23.26.2</li>
	<li>Oracle E-Business Suite - versions 12.2.3 to 12.2.15</li>
	<li>Oracle Hospitality OPERA 5 Property Services - versions 5.6.19.24, 5.6.22, 5.6.25.19, 5.6.27.6 and 5.6.28</li>
	<li>Oracle REST Data Services - versions 24.2.0 to 26.1.0</li>
</ul><h2>Update 1</h2>

<p>Open-source reporting indicates that CVE-2026-46817 is being exploited.</p>

<h2>Update 2</h2>

<p>On July 15, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-46817 to their Known Exploited Vulnerabilities (KEV) Database.</p>

<p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p>

<ul class="list-unstyled"><li><a href="https://www.oracle.com/security-alerts/cspumay2026.html">Oracle Critical Security Patch Update Advisory - May 2026</a></li>
	<li><a href="https://www.oracle.com/security-alerts/">Oracle Critical Patch Updates, Security Alerts and Bulletins</a></li>
	<li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-46817">CISA KEV: CVE-2026-46817</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/al26-017-critical-vulnerabilities-impacting-microsoft-sharepoint-server-cve-2026-56164-cve-2026-55040-cve-2026-58644</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/al26-017-critical-vulnerabilities-impacting-microsoft-sharepoint-server-cve-2026-56164-cve-2026-55040-cve-2026-58644"/><title><![CDATA[AL26-017 - Critical vulnerabilities impacting Microsoft SharePoint Server – CVE-2026-56164, CVE-2026-55040 and CVE-2026-58644]]></title><updated>2026-07-15T18:09:31Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7991" about="/en/alerts-advisories/al26-017-critical-vulnerabilities-impacting-microsoft-sharepoint-server-cve-2026-56164-cve-2026-55040-cve-2026-58644" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Number:</strong> AL26-017<br /><strong>Date:</strong> July 15, 2026</p>

<h2>Audience</h2>

<p>This Alert is intended for <abbr title="information technology">IT</abbr> professionals and managers.</p>

<h2>Purpose</h2>

<p>An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security (Cyber Centre) is also available to provide additional assistance regarding the content of this Alert upon request.</p>

<h2>Details</h2>

<p>The Canadian Centre for Cyber Security (Cyber Centre) is aware of critical vulnerabilities affecting Microsoft SharePoint Server. In response to the Microsoft security advisory, released on July 14, 2026<sup id="fn1-rf"><a class="fn-lnk" href="#fn1"><span class="wb-inv">Footnote </span>1</a></sup>, the Cyber Centre issued AV26-698<sup id="fn2-rf"><a class="fn-lnk" href="#fn2"><span class="wb-inv">Footnote </span>2</a></sup> on July 14, 2026.</p>

<p>Tracked as CVE-2026-55164<sup id="fn3-rf"><a class="fn-lnk" href="#fn3"><span class="wb-inv">Footnote </span>3</a></sup>, this vulnerability is a Missing Authentication for Critical Function (CWE-306)<sup id="fn4-rf"><a class="fn-lnk" href="#fn4"><span class="wb-inv">Footnote </span>4</a></sup> vulnerability affecting multiple versions of Microsoft SharePoint Server, that could allow an unauthorized attacker to elevate privileges over a network.</p>

<p>Tracked as CVE-2026-55040<sup id="fn5-rf"><a class="fn-lnk" href="#fn5"><span class="wb-inv">Footnote </span>5</a></sup><sup id="fn6-rf"><a class="fn-lnk" href="#fn6"><span class="wb-inv">Footnote </span>6</a></sup>, this vulnerability is a Weak Authentication (CWE-1390)<sup id="fn7-rf"><a class="fn-lnk" href="#fn7"><span class="wb-inv">Footnote </span>7</a></sup> vulnerability affecting multiple versions of Microsoft SharePoint Server, that could allow an unauthorized attacker to bypass a security feature over a network.</p>

<p>Tracked as CVE-2026-58644<sup id="fn8-rf"><a class="fn-lnk" href="#fn8"><span class="wb-inv">Footnote </span>8</a></sup>, this vulnerability is a Deserialization of Untrusted Data (CWE-502)<sup id="fn9-rf"><a class="fn-lnk" href="#fn9"><span class="wb-inv">Footnote </span>9</a></sup> vulnerability affecting multiple versions of Microsoft SharePoint Server, that could allow an unauthorized attacker to execute code over a network.</p>

<p>Microsoft is aware of exploitation of CVE-2026-56164 and other previously released SharePoint related vulnerabilities. CVE-2026-56164 was added to the Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog<sup id="fn10-rf"><a class="fn-lnk" href="#fn10"><span class="wb-inv">Footnote </span>10</a></sup> on July 14, 2026.</p>

<h2>Suggested actions</h2>

<p>The Cyber Centre recommends that organizations upgrade affected Microsoft SharePoint instances to a fixed version:</p>

<div class="table-responsive">
<table class="table"><thead><tr><th scope="col">Affected product</th>
			<th scope="col">Affected versions</th>
			<th scope="col">Fixed versions</th>
		</tr></thead><tbody><tr><td>Microsoft SharePoint Enterprise Server 2016</td>
			<td>16.0.0 before 16.0.5561.1001</td>
			<td>16.0.5561.1001</td>
		</tr><tr><td>Microsoft SharePoint Server 2019</td>
			<td>16.0.0 before 16.0.10417.20175</td>
			<td>16.0.10417.20175</td>
		</tr><tr><td>Microsoft SharePoint Server Subscription Edition</td>
			<td>16.0.0 before 16.0.19725.20434</td>
			<td>16.0.19725.20434</td>
		</tr></tbody><thead></thead></table></div>

<p>The Cyber Centre recommends organizations:</p>

<ul><li>Identify all on-premises SharePoint Server instances, particularly those exposed to the internet</li>
	<li>Use or upgrade to supported versions of on-premises Microsoft SharePoint Server</li>
	<li>Apply the latest security updates from Microsoft to all affected SharePoint Servers including (Subscription Edition, 2019, and 2016)</li>
	<li>Monitor SharePoint servers for suspicious activity, including unusual requests, web shells, malicious processes, unauthorized access attempts, and machine key theft indicators</li>
	<li>Harden SharePoint Deployments:
	<ul><li>Enable Antimalware Scan Interface (AMSI) integration for SharePoint web applications</li>
		<li>Configure AMSI Request Body Scan Mode to Full Mode where operationally feasible</li>
		<li>Restrict or eliminate direct Internet exposure of SharePoint servers whenever possible</li>
		<li>Limit access to SharePoint Central Administration and management interfaces</li>
	</ul></li>
	<li>Monitor for Indicators of Compromise:
	<ul><li>Organizations should closely monitor SharePoint environments for:
		<ul><li>Unexpected privilege escalation activity</li>
			<li>Unauthorized authentication attempts</li>
			<li>Suspicious IIS machine key access</li>
			<li>Evidence of deserialization attacks or web shell deployment</li>
			<li>Microsoft Defender and AMSI detections related to SharePoint exploitation activity</li>
		</ul></li>
	</ul></li>
</ul><p><strong>Important note: </strong>Microsoft SharePoint Enterprise Server 2016<sup id="fn11-rf"><a class="fn-lnk" href="#fn11"><span class="wb-inv">Footnote </span>11</a></sup> and Server 2019<sup id="fn12-rf"><a class="fn-lnk" href="#fn12"><span class="wb-inv">Footnote </span>12</a></sup> are <strong>end of life</strong> as of <strong>July 14, 2026</strong>. Organizations are urged to migrate to a supported version.</p>

<p>In addition, the Cyber Centre strongly recommends that organizations review and implement the Cyber Centre's Top 10 <abbr title="information technology">IT</abbr> Security Actions with an emphasis on the following topics<sup id="fn13-rf"><a class="fn-lnk" href="#fn13"><span class="wb-inv">Footnote </span>13</a></sup>.</p>

<ul><li>Patch operating systems and applications</li>
	<li>Harden operating systems and applications</li>
	<li>Isolate web-facing applications</li>
</ul><p>Should activity matching the content of this alert be discovered, recipients are encouraged to report via <a href="/en/incident-management">My Cyber Portal</a> or email <a href="mailto:contact@cyber.gc.ca">contact@cyber.gc.ca</a>.</p>

<h2>References</h2>

<aside class="wb-fnote" role="note"><dl><dt>Footnote 1</dt>
	<dd id="fn1">
	<p><a href="https://msrc.microsoft.com/update-guide/releaseNote/2026-Jul">July 2026 Security Updates</a></p>

	<p class="fn-rtn"><a href="#fn1-rf"><span class="wb-inv">Return to footnote</span>1<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 2</dt>
	<dd id="fn2">
	<p><a href="/en/alerts-advisories/microsoft-security-advisory-july-2026-monthly-rollup-av26-698">Microsoft security advisory – July 2026 monthly rollup (AV26-698)</a></p>

	<p class="fn-rtn"><a href="#fn2-rf"><span class="wb-inv">Return to footnote</span>2<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 3</dt>
	<dd id="fn3">
	<p><a href="https://www.cve.org/CVERecord?id=CVE-2026-56164">CVE-2026-55164</a></p>

	<p class="fn-rtn"><a href="#fn3-rf"><span class="wb-inv">Return to footnote</span>3<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 4</dt>
	<dd id="fn4">
	<p><a href="https://cwe.mitre.org/data/definitions/306.html">CWE-306: Missing Authentication for Critical Function</a></p>

	<p class="fn-rtn"><a href="#fn4-rf"><span class="wb-inv">Return to footnote</span>4<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 5</dt>
	<dd id="fn5">
	<p><a href="https://www.cve.org/CVERecord?id=CVE-2026-55040">CVE-2026-55040</a></p>

	<p class="fn-rtn"><a href="#fn5-rf"><span class="wb-inv">Return to footnote</span>5<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 6</dt>
	<dd id="fn6">
	<p><a href="https://www.rapid7.com/blog/post/ve-cve-2026-55040-microsoft-sharepoint-jwt-token-authentication-bypass-fixed/">CVE-2026-55040: Microsoft SharePoint JWT Token Authentication Bypass (FIXED)</a></p>

