SysAdmin 24x7

Desbordamiento de búfer en productos Poly Voice de HP Fecha 02/06/2026 Importancia 5 - Crítica Recursos Afectados HP Poly VVX con versiones anteriores a UCS 6.4.8; HP Poly Trio 8300 con versiones anteriores a UCS 8.1.7; HP Poly Trio 8500 con versiones anteriores UCS 7.2.8; HP Poly Trio 8800 con versiones anteriores a UCS 7.2.8. Descripción Stephen Fewer, de Rapid7, ha reportado una vulnerabilidad de severidad crítica que, en caso de ser explotada, podría permitir a un atacante la ejecución remota de código comprometiendo la confidencialidad, integridad y disponibilidad de los sistemas afectados.  Solución HP recomienda actualizar los dispositivos afectados a las versiones de firmware corregidas publicadas mediante HP Poly Lens. Como medida de mitigación adicional, se recomienda deshabilitar la conectividad ICE (Interactive Connectivity Establishment) cuando no sea necesaria. https://www.incibe.es/incibe-cert/alerta-temprana/avisos/desbordamiento-de-bufer-en-productos-poly-voice-de-hp

Múltiples vulnerabilidades en Telco Network Function Virtualization Orchestrator de HPE Fecha 03/06/2026 Importancia Recursos Afectados Versiones de HPE Telco Network Function Virtualization Orchestrator v.7.6.0 y anteriores. Descripción HPE ha informado sobre 9 vulnerabilidades en HPE Telco Network Function Virtualization Orchestrator, incluyendo 2 vulnerabilidades de severidad crítica, 3 de severidad alta, 2 de severidad media y 2 de severidad baja. La explotación exitosa de las vulnerabilidades más críticas podría permitir a un atacante ejecutar código arbitrario, comprometer la confidencialidad e integridad de la información o provocar condiciones de denegación de servicio en los sistemas afectados. Solución Actualizar HPE Telco Network Function Virtualization Orchestrator a la versión v.7.7.0 o posteriores. https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-telco-network-function-virtualization-orchestrator

V kb4853 Vulnerability Resolved in Veeam Service Provider Console 9.2.1 Date published: 2026-05-27 | Type: security | Product: Veeam Service Provider Console 9.2; Veeam Service Provider Console 9.1; Veeam Service Provider Console 9 kb4857 List of Security Fixes and Improvements in Veeam Recovery Orchestrator Date published: 2026-05-27 | Type: article | Product: Veeam Recovery Orchestrator kb4850 Release Information for Veeam Backup for Microsoft Azure 8.1 Patch 2 Date published: 2026-05-27 | Type: article | Product: Veeam Plug-In for Microsoft Azure 8.1 kb4851 Release Information for Veeam Backup for AWS 10.1 Date published: 2026-05-27 | Type: article | Product: Veeam Plug-In for AWS 10 kb4859 Release Information for Veeam Backup for Google Cloud 7.0.1 Date published: 2026-05-27 | Type: article | Product: Veeam Plug-In for Google Cloud 7 kb4858 List of Security Fixes and Improvements in Veeam ONE Date published: 2026-05-27 | Type: security | Product: Veeam ONE kb4852 Vulnerabilities Resolved in Veeam Backup & Replication 13.0.2 Date published: 2026-05-27 | Type: security kb4856 List of Security Fixes and Improvements in Veeam Service Provider Console Date published: 2026-05-27 | Type: security | Product: Veeam Service Provider Console 9.2

Oracle Critical Security Patch Update Advisory - May 2026 Description A Critical Security Patch Update (CSPU) provides targeted, high-priority security fixes in a smaller, more focused format, making them easier to apply with minimal disruption. Critical Security Patch Updates complement Oracle’s existing quarterly cumulative Critical Patch Updates (CPUs). These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. Prior Critical Patch Update and Critical Security Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to Critical Patch Updates, Critical Security Patch Updates, Security Alerts and Bulletins for information about Oracle Security advisories. https://www.oracle.com/security-alerts/cspumay2026.html

Desbordamiento de búfer en NGINX en F5 Fecha 25/05/2026 Importancia 5 - Crítica Recursos Afectados Los siguientes productos y versiones se encuentran afectados: NGINX Open Source versiones anteriores a la 1.31.1; NGINX Plus versiones anteriores a la 37.0.1.1. Descripción Mufeed VH, de Nebula Security, ha reportado una vulnerabilidad de severidad crítica que, en caso de ser explotada, podría permitir a un atacante remoto realizar una denegación de servicio en el sistema NGINX y, en determinadas condiciones, ejecutar código arbitrario. Solución F5 recomienda actualizar los productos afectados a las siguientes versiones corregidas: NGINX Open Source 1.31.1 o posterior; NGINX Plus 37.0.1.1 o posterior. https://www.incibe.es/incibe-cert/alerta-temprana/avisos/desbordamiento-de-bufer-en-nginx-en-f5

