es
Feedback
SysAdmin 24x7

SysAdmin 24x7

Ir al canal en Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Mostrar más
4 386
Suscriptores
-224 horas
-77 días
+630 días
Archivo de publicaciones
CVE-2026-40970: Elasticsearch auto-configuration with an SSL bundle disables TLS hostname verification MEDIUM | APRIL 23, 2026 | CVE-2026-40970 Description When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verification when connecting to the Elasticsearch server. Affected Spring Products and Versions Spring Boot: 4.0.0 - 4.0.5 Mitigation Users of affected versions should upgrade to the corresponding fixed version. https://spring.io/security/cve-2026-40970

About the security content of iOS 26.4.2 and iPadOS 26.4.2 This document describes the security content of iOS 26.4.2 and iPadOS 26.4.2. Released April 22, 2026 https://support.apple.com/en-us/127002

Oracle Critical Patch Update Advisory - April 2026 https://www.oracle.com/security-alerts/cpuapr2026.html

ASP.NET Core Elevation of Privilege Vulnerability CVE-2026-40372 Security Vulnerability Released: Apr 21, 2026 Impact Elevation of Privilege Max Severity Important Executive Summary Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40372

Post Mortem: axios npm supply chain compromise Are you affected? Check your lockfile: grep -E "axios@(1\.14\.1|0\.30\.4)|plain-crypto-js" package-lock.json yarn.lock 2>/dev/null If anything comes back, treat that machine as compromised: Downgrade to axios@1.14.0 (or 0.30.3 for 0.x users) Delete node_modules/plain-crypto-js/ Rotate every secret, token, and credential on that machine Check your network logs for connections to sfrclak[.]com or 142.11.206.73 on port 8000 If this happened on a CI runner, rotate any secrets that were injected during the affected build If you were already pinned to a clean version and didn't run a fresh install between 00:21 and 03:15 UTC on March 31, you're fine. https://github.com/axios/axios/issues/10636

Supply Chain Compromise Impacts Axios Node Package Manager​ Release DateApril 20, 2026 The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this alert to provide guidance in response to the software supply chain compromise of the Axios node package manager (npm).1 Axios is an HTTP client for JavaScript that developers commonly use in Node.js and browser environments. On March 31, 2026, two npm packages for versions axios@1.14.1 and axios@0.30.4 of Axios npm injected the malicious dependency plain-crypto-js@4.2.1 that downloads multi-stage payloads from cyber threat actor infrastructure, including a remote access trojan. https://www.cisa.gov/news-events/alerts/2026/04/20/supply-chain-compromise-impacts-axios-node-package-manager

Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001 Date: 2026-April-15 Security risk: Critical CVE IDs: CVE-2026-6365 Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain options, which which can lead to a cross-site scripting (XSS) vulnerability. https://www.drupal.org/sa-core-2026-001

Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities Advisory ID: cisco-sa-ise-rce-traversal-8bYndVrZ First Published: 2026 April 15 16:00 GMT Version 1.0: Final Cisco Bug IDs: CSCws52717 CSCws52738 CVSS Score: Base 9.9 Vulnerable Products These vulnerabilities affect Cisco ISE and Cisco ISE-PIC, regardless of device configuration https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ

Cisco Identity Services Engine Remote Code Execution Vulnerabilities Advisory ID: cisco-sa-ise-rce-4fverepv First Published: 2026 April 15 16:00 GMT Version 1.0: Final Cisco Bug IDs: CSCwq21242 CSCwq22993 CVSS Score: Base 9.9 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv

Cisco Webex Services Certificate Validation Vulnerability Advisory ID: cisco-sa-webex-cui-cert-8jSZYhWL First Published: 2026 April 15 16:00 GMT Version 1.0: Final Cisco Bug IDs: CSCwt37111 CVSS Score: Base 9.8 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL

Múltiples vulnerabilidades en Identity Exposure de Tenable Fecha 15/04/2026 Importancia 5 - Crítica Recursos Afectados Tenable Identity Exposure, versión 3.77.16 y anteriores. Descripción Tenable ha publicado un aviso donde informa de 19 vulnerabilidades, 1 de severidad crítica, 10 altas, 6 medias y 3 bajas. En caso de ser explotadas podrían permitir la lectura de ficheros sensibles, entre otras acciones. Solución Actualizar el producto a la versión 3.77.17. https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-identity-exposure-de-tenable

Múltiples vulnerabilidades en FortiSandbox Fecha 15/04/2026 Importancia 5 - Crítica Recursos Afectados FortiSandbox 4.4, desde la versión 4.4.0 hasta la 4.4.8. Solo para la vulnerabilidad CVE-2026-39813 también se ve afectado: FortiSandbox 5.0, desde la versión 5.0.0 hasta la 5.0.5. Descripción Samuel de Lucas Maroto de KPMG Spain y Loic Pantano de Fortinet PSIRT han descubierto 2 vulnerabilidades de severidad crítica que, en caso de ser explotadas, podrían permitir a un atacante ejecutar comandos no autorizados o evitar la autenticación en el sistema. https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-fortisandbox