	<p class="fn-rtn"><a href="#fn6-rf"><span class="wb-inv">Return to footnote</span>6<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 7</dt>
	<dd id="fn7">
	<p><a href="https://cwe.mitre.org/data/definitions/1390.html">CWE-1390: Weak Authentication</a></p>

	<p class="fn-rtn"><a href="#fn7-rf"><span class="wb-inv">Return to footnote</span>7<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 8</dt>
	<dd id="fn8">
	<p><a href="https://www.cve.org/CVERecord?id=CVE-2026-58644">CVE-2026-58644</a></p>

	<p class="fn-rtn"><a href="#fn8-rf"><span class="wb-inv">Return to footnote</span>8<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 9</dt>
	<dd id="fn9">
	<p><a href="https://cwe.mitre.org/data/definitions/502.html">CWE-502: Deserialization of Untrusted Data</a></p>

	<p class="fn-rtn"><a href="#fn9-rf"><span class="wb-inv">Return to footnote</span>9<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 10</dt>
	<dd id="fn10">
	<p><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-56164">CISA KEV: CVE-2026-56164</a></p>

	<p class="fn-rtn"><a href="#fn10-rf"><span class="wb-inv">Return to footnote</span>10<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 11</dt>
	<dd id="fn11">
	<p><a href="https://learn.microsoft.com/en-us/lifecycle/products/sharepoint-server-2016">SharePoint Server 2016 - Microsoft Lifecycle</a></p>

	<p class="fn-rtn"><a href="#fn11-rf"><span class="wb-inv">Return to footnote</span>11<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 12</dt>
	<dd id="fn12">
	<p><a href="https://learn.microsoft.com/en-us/lifecycle/products/sharepoint-server-2019">SharePoint Server 2019 - Microsoft Lifecycle</a></p>

	<p class="fn-rtn"><a href="#fn12-rf"><span class="wb-inv">Return to footnote</span>12<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 13</dt>
	<dd id="fn13">
	<p><a href="/en/guidance/top-10-it-security-actions-protect-internet-connected-networks-and-information-itsm10089">Top 10 <abbr title="information technology">IT</abbr> security actions to protect Internet connected networks and information (ITSM.10.089)</a></p>

	<p class="fn-rtn"><a href="#fn13-rf"><span class="wb-inv">Return to footnote</span>13<span class="wb-inv"> referrer</span></a></p>
	</dd>
</dl></aside></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/tenable-security-advisory-av26-705</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/tenable-security-advisory-av26-705"/><title><![CDATA[Tenable security advisory (AV26-705)]]></title><updated>2026-07-15T17:06:52Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7990" about="/en/alerts-advisories/tenable-security-advisory-av26-705" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number</strong>: AV26-705<br /><strong>Date:</strong> July 15, 2026</p>

<p>On July 14, 2026, Tenable published a security advisory to address a critical vulnerability in the following product:</p>

<ul><li>Nessus Agent – versions 11.2.0 and prior</li>
	<li>Nessus Agent – versions 11.1.3 and prior</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://www.tenable.com/security/tns-2026-18">[R1] Tenable Agent Versions 11.2.1 and 11.1.4 Fix a Path Traversal Vulnerability</a></li>
	<li><a href="https://www.tenable.com/security">Tenable Product Security Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/f5-security-advisory-av26-704</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/f5-security-advisory-av26-704"/><title><![CDATA[F5 security advisory (AV26-704)]]></title><updated>2026-07-15T15:46:09Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7989" about="/en/alerts-advisories/f5-security-advisory-av26-704" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26-704<br /><strong>Date:</strong> July 15, 2026</p>

<p>On July 15, 2026, F5 published a security advisory to address vulnerabilities in the following products:</p>

<ul><li>NGINX Agent – versions 2.37.0 to 2.46.5</li>
	<li>NGINX Instance Manager – versions 2.17.1 to 2.22.1</li>
	<li>NGINX Plus – versions 37.0.0.1 to 37.0.2.1</li>
	<li>NGINX Plus – versions R33 to R36</li>
	<li>NGINX Open Source – multiple versions</li>
	<li>NGINX Instance Manager – versions 2.17.0 to 2.22.1</li>
	<li>F5 WAF for NGINX – versions 5.9.0 to 5.13.3</li>
	<li>NGINX App Protect WAF – versions 5.2.0 to 5.8.0</li>
	<li>NGINX App Protect WAF – versions 4.11.0 to 4.16.0</li>
	<li>NGINX Gateway Fabric – versions 2.0.0 to 2.6.6</li>
	<li>NGINX Gateway Fabric – versions 1.3.0 to 1.6.2</li>
	<li>NGINX Ingress Controller – multiple versions</li>
	<li>BIG-IP Next SPK – multiple versions</li>
	<li>BIG-IP Next CNF – multiple versions</li>
	<li>BIG-IP Next for Kubernetes – versions 2.0.0 to 2.3.1</li>
	<li>BIG-IP (all modules) – multiple versions</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://my.f5.com/manage/s/article/K000161837">K000161837: Out-of-band Security Notification (July 15, 2026)</a></li>
	<li><a href="https://my.f5.com/manage/s/article/K12201527">MyF5</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/notepad-security-advisory-av26-703</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/notepad-security-advisory-av26-703"/><title><![CDATA[Notepad++ security advisory (AV26-703)]]></title><updated>2026-07-15T15:30:53Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7988" about="/en/alerts-advisories/notepad-security-advisory-av26-703" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-703<br /><strong>Date:</strong> July 15, 2026</p>

<p>On July 14, 2026, Notepad++ published a security advisory to address vulnerabilities in the following product:</p>

<ul><li>Notepad++ – version prior to 9.7</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://community.notepad-plus-plus.org/topic/27604/notepad-release-8.9.7">Notepad++ v8.9.7 release</a></li>
	<li><a href="https://community.notepad-plus-plus.org/category/1/announcements">Notepad++ community</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/citrix-security-advisory-av26-702</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/citrix-security-advisory-av26-702"/><title><![CDATA[Citrix security advisory (AV26-702)]]></title><updated>2026-07-15T15:22:04Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7987" about="/en/alerts-advisories/citrix-security-advisory-av26-702" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26-702<br /><strong>Date:</strong> July 15, 2026</p>

<p>On July 14, 2026, Citrix published security advisories to address vulnerabilities in the following products:</p>

<ul><li>Citrix Secure Access Client for Windows – versions prior to 26.6.1.20</li>
	<li>Citrix Endpoint Analysis Client for Windows – versions prior to 26.5.1.7</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p>

<ul class="list-unstyled"><li><a href="https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696734&amp;articleURL=Citrix_Secure_Access_Client_for_Windows_and_Citrix_Endpoint_Analysis_Client_for_Windows_Security_Bulletin_for_CVE_2026_53565_and_CVE_2026_53566">Citrix Secure Access Client for Windows and Citrix Endpoint Analysis Client for Windows Security Bulletin for CVE-2026-53565 and CVE-2026-53566</a></li>
	<li><a href="https://support.citrix.com/support-home/topic-article-list?trendingCategory=20&amp;trendingTopicName=Security%20Bulletin">Citrix Security Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-701</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-701"/><title><![CDATA[Google Chrome security advisory (AV26-701)]]></title><updated>2026-07-15T15:12:44Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7986" about="/en/alerts-advisories/google-chrome-security-advisory-av26-701" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26-701<br /><strong>Date:</strong> July 14, 2026</p>

<p>On July 14, 2026, Google published a security advisory to address vulnerabilities in the following product:</p>

<ul><li>Stable Channel Chrome for Desktop – versions prior to0.7871.124/125 (Windows/Mac), and 150.0.7871.124 (Linux)</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p>

<ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_0353146366.html">Google Chrome Security Advisory</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-700</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-700"/><title><![CDATA[HPE security advisory (AV26-700)]]></title><updated>2026-07-15T14:56:58Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7985" about="/en/alerts-advisories/hpe-security-advisory-av26-700" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26-700<br /><strong>Date:</strong> July 15, 2026</p>

<p>On July 14, 2026, HPE published security advisories to address vulnerabilities in the following products. Included were critical updates for the following:</p>

<ul><li>HPE Telco Intelligent Assurance (FAS and PDO) – versions 4.2.15 and prior</li>
	<li>HPE Unified OSS Console (UOC) – versions 3.1.21 and prior</li>
	<li>HPE Unified OSS Console Assurance Monitoring (UOCAM) – versions 3.1.21 and prior</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05076en_us&amp;docLocale=en_US#hpesbnw05076-rev-1-hpe-telco-intelligent-assurance-0">HPESBNW05076 rev.1 - HPE Telco Intelligent Assurance, Multiple Vulnerabilities</a></li>
	<li><a href="https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05080en_us&amp;docLocale=en_US#hpesbnw05080-rev-1-hpe-unified-oss-console-uoc-and-0">HPESBNW05080 rev.1 - HPE Unified OSS Console (UOC) and HPE Unified OSS Console Assurance Monitoring (UOCAM), Multiple Vulnerabilities</a></li>
	<li><a href="https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US">HPE Security Bulletin Library</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/sonicwall-security-advisory-av26-699</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/sonicwall-security-advisory-av26-699"/><title><![CDATA[SonicWall security advisory (AV26-699) – Update 1]]></title><updated>2026-07-14T20:27:13Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7984" about="/en/alerts-advisories/sonicwall-security-advisory-av26-699" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-699<br /><strong>Date: </strong>July 14, 2026</p>

<p>On July 14, 2026, <span lang="en" xml:lang="en" xml:lang="en">SonicWall</span> published a security advisory to address critical vulnerabilities in the following products:</p>

<ul><li>SMA1000 Models (6210, 7210 &amp; 8200v) - version 12.4.3-03245, 12.4.3-03387 and 12.4.3-03434 (<span lang="en" xml:lang="en" xml:lang="en">platform-hotfix</span>)</li>
	<li>SMA1000 Models (6210, 7210 &amp; 8200v) - version 12.5.0-02283, 12.5.0-02624 and 12.5.0-02800 (<span lang="en" xml:lang="en" xml:lang="en">platform-hotfix</span>)</li>
</ul><p>SonicWall indicates that CVE-2026-15409 and CVE-2026-15410 are being exploited.</p>

<h2 class="h3">Update 1</h2>

<p>On July 14, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-15409 and CVE-2026-15410 to their Known Exploited Vulnerabilities (KEV) Database.</p>

