Researchers Report RCE Vulnerabilities in PostgreSQL and MariaDBResearchers uncovered critical RCE vulnerabilities in PostgreSQL and MariaDB, including 20-year-old heap buffer overflows in core extensions and JSON validation logic. The flaws allow authenticated users to escalate privileges and execute arbitrary OS commands, affecting a vast majority of cloud-hosted database environments.**Make sure your PostgreSQL and MariaDB databases are isolated from the internet and accessible only from trusted networks. Then update PostgreSQL to 18.2, 17.8, 16.12, 15.16, or 14.21 (and MariaDB to 11.4.10 or 11.8.6). Audit user permissions to remove any unnecessary CREATE or FILE privileges.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/researchers-report-rce-vulnerabilities-in-postgresql-and-mariadb-k-g-q-6-j/gD2P6Ple2L

Debian Security Advisory 6239-1 https://packetstorm.news/files/220195 #advisory

Microsoft Patches Critical CVSS 10.0 SSRF Vulnerability in Entra IDMicrosoft patched a critical SSRF vulnerability (CVE-2026-35431) in Entra ID Entitlement Management with a CVSS score of 10.0 that allowed unauthenticated spoofing and internal network access. The flaw was fixed server-side, requiring no action from users to secure their environments.**No action is needed on your part, Microsoft already fixed this vulnerability on their cloud servers on April 23, 2026. As a good practice, review your Entra ID sign-in and audit logs for any unusual activity from before that date, and ensure multi-factor authentication is enforced for all admin accounts.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/microsoft-patches-critical-cvss-10-0-ssrf-vulnerability-in-entra-id-c-d-3-y-z/gD2P6Ple2L

#OT #Advisory VDE-2026-040CODESYS EtherNetIP - Improper timeout handlingCODESYS EtherNet/IP is an add‑on for the CODESYS Development System that provides a fully integrated EtherNet/IP protocol stack along with diagnostic capabilities. A flaw in the EtherNet/IP adapter protocol stack library results in a vulnerability within the generated application code. When an EtherNet/IP adapter is configured, this vulnerable protocol stack is downloaded to and executed by CODESYS Control runtime systems.#CVE CVE-2026-35225https://certvde.com/en/advisories/vde-2026-040/#oCSAF#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-04_vde-2026-040.json

Critical RCE Vulnerability in SGLang AI Framework via Malicious GGUF ModelsSGLang disclosed a critical RCE vulnerability CVE-2026-5760 caused by unsandboxed Jinja2 template rendering in its reranking endpoint. Attackers can exploit this by tricking users into loading malicious GGUF model files that run arbitrary Python code.**If you run SGLang for serving LLMs, treat it as unsafe right now: restrict the API to trusted internal networks only, run it in a non-privileged container, and do not load any GGUF models from public repositories like Hugging Face until the maintainers release a patch. As a temporary fix, have your team manually patch the source to use Jinja2's ImmutableSandboxedEnvironment instead of the default environment.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/critical-rce-vulnerability-in-sglang-ai-framework-via-malicious-gguf-models-l-4-1-8-t/gD2P6Ple2L

#OT #Advisory VDE-2026-032Endress+Hauser: sudo vulnerability affects Endress+Hauser MCS200HWThe display unit of the Endress+Hauser MCS200HW is affected by a sudo chroot vulnerability.#CVE CVE-2025-32463https://certvde.com/en/advisories/vde-2026-032/#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-032.json

Critical Remote Code Execution Vulnerability Discovered in Protobuf.js LibraryProtobuf.js patched a critical remote code execution vulnerability (CVE-2026-41242) caused by unsafe dynamic code generation when processing malicious protobuf schemas. The flaw allows attackers to execute arbitrary JavaScript code on servers or developer machines, potentially exposing sensitive credentials and enabling lateral movement.**If your applications use protobuf.js (or libraries like gRPC, Firebase, or Google Cloud SDKs), update protobuf.js to version 8.0.1 or 7.5.5 ASAP. Run npm audit to catch hidden dependencies. Going forward, only load schemas you control and prefer precompiled static schemas in production to avoid this class of attack entirely.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/critical-remote-code-execution-vulnerability-discovered-in-protobuf-js-library-o-k-k-y-h/gD2P6Ple2L

Ubuntu Security Notice USN-8185-1 https://packetstorm.news/files/219105 #advisory

GitHub Webhook Secret Exposure: Some Secrets Inadvertently Leaked in HTTP Headers Between September 2025 and January 2026A bug in GitHub's new webhook delivery platform (active Sept 2025–Jan 2026) inadvertently exposed webhook secrets in an HTTP header, potentially allowing attackers who obtained them to forge GitHub webhook payloads. GitHub has notified affected owners and urged them to immediately rotate their webhook secrets, purge any logs containing the exposed headers, and verify HMAC signature validation.**If you received a notification from GitHub about this webhook secret exposure, rotate your affected webhook secrets immediately and purge any HTTP request header logs on your receiving systems that may contain the leaked secrets. After rotating, verify that your endpoint is properly validating the X-Hub-Signature-256 header with the new secret to prevent forged payloads. If you are using CircleCI, check their advisory as well.**#cybersecurity #infosec #advisory #vulnerabilityhttps://beyondmachines.net/event_details/github-webhook-secret-exposure-incident-secrets-inadvertently-leaked-in-http-headers-between-september-2025-and-january-2026-l-j-3-7-t/gD2P6Ple2L