What you need to know today.
Critical vulnerabilities in firewalls, enterprise servers, and development libraries are highlighted today, with multiple authentication bypass and command injection flaws.
A critical authentication bypass vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows unauthenticated attackers to bypass security controls, potentially leading to unauthorized access. The vulnerability, tracked as CVE-2026-2624, has a CVSS score of 9.8 and a high risk score, indicating a significant threat to organizations relying on this firewall for network protection. Details on specific affected versions and available patches are crucial for immediate remediation.
Two path traversal vulnerabilities and a hard-coded cryptographic key issue in Altium Enterprise Server pose significant risks to users. CVE-2026-11420 allows unauthenticated network attackers to write arbitrary files to the server filesystem and read sensitive packages, while CVE-2026-11414 enables attackers to forge file download URLs due to a shared signing key across all installations. These critical flaws, both with high risk scores, demand urgent attention from Altium customers to prevent data compromise and system manipulation.
The Termix SSH platform is facing scrutiny with multiple critical vulnerabilities disclosed, including CVE-2026-45744 and CVE-2026-45748. The former, a critical OS command injection flaw in the file manager endpoint, and the latter, a critical SSH tunnel command injection vulnerability, both carry CVSS 9.8 ratings and high risk. As reported by Vypr Intelligence, these issues affect Termix versions prior to 2.3.2 and could allow attackers to gain significant control over affected servers.
Honeywell's IQ4x building management controller is susceptible to unauthorized access due to its factory-default configuration, which exposes its full web-based HMI without authentication. This critical vulnerability, CVE-2026-3611, carries a perfect CVSS score of 10.0 and a high risk rating. The lack of user authentication in the default setup means any attacker within reach could potentially gain full administrative control over the building management system, posing a serious security risk.
IBM has released patches for a critical buffer overflow vulnerability in its Aspera High-Speed Transfer Endpoint and Server products. CVE-2026-8175, affecting versions 3.7.4 through 4.4.7 Fix Pack 1, allows for a buffer overflow in the asperahttpd component, potentially leading to code execution or denial of service. This vulnerability was part of a larger patch release detailed by Vypr Intelligence, underscoring the need for prompt patching of IBM products.
Arm Mbed TLS, a widely used TLS implementation, has disclosed two critical vulnerabilities, CVE-2026-34877 and CVE-2026-34875, both with CVSS 9.8 ratings. The first involves insufficient protection of serialized SSL context or session structures, potentially leading to memory corruption, while the second is a buffer overflow in public key export for FFDH keys. These issues affect versions up to 3.6.5 and TF-PSA-Crypto 1.0.0, requiring immediate updates for secure communication.