SysAdmin 24x7
Ir al canal en Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
Mostrar más4 386
Suscriptores
-224 horas
-77 días
+630 días
Archivo de publicaciones
4 385
CVE-2026-40970: Elasticsearch auto-configuration with an SSL bundle disables TLS hostname verification
MEDIUM | APRIL 23, 2026 | CVE-2026-40970
Description
When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verification when connecting to the Elasticsearch server.
Affected Spring Products and Versions
Spring Boot:
4.0.0 - 4.0.5
Mitigation
Users of affected versions should upgrade to the corresponding fixed version.
https://spring.io/security/cve-2026-40970
4 385
About the security content of iOS 26.4.2 and iPadOS 26.4.2
This document describes the security content of iOS 26.4.2 and iPadOS 26.4.2.
Released April 22, 2026
https://support.apple.com/en-us/127002
4 385
Oracle Critical Patch Update Advisory - April 2026
https://www.oracle.com/security-alerts/cpuapr2026.html
4 385
ASP.NET Core Elevation of Privilege Vulnerability
CVE-2026-40372
Security Vulnerability
Released: Apr 21, 2026
Impact Elevation of Privilege
Max Severity Important
Executive Summary
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40372
4 385
Post Mortem: axios npm supply chain compromise
Are you affected?
Check your lockfile:
grep -E "axios@(1\.14\.1|0\.30\.4)|plain-crypto-js" package-lock.json yarn.lock 2>/dev/null
If anything comes back, treat that machine as compromised:
Downgrade to axios@1.14.0 (or 0.30.3 for 0.x users)
Delete node_modules/plain-crypto-js/
Rotate every secret, token, and credential on that machine
Check your network logs for connections to sfrclak[.]com or 142.11.206.73 on port 8000
If this happened on a CI runner, rotate any secrets that were injected during the affected build
If you were already pinned to a clean version and didn't run a fresh install between 00:21 and 03:15 UTC on March 31, you're fine.
https://github.com/axios/axios/issues/10636
4 385
Supply Chain Compromise Impacts Axios Node Package Manager
Release DateApril 20, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this alert to provide guidance in response to the software supply chain compromise of the Axios node package manager (npm).1 Axios is an HTTP client for JavaScript that developers commonly use in Node.js and browser environments.
On March 31, 2026, two npm packages for versions axios@1.14.1 and axios@0.30.4 of Axios npm injected the malicious dependency plain-crypto-js@4.2.1 that downloads multi-stage payloads from cyber threat actor infrastructure, including a remote access trojan.
https://www.cisa.gov/news-events/alerts/2026/04/20/supply-chain-compromise-impacts-axios-node-package-manager
4 385
Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001
Date: 2026-April-15
Security risk: Critical
CVE IDs: CVE-2026-6365
Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain options, which which can lead to a cross-site scripting (XSS) vulnerability.
https://www.drupal.org/sa-core-2026-001
4 385
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
Advisory ID: cisco-sa-ise-rce-traversal-8bYndVrZ
First Published: 2026 April 15 16:00 GMT
Version 1.0: Final
Cisco Bug IDs: CSCws52717 CSCws52738
CVSS Score: Base 9.9
Vulnerable Products
These vulnerabilities affect Cisco ISE and Cisco ISE-PIC, regardless of device configuration
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ
4 385
Cisco Identity Services Engine Remote Code Execution Vulnerabilities
Advisory ID: cisco-sa-ise-rce-4fverepv
First Published: 2026 April 15 16:00 GMT
Version 1.0: Final
Cisco Bug IDs: CSCwq21242 CSCwq22993
CVSS Score: Base 9.9
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv
4 385
Cisco Webex Services Certificate Validation Vulnerability
Advisory ID: cisco-sa-webex-cui-cert-8jSZYhWL
First Published: 2026 April 15 16:00 GMT
Version 1.0: Final
Cisco Bug IDs: CSCwt37111
CVSS Score: Base 9.8
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL
4 385
Múltiples vulnerabilidades en Identity Exposure de Tenable
Fecha 15/04/2026
Importancia 5 - Crítica
Recursos Afectados
Tenable Identity Exposure, versión 3.77.16 y anteriores.
Descripción
Tenable ha publicado un aviso donde informa de 19 vulnerabilidades, 1 de severidad crítica, 10 altas, 6 medias y 3 bajas. En caso de ser explotadas podrían permitir la lectura de ficheros sensibles, entre otras acciones.
Solución
Actualizar el producto a la versión 3.77.17.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-identity-exposure-de-tenable
4 385
Múltiples vulnerabilidades en FortiSandbox
Fecha 15/04/2026
Importancia 5 - Crítica
Recursos Afectados
FortiSandbox 4.4, desde la versión 4.4.0 hasta la 4.4.8.
Solo para la vulnerabilidad CVE-2026-39813 también se ve afectado:
FortiSandbox 5.0, desde la versión 5.0.0 hasta la 5.0.5.