<p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0008"><span lang="en" xml:lang="en" xml:lang="en">SonicWall</span> SMA1000 <span lang="en" xml:lang="en" xml:lang="en">Series Appliances Affected By Multiple Vulnerabilities</span></a></li>
	<li><a href="https://psirt.global.sonicwall.com/vuln-list "><span lang="en" xml:lang="en" xml:lang="en">SonicWall Security Advisories</span></a></li>
	<li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-15409">CISA KEV: CVE-2026-15409</a></li>
	<li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-15410">CISA KEV: CVE-2026-15410</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-july-2026-monthly-rollup-av26-698</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-july-2026-monthly-rollup-av26-698"/><title><![CDATA[Microsoft security advisory – July 2026 monthly rollup (AV26-698)]]></title><updated>2026-07-14T20:02:49Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7983" about="/en/alerts-advisories/microsoft-security-advisory-july-2026-monthly-rollup-av26-698" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26–698<br /><strong>Date: </strong>July 14, 2026</p>

<p>On July 14, 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:</p>

<ul><li>.NET 10.0 installed on Linux</li>
	<li>.NET 10.0 installed on Mac OS</li>
	<li>.NET 10.0 installed on Windows</li>
	<li>.NET 8.0 installed on Linux</li>
	<li>.NET 8.0 installed on Mac OS</li>
	<li>.NET 8.0 installed on Windows</li>
	<li>.NET 9.0 installed on Linux</li>
	<li>.NET 9.0 installed on Mac OS</li>
	<li>.NET 9.0 installed on Windows</li>
	<li>Age of Empires II: Definitive Edition Game</li>
	<li>Azure Active Directory</li>
	<li>Azure CycleCloud 8.9.1</li>
	<li>Azure Monitor Agent Metrics Extension</li>
	<li>Azure Open AI</li>
	<li>Azure Spring Apps</li>
	<li>Azure Synapse</li>
	<li>Fabric Data Warehouse</li>
	<li>GitHub Copilot Plugin for JetBrains IDEs</li>
	<li>Microsoft .NET Framework</li>
	<li>Microsoft .NET Framework 3.5</li>
	<li>Microsoft .NET Framework 4.8.1</li>
	<li>Microsoft 365 Apps</li>
	<li>Microsoft 365 Apps for Enterprise</li>
	<li>Microsoft 365 Copilot</li>
	<li>Microsoft 365 Copilot for Android</li>
	<li>Microsoft 365 Copilot for iOS</li>
	<li>Microsoft Bing Search for iOS</li>
	<li>Microsoft Defender for Endpoint for Mac</li>
	<li>Microsoft Dynamics NAV 2018</li>
	<li>Microsoft Edge (Chromium-based)</li>
	<li>Microsoft Entra Provisioning Service</li>
	<li>Microsoft Excel 2016</li>
	<li>Microsoft Exchange Online</li>
	<li>Microsoft Exchange Server 2016</li>
	<li>Microsoft Exchange Server 2019</li>
	<li>Microsoft Exchange Server Subscription Edition RTM</li>
	<li>Microsoft Malware Protection Engine</li>
	<li>Microsoft Office 2016</li>
	<li>Microsoft Office 2019</li>
	<li>Microsoft Office 365 for Mac</li>
	<li>Microsoft Office LTSC 2021</li>
	<li>Microsoft Office LTSC 2024</li>
	<li>Microsoft Office LTSC for Mac 2021</li>
	<li>Microsoft Office LTSC for Mac 2024</li>
	<li>Microsoft Office for Android</li>
	<li>Microsoft PC Manager</li>
	<li>Microsoft PowerPoint 2016</li>
	<li>Microsoft SQL Server 2016</li>
	<li>Microsoft SQL Server 2017</li>
	<li>Microsoft SQL Server 2019</li>
	<li>Microsoft SQL Server 2022</li>
	<li>Microsoft SQL Server 2025</li>
	<li>Microsoft SharePoint Enterprise Server 2016</li>
	<li>Microsoft SharePoint Server 2019</li>
	<li>Microsoft SharePoint Server Subscription Edition</li>
	<li>Microsoft Surface Go 2</li>
	<li>Microsoft Surface Go 3</li>
	<li>Microsoft Surface Hub</li>
	<li>Microsoft Surface Hub 2S</li>
	<li>Microsoft Surface Hub 3</li>
	<li>Microsoft Surface Laptop Go</li>
	<li>Microsoft Surface Laptop Go 2</li>
	<li>Microsoft Surface Laptop Go 3</li>
	<li>Microsoft Surface Pro 7+</li>
	<li>Microsoft Surface Pro 8</li>
	<li>Microsoft Visual Studio 2022</li>
	<li>Microsoft Visual Studio 2026</li>
	<li>Microsoft Word 2016</li>
	<li>AspNet.OData</li>
	<li>AspNetCore.OData</li>
	<li>Minecraft Bedrock Dedicated Server</li>
	<li>Office Online Server</li>
	<li>Power BI Report Server</li>
	<li>Surface Laptop 4 with AMD Processor</li>
	<li>Surface Laptop 4 with Intel Processor</li>
	<li>Surface Windows Dev Kit</li>
	<li>Visual Studio Code</li>
	<li>Windows 10</li>
	<li>Windows 11</li>
	<li>Windows 11 Version</li>
	<li>Windows Admin Center</li>
	<li>Windows Remote Help</li>
	<li>Windows Server 2012</li>
	<li>Windows Server 2012 R2</li>
	<li>Windows Server 2016</li>
	<li>Windows Server 2019</li>
	<li>Windows Server 2022</li>
	<li>Windows Server 2025</li>
	<li>Windows Subsystem for Linux (WSL2)</li>
	<li>Windows Terminal for Windows 10</li>
	<li>Windows Terminal for Windows 11</li>
</ul><p>Microsoft has indicated that CVE-2026-56164 and CVE-2026-56155 are being exploited.</p>

<p>On July 14, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-56164 and CVE-2026-56155 to their Known Exploited Vulnerabilities (KEV) Database.</p>

<p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://msrc.microsoft.com/update-guide/releaseNote/2026-Jul">July 2026 Security Updates</a></li>
	<li><a href="https://msrc.microsoft.com/update-guide/en-us">Security Update Guide</a></li>
	<li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-56164">CISA KEV: CVE-2026-56164</a></li>
	<li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-56155 ">CISA KEV: CVE-2026-56155</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-697</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-697"/><title><![CDATA[Adobe security advisory (AV26-697)]]></title><updated>2026-07-14T19:25:40Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7982" about="/en/alerts-advisories/adobe-security-advisory-av26-697" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26–697<br /><strong>Date: </strong>July 14, 2026</p>

<p>On July 14, 2026, Adobe published security advisories to address critical vulnerabilities in the following products:</p>

<ul><li>Adobe After Effects - version 25.6.5 and prior</li>
	<li>Adobe After Effects - version 26.2.1 and prior</li>
	<li>Adobe Animate 2023 - version 23.0.15 and prior</li>
	<li>Adobe Animate 2024 - version 24.0.13 and prior</li>
	<li>Adobe Audition - version 25.6.4 and prior</li>
	<li>Adobe Audition - version 26.0 and prior</li>
	<li>Adobe Bridge - version 15.1.5 (LTS) and prior</li>
	<li>Adobe Bridge - version 16.0.3 and prior</li>
	<li>Adobe Commerce B2B - multiple versions</li>
	<li>Adobe Commerce - multiple versions</li>
	<li>Adobe Commerce Events - version 1.6.0 to 1.20.0</li>
	<li>Adobe Experience Manager (AEM) - version AEM Cloud Service (CS) Release 2026.5.0 and prior</li>
	<li>Adobe Experience Manager (AEM) - version 6.5 LTS Service Pack 1 and prior</li>
	<li>Adobe Experience Manager (AEM) - version 6.5 Service Pack 24 and prior</li>
	<li>Adobe Media Encoder - version 25.6.5 and prior</li>
	<li>Adobe Media Encoder - version 26.2.2 and prior</li>
	<li>Adobe Premiere - version 26.2.2 and prior</li>
	<li>Adobe Premiere Pro - version 25.6.5 and prior</li>
	<li>ColdFusion 2025 Update 10 and earlier versions</li>
	<li>ColdFusion 2023 Update 21 and earlier versions</li>
	<li>ColdFusion 2021 - version 2021.0.0.323925 and prior</li>
	<li>ColdFusion 2023 - version 2023.0.0.330468 and prior</li>
	<li>ColdFusion 2025 - version 2023.0.0.331385 and prior</li>
	<li>Content Credentials Command-Line Tool - version c2patool-v0.17.0 and prior</li>
	<li>Content Credentials JS SDK - version @contentauth/c2pa-web@0.7.0 and prior</li>
	<li>Content Credentials Rust SDK - version c2pa-v0.84.0 and prior</li>
	<li>Creative Cloud Desktop Application - version 6.9.1.1 and prior</li>
	<li>Illustrator 2025 - version 29.8.7 and prior</li>
	<li>Illustrator 2026 - version 30.5 and prior</li>
	<li>Magento Open Source - multiple versions</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://helpx.adobe.com/security.html">Adobe Security Advisories</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-696</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-696"/><title><![CDATA[Ivanti security advisory (AV26-696)]]></title><updated>2026-07-14T19:07:39Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7981" about="/en/alerts-advisories/ivanti-security-advisory-av26-696" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-696<br /><strong>Date: </strong>July 14, 2026</p>

<p>On July 14, 2026, Ivanti published a security advisory to address vulnerabilities in the following product:</p>

<ul><li>Ivanti Xtraction – version 2026.2 and prior</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Xtraction-CVE-2026-14902-CVE-2026-14903?language=en_US">Security Advisory Ivanti Xtraction (CVE-2026-14902, CVE-2026-14903)</a></li>
	<li><a href="https://forums.ivanti.com/s/searchallcontent?language=en_US#tab=All&amp;sortCriteria=date%20descending&amp;f-sfkbknowledgearticletypec=Security%20Advisory">Ivanti Security Advisories</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/fortinet-security-advisory-av26-695</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/fortinet-security-advisory-av26-695"/><title><![CDATA[Fortinet security advisory (AV26-695)]]></title><updated>2026-07-14T18:38:50Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7980" about="/en/alerts-advisories/fortinet-security-advisory-av26-695" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-695<br /><strong>Date: </strong>July 14, 2026</p>

