Remote Help

Serial number:AV26-552
Date:June 5, 2026

Between June 2 and 4, 2026, Progress published security advisories to address vulnerabilities in the following products. Included was a critical update for the following:

• Sitefinity CMS and Sitefinity Insight – multiple versions
• Progress Kemp LoadMaster – version GA v7.2.63.1 and prior
• Progress Kemp LoadMaster - version LTSF v7.2.54.17 and prior

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

• Sitefinity Security Advisory for Addressing Security Vulnerabilities CVE-2026-7312, CVE-2026-7198, CVE-2026-7195, CVE-2026-7201, CVE-2026-7313, May 2026
• LoadMaster Critical Security Bulletin – June 2026 – (CVE-2026-8037, CVE-2026-33691)
• Progress Trust Center

Serial number:AV26-551
Date: June 5, 2026

On June 4, 2026, Cisco published a security advisory to address a vulnerability in the following product:

• Cisco Catalyst SD-WAN Manager

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available.

• Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability (CVE-2026-20245)
• Cisco Security Advisories

Serial number:AV26–550
Date:June 4, 2026

On June 1, 2026, Docker published a security advisory to address a vulnerability in the following product:

• Docker Desktop – versions prior to 4.76.0

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Docker Desktop Release Notes
• Docker security announcements

Serial number:AV26-549
Date:June 4, 2026

Between June 2 and 3, 2026, SolarWinds published security advisories to address vulnerabilities in the following products:

• SolarWinds Serv-U – versions prior to 15.5.4 HF1
• SolarWinds Web Help Desk – versions prior to 2026.2

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• SolarWinds Web Help Desk Denial-of-Service Vulnerability (CVE-2026-28299)
• SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability (CVE-2026-28318)
• SolarWinds Security Vulnerabilities

Serial number:AV26-548
Date:June 3, 2026

On June 2, 2026, Broadcom published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• VMware Tanzu GemFire Management Console - versions prior to 1.4.5
• VMware Tanzu Data Lake - versions prior to 4.1.0
• VMware Tanzu for Postgres - versions prior to 18.4.0
• VMware Tanzu for Postgres - versions prior to 17.10.0
• VMware Tanzu for Postgres - versions prior to 16.14.0
• VMware Tanzu for Postgres - versions prior to 15.18.0
• VMware Tanzu for Postgres - versions prior to 14.23.0

The Cyber Centre encourages users and administrators to review the web links provided and apply the necessary updates.

• Product Release Advisory - VMware Tanzu GemFire Management Console
• Product Release Advisory - VMware Tanzu Data Lake 4.1.0
• Product Release Advisory - VMware Tanzu for Postgres 18.4.0, 17.10.0, 16.14.0, 15.18.0, 14.23.0
• Security Advisories - VMware Cloud Foundation

Serial number:AV26-547
Date: June 3, 2026

On June 3, 2026, Cisco published security advisories to address vulnerabilities in multiple products. Included was a critical update for the following:

• Cisco Unified Communications Manager (CM) Release 14 – versions prior to 14SU6
• Cisco Unified Communications Manager (CM) Release 15 – versions prior to 15SU5 (Sep 2026) or COP
• Cisco Unified Communications Manager Session Management Edition (CM SME) release 14 – versions prior to 14SU6
• Cisco Unified Communications Manager Session Management Edition (CM SME) release 15 – versions prior to 15SU5 (Sep 2026) or COP

Cisco has indicated that a proof-of-concept exploit code is available for CVE-2026-20230.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
• Cisco Security Advisories