Skip to content
Auto-CTI

What has changed?

Comparing 6 May 2026 with the previous day 29 April 2026.

Newly added

18
NEW Vaultwarden
20

CVE-2026-31835

An attacker with only password knowledge can permanently disable WebAuthn 2FA for a user by corrupting backup flags before signature validation—patch immediately to prevent persistent MFA denial.

High EPSS 0%
NEW Vaultwarden
20

CVE-2026-33420

Manager-role users can enumerate all organizational collections and user/group mappings without explicit collection access, enabling targeted credential theft or social engineering against specific teams.

High EPSS 0%
NEW OpenSSL
20

[UPDATE] OpenSSL: Mehrere Schwachstellen

BSI official advisory signals coordinated vulnerability disclosure affecting critical crypto library across DACH infrastructure; patch urgency depends on CVSS/KEV status not provided in this alert.

High
NEW Linux
20

Linux Kernel: Mehrere Schwachstellen

BSI official advisory on multiple kernel flaws affecting Ubuntu deployments; local exploitation path requires access but potential RCE warrants urgent patching review across ESXi hypervisors and Ubuntu guest VMs.

High
NEW Intel
20

[UPDATE] Intel Prozessoren: Mehrere Schwachstellen

BSI formal advisory on Intel processor vulnerabilities signals German federal agency assessment; affects manufacturing environment running Windows Server and virtualized infrastructure.

High
NEW Oracle
0

[UPDATE] Oracle MySQL: Mehrere Schwachstellen

BSI advisory signals multiple MySQL vulnerabilities affecting confidentiality, integrity, and availability; requires patch assessment if MySQL is deployed in non-stated but common manufacturing IT infrastructure.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

0

No changes in this category.

ESC