[TLP:CLEAR] Prehľad zaujímavých zraniteľností
nižšie uvádzame prehľad zaujímavých zraniteľností, ktorým sme sa bližšie nevenovali: Gitea verziou 1.26.4 opravuje 1 kritickú zraniteľnosť [1]. Jetty verziami 9.4.61, 12.0.36, 12.1.10, 9.4.63, 10.0.31, 11.0.31 opravuje 4 zraniteľnosti [2][3][4][5]. Mozilla Firefox verziami 152.0.6 a 152.4 opravuje 3 zraniteľnosti [6][7]. Veeam Backup & Replication verziou 12.3.0.65 opravuje 1 zraniteľnosť v komponente Veeam Updater [8]. Apache OpenMeetings verziou 9.1.0 opravuje 1 zraniteľnosť [9]. HPE Telco Intelligent Assurance, HPE Compute Scale-up Server 3200 a 3250 opravuje 14 zraniteľností [10][11]. Red Hat opravuje 4 zraniteľnosti v produktoch OpenShift GitOps [12][13][14] a Red Hat Enterprise Linux [15]. Acronis Cyber Infrastructure verziou 7.3 build 7.3.1-60 opravuje 7 zraniteľností v produktoch tretích strán [16][17][18]. Dnsmasq verziou 6.6.2 opravuje 6 zraniteľností, z toho jedna je potenciálne RCE [19][20]. F5 opravuje 10 zraniteľností v produktoch NGINX [21][22][23][24][25][26][27][28][29][30]. Drupal verziami 11.4.4 a 11.3.14 opravuje 2 zraniteľnosti [31][32]. Google Chrome/Chromium verziami 150.0.7871.124/.125 pre Windows a Mac, a verziou 150.0.7871.124 pre Linux opravuje 15 zraniteľností, z toho 2 kritické [33]. Adobe opravuje 88 zraniteľností v produktoch ColdFusion [34], Commerce [35] a Experience Manager [36] a Illustrator [37]. RabbitMQ verziami 4.2.6, 4.1.11, 4.0.20 a 3.13.15 opravuje 2 zraniteľnosti [38][39]. Dell v produktoch PowerProtect Data Manager [40], Storage Resource Manager (SRM) [41], Dell Storage Monitoring and Reporting (SMR) [41], SmartFabric Manager [42], ThinOS 10 [43], iDRAC9 [44] a PowerEdge Server pre OpenSSL [45] opravuje niekoľko zraniteľností. VMware Avi Load Balancer verziami 32.1.2, 31.2.2-2-p3 a 30.2.7 opravuje 7 zraniteľností, z toho jednu kritickú [46]. 7-Zip verziou 26.02 opravuje 1 zraniteľnosť [47]. Grafana opravuje 2 zraniteľnosti v produktoch Grafana MCP a Loki [48][49]. Microsoft opravuje 4 zraniteľnosti v produktoch SharePoint Server, Windows Terminal, Windows Admin Center a Windows Backup Engine [50][51][52][53]. Mattermost Desktop verziami 6.3, 6.2.1 a 5.13.7 opravuje 2 zraniteľnosti [54][55].