Descripción
Samuel de Lucas Maroto de KPMG Spain y Loic Pantano de Fortinet PSIRT han descubierto 2 vulnerabilidades de severidad crítica que, en caso de ser explotadas, podrían permitir a un atacante ejecutar comandos no autorizados o evitar la autenticación en el sistema.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-fortisandbox
4 385
Múltiples vulnerabilidades en productos de Adobe
Fecha 15/04/2026
Importancia 4 - Alta
Recursos Afectados
Acrobat DC, versiones 26.001.21411, 26.001.21367 y anteriores;
Acrobat Reader DC, versiones 26.001.21411, 26.001.21367 y anteriores;
Acrobat 2024, versión 24.001.30356 y anteriores:
Acrobat 2024 Windows, versión 24.001.30362 y anteriores;
Acrobat 2024 Mac, versión 24.001.30360 y versiones anteriores;
Adobe InDesign, versiones ID21.2, ID20.5.2 y todas las anteriores;
Adobe InCopy , versiones 21.2, 20.5.2 y anteriores;
Adobe Experience Manager (AEM) Screens, versiones 6.5 Service Pack 24, Feature Pack 11.7 o anteriores;
Adobe FrameMaker, actualización de lanzamiento 8 de 2022 y versiones anteriores;
Adobe Connect, versión 12.10 y anteriores;
Aplicación de escritorio Adobe Connect, versión 2025.3 y anteriores;
ColdFusion 2025, actualización 6 y versiones anteriores;
ColdFusion 2023, actualización 18 y versiones anteriores;
Adobe Bridge, versiones 15.1.4 (LTS), 16.0.2 y anteriores;
Photoshop 2026, versión 27.4 y anteriores;
Adobe DNG Software Development Kit (SDK), SDK de DNG 1.7.1 compilación 2502 y versiones anteriores;
Illustrator 2025, versión 29.8.5 y anteriores;
Ilustrador 2026, versión 30.2 y versiones anteriores.
https://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-en-productos-de-adobe
4 385
Múltiples vulnerabilidades en Fusion Desktop de Autodesk
Fecha 15/04/2026
Importancia 4 - Alta
Recursos Afectados
Autodesk Fusion Desktop en la versión 2606.0 y todas las anteriores.
Descripción
Abdul-lateef Yusuff Goke de Alpha Aquila y Karim Belfodil de qatada han reportado 3 vulnerabilidades de severidad alta que, en caso de explotarse, podrían facilitar a un atacante leer archivos locales o ejecutar código arbitrario.
Solución
Se recomienda encarecidamente instalar la versión 2702.1.47 o posterior para estar protegido ante estas vulnerabilidades. Para su instalación, consulte el enlace de las referencias.
https://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-en-fusion-desktop-de-autodesk
4 385
Microsoft - April 2026 Security Updates
https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr
4 385
SAP Security Patch Day - April 2026
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/april-2026.html
4 385
CVE-2026-34040 Detail
Description
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
https://nvd.nist.gov/vuln/detail/CVE-2026-34040
https://explore.alas.aws.amazon.com/CVE-2026-34040.html
https://github.com/moby/moby/releases/tag/docker-v29.3.1
4 385
SAML SSO - Service Provider - Critical - Authentication bypass - SA-CONTRIB-2026-031
Project: SAML SSO - Service Provider
Date: 2026-April-01
Security risk: Critical
Vulnerability: Authentication bypass
Affected versions: <3.1.4
CVE IDs: CVE-2026-5343
Description:
This module enables you to perform SAML-protocol-based single-sign-on (SSO) on a Drupal site.
The module doesn't sufficiently block access, leading to a authentication bypass vulnerability.
Solution:
Install the latest version:
https://www.drupal.org/sa-contrib-2026-031
4 385
Product Release Advisory - VMware Tanzu for MySQL on Kubernetes 2.0.2
Advisory ID: TNZ-2026-0257
Severity: Critical
Issue Date: 2026-04-02
Synopsis
Many critical & high vulnerabilities were found in MySQL for Kubernetes 2.0.1, which is addressed in MySQL for Kubernetes 2.0.2
Product Version Release Advisory
VMware Tanzu for MySQL on Kubernetes
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37340
4 385
DSA-6197-1
Name: DSA-6197-1
Description: dovecot - security update
Source: Debian
References: CVE-2025-59031, CVE-2025-59032, CVE-2026-27855, CVE-2026-27856, CVE-2026-27857, CVE-2026-27858, CVE-2026-27859
Vulnerable and fixed packages
The table below lists information on source packages.
Source Package Release Version Status
dovecot (PTS) bookworm 1:2.3.19.1+dfsg1-2.1+deb12u1 vulnerable
bookworm (security) 1:2.3.19.1+dfsg1-2.1+deb12u2 fixed
trixie 1:2.4.1+dfsg1-6+deb13u3 vulnerable
trixie (security) 1:2.4.1+dfsg1-6+deb13u4 fixed
https://security-tracker.debian.org/tracker/DSA-6197-1
¡Ya disponible! Investigación de Telegram 2025 — los principales insights del año 
