Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to loss of confidentiality (CVE-2026-24398, CVE-2026-24472, CVE-2026-24473, CVE-2026-24771)

Summary Node.js module Hono is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported...

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to improper cache control. An attacker can view sensitive information even if they are not logged into the account anymore. Remediation Upgrade leantime/leantime to version 3.3 or higher...

Nextcloud: Sensitive Information Disclosure via Back Button Post Logout on https://apps.nextcloud.com/account/

A cache control vulnerability was identified on the https://apps.nextcloud.com/account/ page. After logging out, sensitive information such as the user's first name, last name, and email address remained accessible by using the browser's back button. This occurred due to improper caching of...