Múltiples vulnerabilidades en productos de Adobe Fecha 15/04/2026 Importancia 4 - Alta Recursos Afectados Acrobat DC, versiones 26.001.21411, 26.001.21367 y anteriores; Acrobat Reader DC, versiones 26.001.21411, 26.001.21367 y anteriores; Acrobat 2024, versión 24.001.30356 y anteriores: Acrobat 2024 Windows, versión 24.001.30362 y anteriores; Acrobat 2024 Mac, versión 24.001.30360 y versiones anteriores; Adobe InDesign, versiones ID21.2, ID20.5.2 y todas las anteriores; Adobe InCopy , versiones 21.2, 20.5.2 y anteriores; Adobe Experience Manager (AEM) Screens, versiones 6.5 Service Pack 24, Feature Pack 11.7 o anteriores; Adobe FrameMaker, actualización de lanzamiento 8 de 2022 y versiones anteriores; Adobe Connect, versión 12.10 y anteriores; Aplicación de escritorio Adobe Connect, versión 2025.3 y anteriores; ColdFusion 2025, actualización 6 y versiones anteriores; ColdFusion 2023, actualización 18 y versiones anteriores; Adobe Bridge, versiones 15.1.4 (LTS), 16.0.2 y anteriores; Photoshop 2026, versión 27.4 y anteriores; Adobe DNG Software Development Kit (SDK), SDK de DNG 1.7.1 compilación 2502 y versiones anteriores; Illustrator 2025, versión 29.8.5 y anteriores; Ilustrador 2026, versión 30.2 y versiones anteriores. https://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-en-productos-de-adobe

Múltiples vulnerabilidades en Fusion Desktop de Autodesk Fecha 15/04/2026 Importancia 4 - Alta Recursos Afectados Autodesk Fusion Desktop en la versión 2606.0 y todas las anteriores. Descripción Abdul-lateef Yusuff Goke de Alpha Aquila y Karim Belfodil de qatada han reportado 3 vulnerabilidades de severidad alta que, en caso de explotarse, podrían facilitar a un atacante leer archivos locales o ejecutar código arbitrario. Solución Se recomienda encarecidamente instalar la versión 2702.1.47 o posterior para estar protegido ante estas vulnerabilidades. Para su instalación, consulte el enlace de las referencias. https://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-en-fusion-desktop-de-autodesk

Microsoft - April 2026 Security Updates https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr

CVE-2026-34040 Detail Description Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1. https://nvd.nist.gov/vuln/detail/CVE-2026-34040 https://explore.alas.aws.amazon.com/CVE-2026-34040.html https://github.com/moby/moby/releases/tag/docker-v29.3.1

SAML SSO - Service Provider - Critical - Authentication bypass - SA-CONTRIB-2026-031 Project: SAML SSO - Service Provider Date: 2026-April-01 Security risk: Critical Vulnerability: Authentication bypass Affected versions: <3.1.4 CVE IDs: CVE-2026-5343 Description: This module enables you to perform SAML-protocol-based single-sign-on (SSO) on a Drupal site. The module doesn't sufficiently block access, leading to a authentication bypass vulnerability. Solution: Install the latest version: https://www.drupal.org/sa-contrib-2026-031

Product Release Advisory - VMware Tanzu for MySQL on Kubernetes 2.0.2 Advisory ID: TNZ-2026-0257 Severity: Critical Issue Date: 2026-04-02 Synopsis Many critical & high vulnerabilities were found in MySQL for Kubernetes 2.0.1, which is addressed in MySQL for Kubernetes 2.0.2 Product Version Release Advisory VMware Tanzu for MySQL on Kubernetes https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37340

DSA-6197-1 Name: DSA-6197-1 Description: dovecot - security update Source: Debian References: CVE-2025-59031, CVE-2025-59032, CVE-2026-27855, CVE-2026-27856, CVE-2026-27857, CVE-2026-27858, CVE-2026-27859 Vulnerable and fixed packages The table below lists information on source packages. Source Package Release Version Status dovecot (PTS) bookworm 1:2.3.19.1+dfsg1-2.1+deb12u1 vulnerable bookworm (security) 1:2.3.19.1+dfsg1-2.1+deb12u2 fixed trixie 1:2.4.1+dfsg1-6+deb13u3 vulnerable trixie (security) 1:2.4.1+dfsg1-6+deb13u4 fixed https://security-tracker.debian.org/tracker/DSA-6197-1