Odkazy
- [1] https://github.com/go-gitea/gitea/security/advisories/GHSA-f75j-4cw6-rmx4
- [2] https://github.com/jetty/jetty.project/security/advisories/GHSA-7p3p-8qv8-m2vh
- [3] https://github.com/jetty/jetty.project/security/advisories/GHSA-f4v5-65jj-pcr2
- [4] https://github.com/jetty/jetty.project/security/advisories/GHSA-2fvj-hgj9-j2gr
- [5] https://github.com/jetty/jetty.project/security/advisories/GHSA-w7x5-g22v-xqhr
- [6] https://www.mozilla.org/en-US/security/advisories/mfsa2026-67/
- [7] https://www.mozilla.org/en-US/security/advisories/mfsa2026-66/
- [8] https://www.veeam.com/kb4879
- [9] https://nvd.nist.gov/vuln/detail/CVE-2026-49488
- [10] https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05076en_us&docLocale=en_US
- [11] https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf05079en_us&docLocale=en_US
- [12] https://access.redhat.com/security/cve/cve-2026-15584
- [13] https://access.redhat.com/security/cve/cve-2026-62147
- [14] https://access.redhat.com/security/cve/cve-2026-15416
- [15] https://access.redhat.com/security/cve/cve-2026-12478
- [16] https://security-advisory.acronis.com/advisories/SEC-11541
- [17] https://security-advisory.acronis.com/advisories/SEC-11542
- [18] https://security-advisory.acronis.com/advisories/SEC-11267
- [19] https://github.com/pi-hole/FTL/releases/tag/v6.6.2
- [20] https://www.zerodayinitiative.com/advisories/ZDI-26-441/
- [21] https://my.f5.com/manage/s/article/K000162282
- [22] https://my.f5.com/manage/s/article/K000161800
- [23] https://my.f5.com/manage/s/article/K000162100
- [24] https://my.f5.com/manage/s/article/K000161837
- [25] https://my.f5.com/manage/s/article/K000162097
- [26] https://my.f5.com/manage/s/article/K000161971
- [27] https://my.f5.com/manage/s/article/K000162231
- [28] https://my.f5.com/manage/s/article/K000162098
- [29] https://my.f5.com/manage/s/article/K000161834
- [30] https://my.f5.com/manage/s/article/K000162101
- [31] https://www.drupal.org/sa-core-2026-012
- [32] https://www.drupal.org/sa-core-2026-011
- [33] https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_0353146366.html
- [34] https://helpx.adobe.com/in/security/products/coldfusion/apsb26-82.html
- [35] https://helpx.adobe.com/in/security/products/magento/apsb26-73.html
- [36] https://helpx.adobe.com/in/security/products/experience-manager/apsb26-74.html
- [37] https://helpx.adobe.com/security/products/illustrator/apsb26-79.html
- [38] https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-pj24-8j6m-vq9q
- [39] https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-9q2j-2hq8-22r2
- [40] https://www.dell.com/support/kbdoc/cs-cz/000488847/dsa-2026-287-security-update-dell-powerprotect-data-manager-for-multiple-security-vulnerabilities
- [41] https://www.dell.com/support/kbdoc/cs-cz/000488837/dsa-2026-311-dell-storage-resource-manager-srm-and-dell-storage-monitoring-and-reporting-smr-security-update-for-multiple-third-party-component-vulnerabilities
- [42] https://www.dell.com/support/kbdoc/cs-cz/000489671/dsa-2026-317-security-update-for-dell-smartfabric-manager-multiple-third-party-component-vulnerabilities
- [43] https://www.dell.com/support/kbdoc/cs-cz/000489640/dsa-2026-300-security-update-for-dell-thinos-10-for-multiple-vulnerabilities
- [44] https://www.dell.com/support/kbdoc/cs-cz/000489193/dsa-2026-312-security-update-for-dell-idrac9-vulnerabilities
- [45] https://www.dell.com/support/kbdoc/cs-cz/000489258/dsa-2026-316-security-update-for-dell-poweredge-server-for-openssl-vulnerabilities
- [46] https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37926
- [47] https://www.zerodayinitiative.com/advisories/ZDI-26-444/
- [48] https://grafana.com/security/security-advisories/cve-2026-15583/
- [49] https://grafana.com/security/security-advisories/cve-2026-21729/
- [50] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-62826
- [51] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59117
- [52] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58643
- [53] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58598
- [54] https://nvd.nist.gov/vuln/detail/CVE-2026-9602
- [55] https://nvd.nist.gov/vuln/detail/CVE-2026-8075
Za CESNET-CERTS Henrieta Paločková dňa 17. 7. 2026.