@CCBalert profile picture
CCB Alert @CCBalert

CCB Alert is the advisory page of the Centre for Cybersecurity Belgium @CCBbelgium. Use info@ccb.belgium.be for interaction.

Joined August 2009
  • Tweets 3,463
  • Following 200
  • Followers 7,212
145 Photos and videos
Warning: 2 Critical Improper Access Control,Path traversal in #PaloAlto #Idira Secrets Manager SaaS,Privileged Session Manager #PSM #CyberArk CVE-2026-45171 #CVE-2026-45177 CVSS: 9.1-8.7 Remote attackers can exploit them to execute arbitrary code and bypass id verification #Patch
1
213
Warning: Critical Actively-Exploited in #Oracle #Peoplesoft #CVE-2026-35273 CVSS: 9.8. It can lead to remote code execution #RCE! #Patch #Patch #Patch
1
179
Warning: Critical #RCE OS command injection in #Ivanti #Sentry #CVE-2026-10520 CVSS: 10 It has been added to #CISA #KEV list as it's actively exploited. See our advisory: ccb.belgium.be/advisories/wa… #Patch #Patch #Patch
2
171
Warning: Fortinet addresses a critical OS command injection vulnerability in FortiSandbox. CVE-2026-25089 CVSS: 9.8. Successful exploitation could result in arbitrary commands execution on the affected systems. #PoC exploit is available! #Patch #Patch #Patch
206
Warning: Splunk has released multiple high and critical vulnerabilities in Splunk Enterprise. CVE-2026-20253 (CVSS 9.8) allows an unauthenticated attacker to create or truncate arbitrary files. CVE-2026-20251 (CVSS 8.8) could allow a low-privileged user to perform #RCE! #Patch
1
240
Warning: Palo Alto released security updates to address several vulnerabilities affecting Palo Alto Cortex and PAN-OS. CVE-2026-0274 (CVSS 9.1) is an improper validation of credentials, allowing an unauthenticated attacker to access and modify protected resources. #Patch #Patch
178
Warning: Critical vulnerability in #Veeam Backup & Replication allows Remote Code Execution (#RCE) on the Backup Server by an authenticated domain user. CVE-2026-44963 CVSS:4.0 9.4. Read our advisory ccb.belgium.be/advisories/wa… and #patch #patch #patch
2
218
Warning: High severity stored #XSS vulnerabilities in #VMware Cloud Foundation Operations (also Aria Operations, vSphere Foundation and Telco Cloud Platform). An authenticated attacker can inject scripts to perform administrative actions. support.broadcom.com/web/ecx… #Patch #Patch

Support Content Notification - Support Portal - Broadcom support portal

support.broadcom.com
2
2
342
Warning: Three critical vulnerabilities in #Jupyter Enterprise Gateway allow unauthenticated Remote Code Execution and full Kubernetes cluster takeover via YAML injection and Server-Side Template Injection. Proof of concept is available orca.security/resources/blog… #RCE #PoC #Patch

Critical Jupyter Enterprise Gateway Vulnerabilities Enable Full Kubernetes Cluster Takeover

Critical Jupyter Enterprise Gateway vulnerabilities allow Kubernetes cluster takeover. Upgrade to version 3.3.0 immediately and scan your cloud with Orca.

orca.security
1
182
Warning: High severity Privilege Escalation vulnerabilities in #Zoom products (Windows & Mobile clients). CVE-2026-53407, CVE-2026-53408 & CVE-2026-53406. zoom.com/en/trust/security-b…, zoom.com/en/trust/security-b… #patch #patch #patch #EoP

ZSB-26009

ZSB-26009

zoom.com
198
Warning: Critical root-level Remote Code Execution and Authentication Bypass vulnerabilities in #Ivanti Sentry before versions R10.5.2, R10.6.2 and R10.7.1. CVE-2026-10520 CVSS:3.1 10 and CVE-2026-10523 CVSS:3.1 9.9. Read our advisory ccb.belgium.be/advisories/wa… and #patch #RCE
170
#Microsoft has released security patches for 206 vulnerabilities. 33 vulnerabilities were identified as critical and 173 are classified as Important. 3 are 0-day vulnerabilities and none are actively exploited. Patches are available via Patch Tuesday. Time to #patch #patch #patch
116
Warning: Siemens ProductCERT published four and updated ten advisories. Patches include fixes for Remote Code Execution #RCE and Elevation of Priviliges #EoP vulnerabilities in #SINEC #INS. Read the security advisories at siemens.com/cert/advisories/. #Patch #Patch #Patch

CERT Services | Siemens

The central expert teams for immediate response to security threats and issues affecting Siemens products, solutions, services or infrastructure.

siemens.com
149
Warning: #GoogleChrome released emergency security updates for a 0‑day vulnerability actively exploited in the wild. #CVE-2026-11645 is an out‑of‑bounds memory access in V8 that could allow remote attackers to execute arbitrary code (#RCE). #Patch Patch Patch.
1
185
Warning: #SAP has released security updates for 15 vulnerabilities in several of their products, including 4 critical vulnerabilities: #CVE-2026-44748; #CVE-2026-27671; #CVE-2026-40128 and #CVE-2026-22732. Read our advisory here: ccb.belgium.be/advisories/wa… #Patch #Patch #Patch
2
138
Warning: Active Exploitation of a critical #Check Point VPN User Authentication Bypass Vulnerability, #CVE-2026-50751. Successful exploitation could allow a remote attacker to establish VPN sessions without valid credentials! ccb.belgium.be/advisories/wa… #Patch #Patch #Patch
2
195
Warning: 3 high cross-site scripting #XSS in #VMware Cloud Foundation Operations #CVE-2026-41722 #CVE-2026-41723 #CVE-2026-41724 CVSS: 8.0 A remote attacker with low privileges can exploit them to perform admin actions. #Patch #Patch #Patch
2
227
Warning: High Uncontrolled Resource Consumption in #SolarWinds Serv-U #CVE-2026-28318 CVSS: 7.5. It's been actively exploited by unauthenticated remote attackers and there's an available proof-of-concept #PoC. #Patch #Patch #Patch
1
245
Warning: Critical Mass Assignment Vulnerability in #MISP. #CVE-2026-10868 CVSS: 9.0. Authenticated attackers can modify other users' account attributes without authorization! Read our advisory ccb.belgium.be/advisories/wa… and #Patch #Patch #Patch
1
270
Warning: Critical vulnerabilities in #Gladinet #Triofox. #CVE-2026-8362 #CVE-2026-8363 #CVE-2026-8364 CVSS: 9.8. More info: ccb.belgium.be/advisories/wa… #Patch #Patch #Patch
2
266
Load more