<p>On July 14, 2026, Fortinet published security advisories to address vulnerabilities in multiple products:</p>

<ul><li>FortiAuthenticator 6.6 - versions 6.6.0 to 6.6.2</li>
	<li>FortiAuthenticator 6.5 - versions 6.5.0 to 6.5.7</li>
	<li>FortiSandbox 5.0 - versions 5.0.0 to 5.0.2</li>
	<li>FortiSandbox 4.4 - versions 4.4.3 to 4.4.8</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://www.fortiguard.com/psirt/FG-IR-26-146">Out of bounds read in GUI</a></li>
	<li><a href="https://www.fortiguard.com/psirt/FG-IR-26-145">Unauthenticated VNC access exposed on all interfaces</a></li>
	<li><a href="https://www.fortiguard.com/psirt?filter=1&amp;version=&amp;severity=5&amp;severity=4&amp;severity=3&amp;severity=2">Fortinet PSIRT Advisories</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/veeam-security-advisory-av26-694</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/veeam-security-advisory-av26-694"/><title><![CDATA[Veeam security advisory (AV26-694)]]></title><updated>2026-07-14T15:44:38Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7978" about="/en/alerts-advisories/veeam-security-advisory-av26-694" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-694<br /><strong>Date:</strong> July 14, 2026</p>

<p>On July 14, 2026, Veeam published a security advisor to address a critical vulnerability in the following product:</p>

<ul><li>Veeam Software Appliance Updater Component – versions prior to 12.3.0.65</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://www.veeam.com/kb4879 ">Veeam Software Appliance - Updater Component Vulnerability</a></li>
	<li><a href="https://www.veeam.com/knowledge-base.html ">Veeam Knowledge Base</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/servicenow-security-advisory-av26-693</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/servicenow-security-advisory-av26-693"/><title><![CDATA[ServiceNow security advisory (AV26-693)]]></title><updated>2026-07-14T14:34:41Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7977" about="/en/alerts-advisories/servicenow-security-advisory-av26-693" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-693<br /><strong>Date: </strong>July 14, 2026</p>

<p>On July 13, 2026, ServiceNow published a security advisory to address a critical vulnerability in the following products:</p>

<ul><li>Brazil - versions prior to Brazil EA and Brazil GA</li>
	<li>Australia - versions prior to Australia Patch 2</li>
	<li>Zurich - versions prior to Zurich Patch 7b and Zurich Patch 9</li>
	<li>Yokohama - versions prior to Yokohama Patch 12 Hot Fix 1b and Yokohama Patch 13</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://support.servicenow.com/kb?id=kb_article_view&amp;sysparm_article=KB3137947">[Security Advisory] CVE-2026-6875 - Sandbox Escape in ServiceNow AI Platform</a></li>
	<li><a href="https://support.servicenow.com/kb?id=kb_article_view&amp;sysparm_article=KB1226057">ServiceNow security advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/mozilla-security-advisory-av26-692</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/mozilla-security-advisory-av26-692"/><title><![CDATA[Mozilla security advisory (AV26-692)]]></title><updated>2026-07-14T14:23:33Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7976" about="/en/alerts-advisories/mozilla-security-advisory-av26-692" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-692<br /><strong>Date: </strong>July 14, 2026</p>

<p>On July 14, 2026, Mozilla published a security advisory to address vulnerabilities in the following product. Included was a critical update for the following:</p>

<ul><li>Firefox – versions prior to 152.0.6</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://www.mozilla.org/en-US/security/advisories/mfsa2026-67/">Mozilla Foundation Security Advisory 2026-67</a></li>
	<li><a href="https://www.mozilla.org/en-US/security/advisories/">Mozilla Security Advisories</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-691</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-691"/><title><![CDATA[HPE security advisory (AV26-691)]]></title><updated>2026-07-14T14:12:52Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7975" about="/en/alerts-advisories/hpe-security-advisory-av26-691" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-691<br /><strong>Date: </strong>July 14, 2026<strong> </strong></p>

<p>On July 14, 2026, HPE published a security advisory to address vulnerabilities in the following products:</p>

<ul><li>HPE Compute Scale-up Server 3200 - versions prior to v1.76.44</li>
	<li>HPE Compute Scale-up Server 3250 - versions prior to v1.02.48</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf05079en_us&amp;docLocale=en_US#hpesbhf05079-rev-1-hpe-compute-scale-up-server-320-0">HPESBHF05079 rev.1 - HPE Compute Scale-up Server 3200 and 3250 platforms, Multiple Vulnerabilities</a></li>
	<li><a href="https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US">HPE Security Bulletin Library</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/sap-security-advisory-july-2026-monthly-rollup-av26-690</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/sap-security-advisory-july-2026-monthly-rollup-av26-690"/><title><![CDATA[SAP security advisory – July 2026 monthly rollup (AV26-690)]]></title><updated>2026-07-14T13:54:12Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7974" about="/en/alerts-advisories/sap-security-advisory-july-2026-monthly-rollup-av26-690" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-690<br /><strong>Date: </strong>July 14, 2026</p>

<p>On July 14, 2026, SAP published security advisories to address vulnerabilities in the following products. Included were critical updates for the following:</p>

<ul><li>SAP Approuter node.js package - versions prior to 20.10.0</li>
	<li>SAP Approuter node.js package - versions prior to 21.2.0</li>
	<li>SAP Change and Transport System Attach Tool (ctsattach) - version CTS_UPLOAD_CLT 1</li>
	<li>SAP Commerce Cloud - versions HY_COM 2205, COM_CLOUD 2211 and 2211-JDK21</li>
	<li>SAP CRM (WebClient UI) - versions S4FND 104, 105 and 106</li>
	<li>SAP Fiori (launchpad) - versions SAP_UI 754, 755, 756, 757, 758 and 816</li>
	<li>SAP Integration Suite (Edge Integration Cell) - versions prior to 8.43.11</li>
	<li>SAP HANA Extended Application Services classic model (User Self Service) - version HDB 2.00</li>
	<li>SAP NetWeaver Application Server ABAP - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53. 7.54, 7.77, 7.89, 7.93, 9.16, 9.18, 9.19 and 9.20</li>
	<li>SAP NetWeaver Application Server ABAP (applications based on Business Server Pages) - multiple versions</li>
	<li>SAP NetWeaver Application Server Java (Configuration Wizard) - version ENGINEAPI 7.50</li>
	<li>SAP NetWeaver Application Server Java (Web Container) - version LMCTC 7.50</li>
	<li>SAP NetWeaver AS Java - versions SERVERCORE 7.50, CORE-TOOLS 7.50 and J2EE-APPS 7.50</li>
	<li>SAP NetWeaver Enterprise Portal - version EP-RUNTIME 7.50</li>
	<li>SAProuter on Microsoft Windows - versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, SAP_ROUTER 7.53, 7.54, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93, 9.16, 9.17 and 9.18</li>
	<li>SAP S/4 HANA (Create Single Payment) - versions S4CORE 102, 103, 104, 105, 106, 107, 108 and 109</li>
	<li>SAP S/4HANA (Draft operation) - version S4CORE 108</li>
	<li>SAP S/4HANA Project Management (PPM-PRO) - multiple versions</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations, and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2026.html">SAP Security Patch Day - July 2026</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/control-systems-siemens-security-advisory-av26-689</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/control-systems-siemens-security-advisory-av26-689"/><title><![CDATA[[Control systems] Siemens security advisory (AV26-689)]]></title><updated>2026-07-14T13:33:00Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7973" about="/en/alerts-advisories/control-systems-siemens-security-advisory-av26-689" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-689<br /><strong>Date:</strong> July 14, 2026</p>

<p>On July 14, 2026, Siemens published security advisories to address vulnerabilities in the following products. Included were updates for the following products:</p>

<ul><li>CADRA - versions prior to V2511</li>
	<li>Desigo CC family V7/V8 - all versions</li>
	<li>Desigo CC family V9 - versions prior to V9.0 QU1</li>
	<li>IAM Client - multiple versions and models</li>
	<li>Mendix Runtime - all versions</li>
	<li>Opcenter X - versions prior to V2604</li>
	<li>Palo Alto Networks PAN-OS on RUGGEDCOM APE1808 - all versions</li>
	<li>SIDIS Secured SmartPlug - versions prior to V7.26.0310</li>
	<li>SIMATIC S7-1500 CPU family - versions prior to V3.1.6</li>
	<li>SIMATIC S7-PLCSIM Advanced - all versions</li>
	<li>Simcenter STAR-CCM+ - all versions</li>
</ul><p>The Cyber Centre encourages users and administrators to review the web link provided, perform the suggested mitigations and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://www.siemens.com/global/en/products/services/cert.html#SecurityPublications">Siemens Security Advisories</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/red-hat-security-advisory-av26-688</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/red-hat-security-advisory-av26-688"/><title><![CDATA[Red Hat security advisory (AV26-688)]]></title><updated>2026-07-13T12:59:13Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7971" about="/en/alerts-advisories/red-hat-security-advisory-av26-688" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-688<br /><strong>Date: </strong>July 13, 2026</p>

<p>Between July 6 and 12, 2026, Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:</p>

<ul><li>Red Hat CodeReady Linux Builder – multiple versions and platforms</li>
	<li>Red Hat Enterprise Linux – multiple versions and platforms</li>
	<li>Red Hat Enterprise Linux Server – multiple versions and platforms</li>
	<li>Red Hat Enterprise Linux for Real Time – multiple versions and platforms</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://access.redhat.com/security/security-updates/security-advisories">Red Hat Security Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-687</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-687"/><title><![CDATA[[Control systems] CISA ICS security advisories (AV26–687)]]></title><updated>2026-07-13T12:56:34Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7970" about="/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-687" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26–687<br /><strong>Date: </strong>July 13, 2026</p>

<p>Between July 6 and 12, 2026, CISA published ICS advisories to address vulnerabilities in the following products:</p>

