Aggregator

法国政府宣布将用本国开发的视频会议平台 Visio 取代美国微软的 Teams 和 Zoom 平台，计划到 2027 年所有政府部门都使用该平台。此举是法国加强数字主权战略的一部分，减少对外国软件供应商——尤其是美国供应商——的依赖，重新控制关键数字基础设施。Visio 已测试一年，有约 4 万用户。

A vulnerability labeled as problematic has been found in Open5GS up to 2.7.6. This vulnerability affects the function sgwc_s5c_handle_modify_bearer_response of the file src/sgwc/s5c-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. This vulnerability is tracked as CVE-2026-1522. The attack can be launched remotely. Moreover, an exploit is present. Applying a patch is advised to resolve this issue. The issue report is flagged as already-fixed.

Fortinet has confirmed a critical authentication bypass vulnerability in its FortiCloud SSO feature, actively exploited in the wild under CVE-2026-24858. According to an advisory published on January 27, 2026, the flaw affects FortiOS, FortiManager, FortiAnalyzer, and FortiProxy. With a CVSSv3 score of 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), it stems from improper access control (CWE-288) in the GUI component. […]

The post Fortinet Confirms Critical FortiCloud SSO Vulnerability(CVE-2026-24858) Actively Exploited in the Wild appeared first on Cyber Security News.

France intends to phase out non-European videoconferencing platforms such as Zoom and Microsoft Teams from its public administration, opting instead for a nationally developed solution due to security considerations. Ending the use of paid software licenses is expected to generate significant savings, estimated at about €1 million per year for every 100,000 users who switch from licensed solutions. The government confirmed that the French-made platform Visio will replace existing videoconferencing tools. The platform was developed … More →

The post French government abandons Zoom and Microsoft Teams over security concerns appeared first on Help Net Security.

A vulnerability identified as problematic has been detected in Open5GS up to 2.7.6. This affects the function sgwc_s5c_handle_bearer_resource_failure_indication of the file src/sgwc/s5c-handler.c of the component SGWC. Performing a manipulation results in denial of service. This vulnerability is identified as CVE-2026-1521. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to apply a patch to fix this issue.

Submit #738371 / VDB-343193

A vulnerability categorized as problematic has been discovered in rethinkdb up to 2.4.3. Affected by this issue is some unknown functionality of the component Secondary Index Handler. Such manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2026-1520. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #738370 / VDB-343192

A vulnerability was found in Hitachi Energy SuprOS up to 9.2.2.0. It has been rated as critical. Affected by this vulnerability is an unknown functionality. This manipulation causes use of default credentials. The identification of this vulnerability is CVE-2025-7740. The attack can only be executed locally. There is no exploit available.

月均4000+漏洞！360发布《2025年度网络安全漏洞分析报告》

Submit #738312 / VDB-343191