Validación de entrada incorrecta en el servidor de UniFI OS Fecha 22/05/2026 Importancia 5 - Crítica https://www.incibe.es/incibe-cert/alerta-temprana/avisos/validacion-de-entrada-incorrecta-en-el-servidor-de-unifi-os

Cisco Secure Workload Unauthorized API Access Vulnerability Advisory ID: cisco-sa-csw-pnbsa-g8WEnuy First Published: 2026 May 20 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: CSCwt99942 CVSS Score: Base 10.0 Summary A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension https://thehackernews.com/2026/05/github-internal-repositories-breached.html

Upcoming highly critical release on May 20, 2026 - PSA-2026-05-18 Date: 2026-May-18 Security risk: Highly critical Description: There will be a Drupal core security release for all supported branches on May 20, 2026, between 17:00 and 21:00 UTC. (To see this in your local timezone, refer to the Drupal Core Calendar.) The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days. Supported core versions Security releases will be provided for all the currently supported branches of Drupal core, which are: 11.3.x 11.2.x 10.6.x 10.5.x Sites on one of these supported versions should update to the latest patch release for the given branch now in preparation for the security window. https://www.drupal.org/psa-2026-05-18

K000161027: NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability CVE-2026-42946 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.8.42-1.30.0 Security Advisory Description A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules that may result in excessive memory allocation or an over-read of data. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with man-in-the-middle (MITM) ability to control responses from an upstream server may be able to read the memory of the NGINX worker process or restart it. (CVE-2026-42946) Impact This vulnerability may allow remote attackers to restart or disclose the memory of the NGINX worker process. There is no control plane exposure; this is a data plane issue only. https://my.f5.com/manage/s/article/K000161027

K000161131: NGINX ngx_http_proxy_v2_module vulnerability CVE-2026-42926 Security Advisory Description When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxy_http_version to 2, and also uses proxy_set_body, an attacker may be able to inject frame headers and payload bytes to the upstream peer. (CVE-2026-42926) Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 1.29.4-1.30.0 https://my.f5.com/manage/s/article/K000161131

K000161019: NGINX ngx_http_rewrite_module vulnerability CVE-2026-42945 Date: May 13, 2026 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 1.29.4-1.30.0 Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, for systems with Address Space Layout Randomization (ASLR ) disabled, code execution is possible. (CVE-2026-42945) https://my.f5.com/manage/s/article/K000161019

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia, the security vulnerability is tracked as CVE-2026-46300 (CVSS score: 7.8) and is rooted in the Linux kernel's XFRM ESP-in-TCP subsystem. It was discovered by researcher William Bowling of Zellic and the V12 security team. "The vulnerability allows unprivileged local attackers to modify read-only file contents in the kernel page cache and achieve root privileges through a deterministic page-cache corruption primitive," Google-owned Wiz said. https://thehackernews.com/2026/05/new-fragnesia-linux-kernel-lpe-grants.html

Microsoft Exchange Server Spoofing Vulnerability CVE-2026-42897 Released: May 14, 2026 Impact Spoofing Max Severity Critical Weakness CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CVSS: 7.5 Executive Summary Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. Exploitability The following table provides an exploitability assessment for this vulnerability at the time of original publication. Publicly disclosed No Exploited Yes Exploitability assessment Exploitation Detected https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42897

VMSA-2026-0003: VMware Fusion updates address privilege escalation vulnerability (CVE-2026-41702) Advisory ID:  VMSA-2026-0003 Advisory Severity: Important CVSSv3 Range: 7.8 Synopsis: VMware Fusion updates address privilege escalation vulnerability (CVE-2026-41702) Issue date: 2025-05-14 CVE(s) CVE-2026-41702   Impacted Products VMware Fusion Introduction A local privilege escalation vulnerability in VMware Fusion was privately reported to Broadcom. Updates are available to remediate this vulnerability in affected Broadcom products.  https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37454

Linux Kernel Vulnerability copy.fail - CVE-2026-31431 IR Number FG-IR-26-139 Published Date May 13, 2026 Component CLI Severity High Discovered Third-Party Library Attack Type Authenticated Known Exploited No CVSSv3 Score 7.8 Impact Escalation of privilege CVE ID CVE-2026-31431 https://fortiguard.fortinet.com/psirt/FG-IR-26-139

SAP Security Patch Day - May 2026 https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2026.html

Microsoft - May 2026 Security Updates https://msrc.microsoft.com/update-guide/releaseNote/2026-May

Product Release Advisory - VMware Tanzu GemFire Management Console 1.4.4 Advisory ID: TNZ-2026-0260 Severity: Critical Issue Date: 2026-05-05 Synopsis Updated Spring, Tomcat and other libraries along with latest Prometheus version in OCI image with latest Photon image VMware Tanzu Data Intelligence VMware Tanzu Data Services Pack VMware Tanzu Data Suite VMware Tanzu Gemfire https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37439

CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal CVSS-BT: 9.3 Description A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability. https://security.paloaltonetworks.com/CVE-2026-0300