<ul><li>Digi International PortServer TS – multiple versions</li>
	<li>Digi One SP IA – multiple versions</li>
	<li>Hydro-<span lang="fr" xml:lang="fr" xml:lang="fr">Québec Le Circuit Electrique</span> charging station backend – versions prior to June_2026</li>
	<li>Hitachi Energy e-mesh EMS – versions 4.1.6, 4.4.2 and 4.7.0</li>
	<li>Hitachi Energy PROMOD V – versions 1.0.10 and prior</li>
	<li>Labcenter Proteus 9 – version Proteus 9.1_SP4_Build_42914</li>
	<li>OpenPLC v3 – version OpenPLC v3</li>
	<li>Schneider Electric Easergy MiCOM Px40 Series – multiple versions</li>
	<li>Schneider Electric PowerChute Serial Shutdown – versions 1.4 and prior</li>
	<li>Siemens Mendix Studio Pro – multiple versions</li>
	<li>Siemens SINEC OS – version RUGGEDCOM RST2428P (6GK6242-6PA00) – versions prior to 4.0</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations, and apply the necessary updates if available.</p>

<ul class="list-unstyled"><li><a href="https://www.cisa.gov/news-events/cybersecurity-advisories">CISA ICS Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av26-686</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av26-686"/><title><![CDATA[Ubuntu security advisory (AV26-686)]]></title><updated>2026-07-13T12:55:49Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7969" about="/en/alerts-advisories/ubuntu-security-advisory-av26-686" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-686<br /><strong>Date:</strong> July 13, 2026</p>

<p>Between July 6 and 12, 2026, Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:</p>

<ul><li>Ubuntu 18.04 LTS</li>
	<li>Ubuntu 22.04 LTS</li>
	<li>Ubuntu 24.04 LTS</li>
	<li>Ubuntu 25.10</li>
	<li>Ubuntu 26.04 LTS</li>
</ul><p>The Cyber Centre encourages users and administrators to review the web link provided and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://ubuntu.com/security/notices">Ubuntu Security Notices</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/dell-security-advisory-av26-685</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/dell-security-advisory-av26-685"/><title><![CDATA[Dell security advisory (AV26-685)]]></title><updated>2026-07-13T12:54:36Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7968" about="/en/alerts-advisories/dell-security-advisory-av26-685" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-685<br /><strong>Date:</strong> July 13, 2026</p>

<p>Between July 6 and 12, 2026, Dell published security advisories to address vulnerabilities in multiple products:</p>

<ul><li>Dell Data Lakehouse – versions prior to 1.8.0.1</li>
	<li>Dell Enterprise SONiC Distribution – versions prior to 4.6.0</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://www.dell.com/support/kbdoc/en-ca/000487165/dsa-2026-291-security-update-for-dell-data-lakehouse-third-party-component-vulnerabilities">DSA-2026-291: Security Update for Dell Data Lakehouse Third-Party Component Vulnerabilities</a></li>
	<li><a href="https://www.dell.com/support/kbdoc/en-ca/000486907/dsa-2026-290-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities">DSA-2026-290: Security Update for Dell Enterprise SONiC Distribution Vulnerabilities</a></li>
	<li><a href="https://www.dell.com/support/security/en-ca">Dell Security advisories and notices</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-684</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-684"/><title><![CDATA[IBM security advisory (AV26-684)]]></title><updated>2026-07-13T12:53:49Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7967" about="/en/alerts-advisories/ibm-security-advisory-av26-684" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-684<br /><strong>Date: </strong>July 13, 2026</p>

<p>Between July 6 and 12, 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:</p>

<ul><li>IBM Aspera Enterprise WebApps – versions 1.0.0 to 1.0.3</li>
	<li>IBM Cloud Pak System – versions prior to 2.3.5.0</li>
	<li>IBM Cloud Pak for Data System (CPDS) – versions 1.0.0.0 to 1.0.10.0</li>
	<li>IBM Guardium Data Protection – versions prior to 12.2</li>
	<li>IBM Library Support for Spring – versions 3.2 to 3.2.26 and 3.4 to 3.4.18</li>
	<li>IBM Maximo Application Suite – Monitor Component – versions prior to 9.1 and 9.0</li>
	<li>IBM Operational Decision Manager – multiple versions</li>
	<li>IBM Planning Analytics Local – versions 2.1.0 to 2.1.21</li>
	<li>IBM RDi – version 9.9</li>
	<li>IBM SPSS Modeler – versions prior to 19.0.0.0</li>
	<li>IBM Software Support App (iOS) / (Android) – versions 4.0.1 to 4.1.0</li>
	<li>IBM Storage Protect Snapshot For Windows – versions 8.1.0.0 to 8.2.1.0</li>
	<li>IBM Tivoli Network Manager IP Edition – versions 4.2 GA to 4.2.0.24</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://www.ibm.com/support/pages/bulletin/">IBM Product Security Incident Response</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/bitwarden-security-advisory-av26-683</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/bitwarden-security-advisory-av26-683"/><title><![CDATA[BitWarden security advisory (AV26-683)]]></title><updated>2026-07-10T19:57:14Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7966" about="/en/alerts-advisories/bitwarden-security-advisory-av26-683" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-683<br /><strong>Date:</strong> July 10, 2026</p>

<p>On July 8, 2026, BitWarden published security advisories to address a vulnerability in the following product:</p>

<ul><li><span lang="en" xml:lang="en" xml:lang="en">Bitwarden Server</span> – versions prior to 2026.6.2</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://github.com/bitwarden/server/releases/tag/v2026.6.2">BitWarden Server</a></li>
	<li><a href="https://bitwarden.com/">BitWarden Home</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/vulnerability-impacting-roundcube-webmail-cve-2025-49113</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/vulnerability-impacting-roundcube-webmail-cve-2025-49113"/><title><![CDATA[AL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 1]]></title><updated>2026-07-10T19:12:59Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="6437" about="/en/alerts-advisories/vulnerability-impacting-roundcube-webmail-cve-2025-49113" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Number:</strong> AL25-007<br /><strong>Date:</strong> June 11, 2025<br /><strong>Updated:</strong> July 10, 2026</p>

<h2>Audience</h2>

<p>This Alert is intended for IT professionals and managers of notified organizations.</p>

<h2>Purpose</h2>

<p>An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security ("Cyber Centre") is also available to provide additional assistance regarding the content of this Alert to recipients as requested.</p>

<h2>Details</h2>

<p>On June 1, 2025, Roundcube released a security bulletin for a critical vulnerability affecting Webmail. The issue is described as a Post-Auth RCE via PHP Object Deserialization vulnerability (CVE-2025-49113)<sup id="fn1a-rf"><a class="fn-lnk" href="#fn1"><span class="wb-inv">Footnote </span>1</a></sup>. The versions of Roundcube products affected are<sup id="fn2-rf"><a class="fn-lnk" href="#fn2"><span class="wb-inv">Footnote </span>2</a></sup>:</p>

<ul><li>Webmail – versions prior to 1.5.10</li>
	<li>Webmail – versions prior to 1.6.11</li>
</ul><p>In response to this vulnerability, the Cyber Centre released AV25-309 on June 2, 2025<sup id="fn3-rf"><a class="fn-lnk" href="#fn3"><span class="wb-inv">Footnote </span>3</a></sup>.</p>

<p>While the Cyber Centre has not received any reports of exploitation, the existence of a proof of concept (POC) significantly raises the likeness of abuse by malicious actors. The existence of a published <abbr title="proof of concept">POC</abbr> makes it imperative to take action to assess and mitigate this vulnerability.</p>

<p>The Cyber Centre is aware that exploitation of CVE-2024-42009 has been used to obtain valid credentials, which could lead to exploitation of CVE-2025-49113. CISA added CVE-2024-42009 to their Known Exploited Vulnerabilities (KEV) catalog<sup id="fn4-rf"><a class="fn-lnk" href="#fn4"><span class="wb-inv">Footnote </span>4</a></sup><sup id="fn5-rf"><a class="fn-lnk" href="#fn5"><span class="wb-inv">Footnote </span>5</a></sup>on June 9, 2025.</p>

<h2>Update 1</h2>

<p>The Cyber Centre is aware of open-source reporting indicating ongoing exploitation<sup id="fn7-rf"><a class="fn-lnk" href="#fn7"><span class="wb-inv">Footnote </span>7</a></sup> of CVE-2024-42009<sup id="fn8-rf"><a class="fn-lnk" href="#fn8"><span class="wb-inv">Footnote </span>8</a></sup> and CVE-2025-49113<sup id="fn1b-rf"><a class="fn-lnk" href="#fn1"><span class="wb-inv">Footnote </span>1</a></sup> related to Roundcube Webmail.</p>

<p>The Cyber Centre strongly recommends that organizations upgrade to the latest Roundcube Webmail versions as per AV26-657<sup id="fn9-rf"><a class="fn-lnk" href="#fn9"><span class="wb-inv">Footnote </span>9</a></sup>:</p>

<ul><li>Webmail – version 1.6.17</li>
	<li>Webmail – version 1.7.2</li>
</ul><p>On June 9, 2025, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-42009 to their Known Exploited Vulnerabilities (KEV) Database<sup id="fn10-rf"><a class="fn-lnk" href="#fn10"><span class="wb-inv">Footnote </span>10</a></sup>.</p>

<p>Also, on February 20, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-49113 to their Known Exploited Vulnerabilities (KEV) Database<sup id="fn11-rf"><a class="fn-lnk" href="#fn11"><span class="wb-inv">Footnote </span>11</a></sup>.</p>

<p><strong>End of Update 1</strong></p>

<h2>Suggested actions</h2>

<p>The Cyber Centre strongly recommends that organizations update to Roundcube Webmail versions 1.5.10+ or 1.6.11+<span class="nowrap"><sup id="fn2a-rf"><a class="fn-lnk" href="#fn2"><span class="wb-inv">Footnote </span>2</a></sup>,</span> which would mitigate issues reported by both CVEs mentioned here (CVE-2024-42009 and CVE-2025-49113).</p>

<p>The Cyber Centre recommends that organizations:</p>

<ul><li>Assess the installation of Roundcube Webmail.</li>
	<li>Apply updates to Roundcube Webmail without delay.</li>
	<li>Monitor affected systems for signs of exploitation.</li>
	<li>Monitor for brute-force attempts and if possible, implement rate limitation techniques.</li>
</ul><p>In addition, the Cyber Centre strongly recommends that organizations review and implement the Cyber Centre's Top 10 IT Security Actions<sup id="fn6-rf"><a class="fn-lnk" href="#fn6"><span class="wb-inv">Footnote </span>6</a></sup> with an emphasis on the following strategies:</p>

