FREE DIAGNOSTIC

HPE security advisory (AV26-633)
Serial number:AV26-633
Date:June 25, 2026

On June 25, 2026, HPE published a security advisory to address a critical vulnerability in the following product:

HPE Telco Service Orchestrator – versions prior to v5.6.1

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

HPESBNW05070 rev.1 - HPE Telco Service Orchestrator Software, Multiple Vulnerabilities

HPE Security Bulletin Library
HPE security advisory (AV26-632)
Serial number:AV26-632
Date:June 25, 2026

On June 24, 2026, HPE published a security advisory to address a vulnerability in the following product:

HPE Unified Correlation Analyzer (UCA) – versions prior to 4.4.10

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

HPESBNW05073 rev.1 - HPE Telco Unified Correlation and Automation (UCA), Multiple Vulnerabilities

HPE Security Bulletin Library
Drupal security advisory (AV26-631)
Serial number:AV26-631
Date: June 25, 2026

On June 24, 2026, Drupal published security advisories to address vulnerabilities in a number of products. Included were critical updates for the following:

Geolocation Field – versions prior to 3.15.0

WissKI – versions prior to 4.2.0

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates or perform the suggested mitigations.

Geolocation Field - Critical - SQL Injection - SA-CONTRIB-2026-062

WissKI - Critical - Access bypass - SA-CONTRIB-2026-059

Drupal Security Advisories
GitLab security advisory (AV26-630)
Serial number: AV26-630
Date: June 24, 2026

On June 24, 2026, GitLab published a security advisory to address vulnerabilities in the following products:

GitLab Community Edition (CE) – versions prior to 19.1.1, 19.0.3 and 18.11.6

GitLab Enterprise Edition (EE) – versions prior to 19.1.1, 19.0.3 and 18.11.6

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

GitLab Patch Release: 19.1.1, 19.0.3, 18.11.6

GitLab Releases
Jenkins security advisory (AV26-629)
Serial number:AV26-629
Date:June 24, 2026

On June 24, 2026, Jenkins published a security advisory to address vulnerabilities in the following products:

Assembla Plugin – versions prior to 1.4

External Workspace Manager Plugin – versions prior to 1.3.2

OWASP ZAP Plugin – versions prior to 1.0.7

Script Security Plugin – versions prior to 1402.v94c9ce464861

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

XXE vulnerability in Assembla Plugin

Path traversal vulnerability in External Workspace Manager Plugin

Builds executed on the Jenkins controller by OWASP ZAP Plugin can lead to RCE

Script security bypass vulnerability in Script Security Plugin

Sandbox bypass vulnerability in Script Security Plugin

Jenkins Security Advisories
n8n security advisory (AV26-628)
Serial number:AV26-628
Date: June 24, 2026

On June 24, 2026, n8n published security advisories to address vulnerabilities in the following product:

n8n – versions prior to 2.28.1

n8n – versions prior to 2.27.4

n8n – versions prior to 1.123.61

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary update.

"Allowed HTTP Request Domains" Restriction Bypass via AI Agents MCP Connector

Prototype Pollution via Workflow Credentials Leads to Unauthenticated User and Project Enumeration

Cross-Issuer Token Exchange Account Binding via Subject-Only Identity Resolution

Shared Credential Header Leak via HTTP Request Pagination Expression

n8n Security

PC Desktops	PC Laptops	iMacs	Macbooks
	Home of the FREE Diagnostic (That's right. It's FREE) In 24 hours you will know the exact issues and cost of repair No work is done unless you approve it! It's not an estimate, it's a set price! All repairs are guaranteed! No appointment necessary (There is a Diagnostic charge for custom builds for component testing)

FREE DIAGNOSTIC

Threats/Scams