The Ilevia EVE X1 Server has been found to contain multiple critical vulnerabilities that could allow attackers to execute arbitrary commands, disclose sensitive information, and escalate privileges.

CISA has added two vulnerabilities, CVE-2025-11953 and CVE-2026-24423, to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are actively exploited and pose significant risks to federal enterprises.

The Linux Kernel has a critical integer overflow vulnerability, identified as CVE-2018-14634, which can be exploited by an unprivileged local user to escalate privileges on the system.

CISA has added four new vulnerabilities to its KEV Catalog. These vulnerabilities include improper access control, improper authentication, embedded malicious code, and remote file inclusion, affecting various software products.

Rockwell Automation's Verve Asset Manager has been found to have vulnerabilities that could allow attackers to access sensitive information. These bugs, identified as CVE-2025-14376 and CVE-2025-14377, affect multiple versions of the product.

A critical vulnerability has been identified in the firmware of multiple Festo products, affecting a wide range of devices used in critical manufacturing sectors globally. The vulnerability is tracked as CVE-2022-3270.

A critical vulnerability has been identified in the Hitachi Energy Asset Suite, specifically within the Jasper Report component. This vulnerability, identified as CVE-2025-10492, allows for remote code execution (RCE) attacks.

The Columbia Weather Systems MicroServer is affected by multiple vulnerabilities that could allow attackers to redirect SSH connections, gain admin access to the web portal, and obtain limited shell access.

The vulnerabilities in Mitsubishi Electric Air Conditioning Systems could potentially allow unauthorized access or control over the systems, leading to disruptions in operations and potential safety hazards.

CISA, National Security Agency, and Canadian Centre for Cyber Security have released an update to the Malware Analysis Report BRICKSTORM Backdoor with indicators of compromise (IOCs) and detection signatures for additional BRICKSTORM samples.