<p>If activity matching the content of this alert is discovered, recipients are encouraged to report via the <a href="https://www.cyber.gc.ca/en/incident-management">My Cyber Portal</a>, or email <a href="mailto:contact@cyber.gc.ca">contact@cyber.gc.ca</a>.</p>

<h2>References</h2>

<aside class="wb-fnote" role="note"><dl><dt>Footnote 1</dt>
	<dd id="fn1">
	<p><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-49113">CVE-2025-49113</a></p>

	<p class="fn-rtn"><a href="#fn1-rf"><span class="wb-inv">Return to footnote</span>1<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 2</dt>
	<dd id="fn2">
	<p><a href="https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10">Security updates 1.6.11 and 1.5.10 released</a></p>

	<p class="fn-rtn"><a href="#fn2-rf"><span class="wb-inv">Return to footnote</span>2<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 3</dt>
	<dd id="fn3">
	<p><a href="/en/alerts-advisories/roundcube-security-advisory-av25-309">AV25-309 – Roundcube security advisory</a></p>

	<p class="fn-rtn"><a href="#fn3-rf"><span class="wb-inv">Return to footnote</span>3<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 4</dt>
	<dd id="fn4">
	<p><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">CISA KEV</a></p>

	<p class="fn-rtn"><a href="#fn4-rf"><span class="wb-inv">Return to footnote</span>4<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 5</dt>
	<dd id="fn5">
	<p><a href="https://cert.pl/en/posts/2025/06/unc1151-campaign-roundcube/">UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign</a></p>

	<p class="fn-rtn"><a href="#fn5-rf"><span class="wb-inv">Return to footnote</span>5<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 6</dt>
	<dd id="fn6">
	<p><a href="/en/guidance/top-10-it-security-actions-protect-internet-connected-networks-and-information-itsm10089">Top 10 IT security actions to protect Internet connected networks and information (ITSM.10.089)</a></p>

	<p class="fn-rtn"><a href="#fn6-rf"><span class="wb-inv">Return to footnote</span>6<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 7</dt>
	<dd id="fn7">
	<p><a href="https://www.proofpoint.com/us/blog/threat-insight/one-email-closer-edge-unkmasstraction-physics-exploitation">One Email Closer to the Edge: UNK_MassTraction &amp; the Physics of Exploitation</a></p>

	<p class="fn-rtn"><a href="#fn7-rf"><span class="wb-inv">Return to footnote</span>7<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 8</dt>
	<dd id="fn8">
	<p><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-42009">CVE-2024-42009 Detail</a></p>

	<p class="fn-rtn"><a href="#fn8-rf"><span class="wb-inv">Return to footnote</span>8<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 9</dt>
	<dd id="fn9">
	<p><a href="/en/alerts-advisories/roundcube-security-advisory-av26-657">AV25-657 – Roundcube security advisory</a></p>

	<p class="fn-rtn"><a href="#fn9-rf"><span class="wb-inv">Return to footnote</span>9<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 10</dt>
	<dd id="fn10">
	<p><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-42009">CISA KEV: CVE-2025-42009</a></p>

	<p class="fn-rtn"><a href="#fn10-rf"><span class="wb-inv">Return to footnote</span>10<span class="wb-inv"> referrer</span></a></p>
	</dd>
	<dt>Footnote 11</dt>
	<dd id="fn11">
	<p><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-49113">CISA KEV: CVE-2025-49113</a></p>

	<p class="fn-rtn"><a href="#fn11-rf"><span class="wb-inv">Return to footnote</span>11<span class="wb-inv"> referrer</span></a></p>
	</dd>
</dl></aside></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-682</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-682"/><title><![CDATA[Microsoft Edge security advisory (AV26-682)]]></title><updated>2026-07-10T18:06:59Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7965" about="/en/alerts-advisories/microsoft-edge-security-advisory-av26-682" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-682<br /><strong>Date:</strong> July 10, 2026</p>

<p>On July 9, 2026, Microsoft published a security update to address vulnerabilities in the following product:</p>

<ul><li><span lang="en" xml:lang="en" xml:lang="en">Microsoft Edge Stable Channel</span> – versions prior to 150.0.4078.65</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.</p>

<ul class="list-unstyled"><li><a href="https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#july-9-2026">Microsoft Edge Stable Channel Release Notes</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-681</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-681"/><title><![CDATA[Broadcom VMware security advisory (AV26-681)]]></title><updated>2026-07-10T17:59:53Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7964" about="/en/alerts-advisories/broadcom-vmware-security-advisory-av26-681" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-681<br /><strong>Date: </strong>July 10, 2026</p>

<p>Between July 8 and 10, 2026, Broadcom published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:</p>

<ul><li>Open Source RabbitMQ - multiple versions</li>
	<li>VMware Tanzu Greenplum Command Center - multiple versions</li>
	<li>VMware Tanzu Greenplum Data Copy Utility - versions prior to 2.9.5</li>
	<li>VMware Tanzu Greenplum on Kubernetes - versions prior to 1.1.2</li>
	<li>VMware Tanzu Greenplum MCP Server - version prior to 1.0.2</li>
	<li>VMware Tanzu Greenplum Streaming Server - multiple versions</li>
	<li>VMware Tanzu Greenplum Text - versions prior to 4.0.2</li>
	<li>VMware Tanzu RabbitMQ - multiple versions</li>
	<li>VMware Tanzu RabbitMQ on Kubernetes - multiple versions</li>
	<li>VMware Tanzu RabbitMQ on Tanzu Platform - multiple versions</li>
</ul><p>The Cyber Centre encourages users and administrators to review the web links provided and apply the necessary updates.</p>

<p class="mrgn-bttm-md"> </p>

<ul class="list-unstyled"><li><a href="https://support.broadcom.com/web/ecx/security-advisory?segment=VT">Security Advisories - VMware Cloud Foundation</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/django-security-advisory-av26-084</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/django-security-advisory-av26-084"/><title><![CDATA[Django security advisory (AV26-084) – Update 1]]></title><updated>2026-07-09T19:45:45Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7235" about="/en/alerts-advisories/django-security-advisory-av26-084" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="mrgn-bttm-md"><strong>Serial number: </strong>AV26-084<br /><strong>Date:</strong> February 4, 2026<br /><strong>Updated:</strong> July 9, 2026</p>

<p>On February 3, 2026, Django published a security advisory to address vulnerabilities in the following products:</p>

<ul><li>Django 4.2 – versions prior to 4.2.28</li>
	<li>Django 5.2 – versions prior to 5.2.11</li>
	<li>Django 6.0 – versions prior to 6.0.2</li>
</ul><h2>Update 1</h2>

<p>Open-source reporting indicates that CVE-2026-1207 is being exploited.</p>

<p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p>

<ul class="list-unstyled"><li><a href="https://www.djangoproject.com/weblog/2026/feb/03/security-releases/">Django Security Advisory</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/freepbx-security-advisory-av26-680</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/freepbx-security-advisory-av26-680"/><title><![CDATA[FreePBX security advisory (AV26-680)]]></title><updated>2026-07-09T18:02:14Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7963" about="/en/alerts-advisories/freepbx-security-advisory-av26-680" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-680<br /><strong>Date: </strong>July 9, 2026</p>

<p>On July 9, 2026, FreePBX published security advisories to address vulnerabilities in the following products:</p>

<ul><li>FreePBX API (FreePBX 17) – versions prior to 17.0.9</li>
	<li>FreePBX Backup (FreePBX 17) – versions prior to 17.0.11</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the web links provided, apply the necessary updates and perform the suggested mitigations.</p>

<ul class="list-unstyled"><li><a href="https://github.com/FreePBX/security-reporting/security/advisories/GHSA-79rg-3xp6-rqq6">Authenticated API generatedocs Host Command Injection</a></li>
	<li><a href="https://github.com/FreePBX/security-reporting/security/advisories/GHSA-24w6-hpg3-rwfg">Authenticated Arbitrary SSH Key Injection via Backup Module</a></li>
	<li><a href="https://github.com/FreePBX/security-reporting/security/advisories?state=published">FreePBX Security Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-679</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-679"/><title><![CDATA[Google Chrome security advisory (AV26-679)]]></title><updated>2026-07-09T17:34:07Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7962" about="/en/alerts-advisories/google-chrome-security-advisory-av26-679" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-679<br /><strong>Date: </strong>July 9, 2026</p>

<p>On July 8, 2026, Google published a security advisory to address vulnerabilities in the following product:</p>

<ul><li>Stable Channel Chrome for Desktop – versions prior to 150.0.7871.114/115 (Windows/Mac), and 150.0.7871.114 (Linux)</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p>

<ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html">Google Chrome Security Advisory</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/progress-security-advisory-av26-678</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/progress-security-advisory-av26-678"/><title><![CDATA[Progress security advisory (AV26-678)]]></title><updated>2026-07-08T20:01:04Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7960" about="/en/alerts-advisories/progress-security-advisory-av26-678" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26-678<br /><strong>Date:</strong> July 8, 2026</p>

<p>On July 8, 2026, Progress published security advisories to address vulnerabilities in the following product:</p>

<ul><li>MOVEit Transfer – version 2024.1.8 and prior</li>
	<li>MOVEit Transfer – version 2025.0.0 to 2025.0.7</li>
	<li>MOVEit Transfer – version 2025.1.0 to 2025.1.3</li>
	<li>MOVEit Transfer – version 2026.0.0</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://community.progress.com/s/article/MOVEit-Transfer-Critical-Security-Bulletin-June-2026">MOVEit Transfer Critical Security Bulletin – June 2026 – (CVE-2026-10699, CVE-2026-10698, CVE-2026-11903)</a></li>
	<li><a href="https://www.progress.com/trust-center">Progress Trust Center</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/gitlab-security-advisory-av26-677</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/gitlab-security-advisory-av26-677"/><title><![CDATA[GitLab security advisory (AV26-677)]]></title><updated>2026-07-08T19:04:15Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7959" about="/en/alerts-advisories/gitlab-security-advisory-av26-677" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-677<br /><strong>Date: </strong>July 8, 2026</p>

<p>On July 8, 2026, GitLab published a security advisory to address vulnerabilities in the following products:</p>

<ul><li>GitLab Community Edition (CE) – versions prior to 19.1.2, 19.0.4 and 18.11.7</li>
	<li>GitLab Enterprise Edition (EE) – versions prior to 19.1.2, 19.0.4 and 18.11.7</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/?nav=19.1.2 ">GitLab Patch Release: 19.1.2, 19.0.4, 18.11.7</a></li>
	<li><a href="https://about.gitlab.com/releases/categories/releases/">GitLab Releases</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-676</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-676"/><title><![CDATA[Drupal security advisory (AV26-676) ]]></title><updated>2026-07-08T19:00:23Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7958" about="/en/alerts-advisories/drupal-security-advisory-av26-676" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-676<br /><strong>Date: </strong>July 8, 2026</p>

<p>On July 8, 2026, Drupal published security updates for multiple products. Included was a critical update for the following:</p>

<ul><li>Location Selector – versions prior to 1.3.0</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates or perform the suggested mitigations.</p>

<ul class="list-unstyled"><li><a href="https://www.drupal.org/sa-contrib-2026-072">Location Selector - Critical - SQL Injection - SA-CONTRIB-2026-072</a></li>
	<li><a href="https://www.drupal.org/security">Drupal Security Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/juniper-networks-security-advisory-av26-675</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/juniper-networks-security-advisory-av26-675"/><title><![CDATA[Juniper Networks security advisory (AV26-675)]]></title><updated>2026-07-08T17:57:34Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7957" about="/en/alerts-advisories/juniper-networks-security-advisory-av26-675" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-675<br /><strong>Date: </strong>July 8, 2026</p>

<p>On July 8, 2026, Juniper Networks published security advisories to address vulnerabilities in the following products:</p>

<ul><li>Juniper cRPD – all versions</li>
	<li>Juniper CTPView – all versions</li>
	<li>Juniper Network Director – versions prior to 7.1R3</li>
	<li>Junos OS – multiple versions</li>
	<li>Junos OS Evolved – all versions</li>
	<li>Junos OS on MX Series with SPC3 and SRX Series – multiple versions</li>
	<li>Junos Space – all versions</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-CTPView-Multiple-vulnerabilities-resolved-in-9-3R2-3-Release">2026-07 Security Bulletin: CTPView: Multiple vulnerabilities resolved in 9.3R2-3 Release</a></li>
	<li><a href="https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-26-1R1-Patch-V1-Release">2026-07 Security Bulletin: Junos Space: Multiple vulnerabilities resolved in 26.1R1 Patch V1 Release</a></li>
	<li><a href="https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-Evolved-URL-handling-vulnerability-in-libfetch-results-in-heap-buffer-overflow-CVE-2020-7450">2026-07 Security Bulletin: Junos OS Evolved: URL handling vulnerability in libfetch results in heap buffer overflow (CVE-2020-7450)</a></li>
	<li><a href="https://supportportal.juniper.net/s/article/2026-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-SNMPv3-request-results-in-memory-leak-and-eventual-snmpd-crash-CVE-2026-33799">2026-07 Security Bulletin: Junos OS and Junos OS Evolved: Receipt of a specific SNMPv3 request results in memory leak and eventual snmpd crash (CVE-2026-33799)</a></li>
	<li><a href="https://supportportal.juniper.net/s/global-search/%40uri#f-sf_primarysourcename=Knowledge">Juniper Support Portal</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/palo-alto-networks-security-advisory-av26-674</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/palo-alto-networks-security-advisory-av26-674"/><title><![CDATA[Palo Alto Networks security advisory (AV26-674)]]></title><updated>2026-07-08T17:34:16Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7956" about="/en/alerts-advisories/palo-alto-networks-security-advisory-av26-674" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-674<br /><strong>Date: </strong>July 8, 2026</p>

<p>On July 8, 2026, Palo Alto Networks published security advisories to address vulnerabilities in the following products:</p>

<ul><li>PAN-OS 12.1 – versions prior to 12.1.4-h8</li>
	<li>PAN-OS 12.1 – versions prior to 12.1.7-h2</li>
	<li>PAN-OS 12.1 – versions prior to 12.1.8</li>
	<li>PAN-OS 11.2 – versions prior to 11.2.4-h20</li>
	<li>PAN-OS 11.2 – versions prior to 11.2.7-h18</li>
	<li>PAN-OS 11.2 – versions prior to 11.2.10-h12</li>
	<li>PAN-OS 11.2 – versions prior to 11.2.13</li>
	<li>PAN-OS 11.1 – versions prior to 11.1.4-h35</li>
	<li>PAN-OS 11.1 – versions prior to 11.1.6-h35</li>
	<li>PAN-OS 11.1 – versions prior to 11.1.7.h8</li>
	<li>PAN-OS 11.1 – versions prior to 11.1.10-h30</li>
	<li>PAN-OS 11.1 – versions prior to 11.1.13-h9</li>
	<li>PAN-OS 11.1 – versions prior to 11.1.16</li>
	<li>PAN-OS 10.2 – versions prior to 10.2.7-h36</li>
	<li>PAN-OS 10.2 – versions prior to 10.2.10-h39</li>
	<li>PAN-OS 10.2 – versions prior to 10.2.13-h23</li>
	<li>PAN-OS 10.2 – versions prior to 10.2.16-h9</li>
	<li>PAN-OS 10.2 – versions prior to 10.2.18-h8</li>
	<li>Prisma Access 11.20.0 – versions prior to 11.2.7-h18</li>
	<li>Prisma Access 10.2.0 – versions prior to 10.2.10-h39</li>
	<li>Prisma Browser – versions prior to 149.10.3.53</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations, and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://security.paloaltonetworks.com/PAN-SA-2026-0010">PAN-SA-2026-0010 Chromium: Monthly Vulnerability Update (July 2026)</a></li>
	<li><a href="https://security.paloaltonetworks.com/CVE-2026-0288">CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent</a></li>
	<li><a href="https://security.paloaltonetworks.com/">Palo Alto Network Security Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/tanium-security-advisory-av26-673</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/tanium-security-advisory-av26-673"/><title><![CDATA[Tanium security advisory (AV26-673)]]></title><updated>2026-07-08T15:50:04Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7955" about="/en/alerts-advisories/tanium-security-advisory-av26-673" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-673<br /><strong>Date: </strong>July 8, 2026</p>

<p>On July 7, 2026, Tanium published a security advisory to address a vulnerability in the following products:</p>

<ul><li>Tanium Server 2025H1 Release – versions prior to Update MR21 (v7.7.3.8298)</li>
	<li>Tanium Server 2025H2 Release – versions prior to Update MR11 (v7.8.2.1198)</li>
	<li>Tanium Server 2026H1 Release – versions prior to Update MR3 (v7.8.4.1327)</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://security.tanium.com/TAN-2026-016/">Tanium Security Advisories - TAN-2026-016</a></li>
	<li><a href="https://security.tanium.com/">Tanium Security Advisories</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/n8n-security-advisory-av26-672</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/n8n-security-advisory-av26-672"/><title><![CDATA[n8n security advisory (AV26-672)]]></title><updated>2026-07-08T15:22:10Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7954" about="/en/alerts-advisories/n8n-security-advisory-av26-672" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-672<br /><strong>Date: </strong>July 8, 2026</p>

<p>On July 8, 2026, n8n published security advisories to address vulnerabilities in the following product:</p>

<ul><li>n8n – versions prior to 1.123.64</li>
	<li>n8n – versions prior to 2.30.1</li>
	<li>n8n – versions prior to 2.29.8</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.</p>

<ul class="list-unstyled"><li><a href="https://github.com/n8n-io/n8n/security">n8n Security</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/cyber-n8n-security-advisory-av26-672</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/cyber-n8n-security-advisory-av26-672"/><title><![CDATA[Ubiquiti security advisory (AV26-671)]]></title><updated>2026-07-08T15:16:36Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7953" about="/en/alerts-advisories/cyber-n8n-security-advisory-av26-672" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-671<br /><strong>Date: </strong>July 8, 2026</p>

<p>On July 2, 2026, Ubiquiti published a security advisory to address critical vulnerabilities in the following products:</p>

<ul><li>EF-Core – version 5.1.18 and prior</li>
	<li>EFG – version 5.1.15 and prior</li>
	<li>ENVR – version 5.1.15 and prior</li>
	<li>ENVR-Core – version 5.1.15 and prior</li>
	<li>Express 7 – version 5.1.15 and prior</li>
	<li>UCG-Fiber – version 5.1.15 and prior</li>
	<li>UCG-Industrial – version 5.1.15 and prior</li>
	<li>UCG-Max – version 5.1.15 and prior</li>
	<li>UCG-Ultra – version 5.1.15 and prior</li>
	<li>UCK – version 5.1.15 and prior</li>
	<li>UCK-Enterprise – version 5.1.15 and prior</li>
	<li>UCKP – version 5.1.15 and prior</li>
	<li>UDM – version 5.1.15 and prior</li>
	<li>UDM-Beast – version 5.1.15 and prior</li>
	<li>UDM-Pro – version 5.1.15 and prior</li>
	<li>UDM-Pro – version 5.1.15 and prior</li>
	<li>UDM-Pro-Max – version 5.1.15 and prior</li>
	<li>UDM-SE – version 5.1.15 and prior</li>
	<li>UDR – version 5.1.15 and prior</li>
	<li>UDR-5G – version 5.1.15 and prior</li>
	<li>UDR7 – version 5.1.15 and prior</li>
	<li>UDW – version 5.1.15 and prior</li>
	<li>UNAS-2 – version 5.1.16 and prior</li>
	<li>UNAS-4 – version 5.1.16 and prior</li>
	<li>UNAS-Pro – version 5.1.16 and prior</li>
	<li>UNAS-Pro-4 – version 5.1.16 and prior</li>
	<li>UNAS-Pro-8 – version 5.1.16 and prior</li>
	<li>UniFi Access Application – version 4.2.28 and prior</li>
	<li>UniFi Network Application – version 10.3.58 and prior</li>
	<li>UniFi OS Server – version 5.1.15 and prior</li>
	<li>UniFi Protect Application – version 7.1.77 and prior</li>
	<li>UniFi Protect Floodlight – version 1.13.4 and prior</li>
	<li>UniFi Talk Application – version 5.1.2 and prior</li>
	<li>UNVR – version 5.1.15 and prior</li>
	<li>UNVR-G2 – version 5.1.15 and prior</li>
	<li>UNVR-G2-Pro – version 5.1.15 and prior</li>
	<li>UNVR-Instant – version 5.1.15 and prior</li>
	<li>UNVR-Pro – version 5.1.15 and prior</li>
</ul><p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc">Ubiquiti UniFi - Security Advisory Bulletin 066</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/langflow-security-advisory-av26-670</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/langflow-security-advisory-av26-670"/><title><![CDATA[Langflow security advisory (AV26-670)]]></title><updated>2026-07-08T13:05:23Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7952" about="/en/alerts-advisories/langflow-security-advisory-av26-670" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-670<br /><strong>Date: </strong>July 8, 2026</p>

<p>On July 7, 2026, Langflow updated a security advisory to address vulnerabilities in the following product:</p>

<ul><li>Langflow – versions prior to 1.9.1</li>
</ul><p>On July 7, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-55255 to their Known Exploited Vulnerabilities (KEV) Database.</p>

<p class="mrgn-bttm-md">The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available.</p>

<ul class="list-unstyled"><li><a href="https://advisories.gitlab.com/pypi/langflow/CVE-2026-55255/">CVE-2026-55255: Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow</a></li>
	<li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-55255">CISA KEV: CVE-2026-55255</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-647</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-647"/><title><![CDATA[Adobe security advisory (AV26-647) – Update 2]]></title><updated>2026-07-07T19:49:45Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7926" about="/en/alerts-advisories/adobe-security-advisory-av26-647" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26–647<br /><strong>Date:</strong> July 2, 2026<br /><strong>Updated:</strong> July 7, 2026</p>

<p>On June 30, 2026, Adobe published security advisories to address critical vulnerabilities in the following products:</p>

<ul><li>Adobe ColdFusion 2025 – Update 9 and prior</li>
	<li>Adobe ColdFusion 2023 – Update 20 and prior</li>
	<li>Adobe Campaign Classic – version ACC v7: 7.4.3 build 9396 and prior</li>
</ul><h2>Update 1</h2>

<p>Open-source reporting indicates that CVE-2026-48282 is being exploited.</p>

<h2>Update 2</h2>

<p>On July 7, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-48282 to their Known Exploited Vulnerabilities (KEV) Database.</p>

<p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://helpx.adobe.com/security/products/coldfusion/apsb26-68.html">Security update available for Adobe ColdFusion | APSB26-68</a></li>
	<li><a href="https://helpx.adobe.com/security/products/campaign/apsb26-69.html">Security updates available for Adobe Campaign Classic | APSB26-69</a></li>
	<li><a href="https://helpx.adobe.com/security.html">Adobe Security Advisories</a></li>
	<li><a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48282">CISA KEV: CVE-2026-48282</a></li>
</ul><!--CUT & PASTE the French version info --></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-669</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-669"/><title><![CDATA[Google Chrome security advisory (AV26-669)]]></title><updated>2026-07-07T19:47:13Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7951" about="/en/alerts-advisories/google-chrome-security-advisory-av26-669" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26-669<br /><strong>Date:</strong> July 7, 2026</p>

<p>On July 7, 2026, Google published a security advisory to address vulnerabilities in the following product:</p>

<ul><li>Stable Channel Chrome for Desktop – versions prior to0.7871.100/101 (Windows/Mac), and 150.0.7871.100 (Linux)</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates, when available.</p>

<ul class="list-unstyled"><li><a href="https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop.html" rel="nofollow noopener" target="_blank">Google Chrome Security Advisory</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-668</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-668"/><title><![CDATA[HPE security advisory (AV26-668)]]></title><updated>2026-07-07T19:35:43Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7950" about="/en/alerts-advisories/hpe-security-advisory-av26-668" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number:</strong> AV26-668<br /><strong>Date:</strong> July 7, 2026</p>

<p>On July 7, 2026, HPE published security advisories to address vulnerabilities in multiple products. Included were updates for the following:</p>

<ul><li>HPE Aruba Networking Private 5G Core – 1.26.1.0 and prior</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05077en_us&amp;docLocale=en_US">HPESBNW05077 rev.1 - HPE Networking Private 5G Core, Multiple vulnerabilities</a></li>
	<li><a href="https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US">HPE Security Bulletin Library</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/zimbra-security-advisory-av26-667</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/zimbra-security-advisory-av26-667"/><title><![CDATA[Zimbra security advisory (AV26-667)]]></title><updated>2026-07-07T15:44:00Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7948" about="/en/alerts-advisories/zimbra-security-advisory-av26-667" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-667<br /><strong>Date: </strong>July 7, 2026</p>

<p>On July 7, 2026, Zimbra published a security advisory to address vulnerabilities in the following product:</p>

<ul><li>Zimbra Collaboration Suite (ZCS) Classic Web Client – versions prior to v10.1.19</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://blog.zimbra.com/2026/07/patch-release-update-zimbra-10-1-19/">Patch Release Update: Zimbra 10.1.19</a></li>
	<li><a href="https://blog.zimbra.com/">Zimbra Patch Release Updates</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/django-security-advisory-av26-666</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/django-security-advisory-av26-666"/><title><![CDATA[Django security advisory (AV26-666)]]></title><updated>2026-07-07T15:40:38Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7947" about="/en/alerts-advisories/django-security-advisory-av26-666" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-666<br /><strong>Date:</strong> July 7, 2026</p>

<p>On July 7, 2026, Django published a security advisory to address vulnerabilities in the following products:</p>

<ul><li>Django 5.2 – versions prior to 5.2.16</li>
	<li>Django 6.0 – versions prior to 6.0.7</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://www.djangoproject.com/weblog/2026/jul/07/security-releases/">Django Security Advisory</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/samsung-mobile-security-advisory-av26-665</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/samsung-mobile-security-advisory-av26-665"/><title><![CDATA[Samsung mobile security advisory (AV26-665)]]></title><updated>2026-07-07T15:37:11Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7946" about="/en/alerts-advisories/samsung-mobile-security-advisory-av26-665" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-665<br /><strong>Date:</strong> July 7, 2026</p>

<p>On July 7, 2026, Samsung published a security update to address vulnerabilities in the following product:</p>

<ul><li>Samsung mobile devices – versions prior to SMR-JUL-2026 Release 1</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary update.</p>

<ul class="list-unstyled"><li><a href="https://security.samsungmobile.com/securityUpdate.smsb?year=2026&amp;month=07">Samsung Security Updates</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-664</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-664"/><title><![CDATA[[Control systems] ABB security advisory (AV26-664)]]></title><updated>2026-07-07T15:32:18Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7945" about="/en/alerts-advisories/control-systems-abb-security-advisory-av26-664" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-664<br /><strong>Date: </strong>July 7, 2026</p>

<p>On July 6, 2026, ABB published a security advisory to address vulnerabilities in the following product:</p>

<ul><li>ABB Ability zenon – all versions</li>
	<li>APROL – versions prior to R 4.4-01P5</li>
</ul><p>The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.</p>

<ul class="list-unstyled"><li><a href="https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A7840&amp;LanguageCode=en&amp;DocumentPartId=&amp;Action=Launch">ABB Ability zenon Remote Transport Vulnerability (PDF)</a></li>
	<li><a href="https://br-cws-assets.de-fra-1.linodeobjects.com/SA26P011-661853b7.pdf">Security Issues addressed in APROL R 4.4-01P5 (PDF)</a></li>
	<li><a href="https://global.abb/group/en/technology/cyber-security/alerts-and-notifications">ABB Cyber security alerts and notifications</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-663</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-663"/><title><![CDATA[Broadcom VMware security advisory (AV26-663)]]></title><updated>2026-07-07T15:31:37Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7944" about="/en/alerts-advisories/broadcom-vmware-security-advisory-av26-663" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-633<br /><strong>Date: </strong>July 7, 2026</p>

<p>On July 6, 2026, Broadcom published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:</p>

<ul><li>VMware Tanzu for MySQL on Kubernetes – versions prior to 2.0.4</li>
</ul><p>The Cyber Centre encourages users and administrators to review the web links provided and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37858">Product Release Advisory - VMware Tanzu for MySQL on Kubernetes 2.0.4</a></li>
	<li><a href="https://support.broadcom.com/web/ecx/security-advisory?segment=VT">Security Advisories - VMware Cloud Foundation</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry><entry><id>https://cyber.gc.ca/en/alerts-advisories/android-security-advisory-july-2026-monthly-rollup-av26-662</id><link rel="alternate" href="https://cyber.gc.ca/en/alerts-advisories/android-security-advisory-july-2026-monthly-rollup-av26-662"/><title><![CDATA[Android security advisory – July 2026 monthly rollup (AV26-662)]]></title><updated>2026-07-07T15:30:22Z</updated><summary><![CDATA[]]></summary><content><![CDATA[<article data-history-node-id="7943" about="/en/alerts-advisories/android-security-advisory-july-2026-monthly-rollup-av26-662" class="cccs-threats full clearfix">

  
    

  
  <div class="content">
      <div class="layout layout--onecol">
    <div  class="layout__region layout__region--content">
      
<div data-block-plugin-id="extra_field_block:node:cccs_threats:links" class="block block-layout-builder block-extra-field-blocknodecccs-threatslinks clearfix">
  
    

      
  </div>

<div data-block-plugin-id="field_block:node:cccs_threats:body" class="block block-layout-builder block-field-blocknodecccs-threatsbody clearfix">
  
    

      
            <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p><strong>Serial number: </strong>AV26-662<br /><strong>Date: </strong>July 7, 2026</p>

<p>On July 6, 2026, Android published a security bulletin to address vulnerabilities affecting Android devices.</p>

<p>The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.</p>

<ul class="list-unstyled"><li><a href="https://source.android.com/docs/security/bulletin/2026/2026-07-01">Android Security Bulletin — July 2026</a></li>
</ul></div>
      
  </div>

    </div>
  </div>

  </div>

</article>
]]></content><author><name><![CDATA[Canadian Centre for Cyber Security]]></name></author></entry></feed>