April 14, 2026-KB5084067 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2

April 14, 2026-KB5084067 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 Revised April 22, 2026: Revised on April 22nd, 2026 to add the known issue section. Release Date: April 14, 2026 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes t...

April 14, 2026-KB5084066 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server 2019

April 14, 2026-KB5084066 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server 2019 Release Date: April 14, 2026 Version: .NET Framework 3.5, 4.7.2 and 4.8 Summary This article describes the security and cumulative update for 3.5, 4.7.2 and 4.8 fo...

April 14, 2026-KB5084071 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022

April 14, 2026-KB5084071 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022 Release Date: April 14, 2026 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows Server 2022. Securi...

April 14, 2026-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB5084069)

April 14, 2026-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB5084069 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2...

CVE-2026-34069 nimiq-consensus panics via RequestMacroChain micro-block locator

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

CVE-2026-34069 nimiq-consensus panics via RequestMacroChain micro-block locator

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

CVE-2026-34069

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

CVE-2026-34069

CVE-2026-34069 affects the Rust implementation of Nimiq’s PoS consensus (nimiq/core-rs-albatross). In versions 1.2.2 and earlier, an unauthenticated p2p peer can trigger a panic in the RequestMacroChain message handler when the first locator hash on the victim’s main chain is a micro block hash (...

Security Bulletin: IBM i is Affected by Security Control Bypass and Uncontrolled Resource Consumption Vulnerabilities in IBM Java SDK and IBM Java Runtime [CVE-2026-21925, CVE-2026-21933, CVE-2026-21932, CVE-2026-21945]

Summary IBM SDK Java Technology Edition and IBM Runtime Environment Java used by IBM i to support the building and running of Java applications are vulnerable to denial-of-service CVE-2026-21945 and bypassing security controls to read and change data CVE-2026-21932, CVE-2026-21933, CVE-2026-21925...

Security Bulletin: vulerability in IBM Spectrum Symphony with spring framework

Summary vulerability in IBM Spectrum Symphony with spring framework Vulnerability Details CVEID:CVE-2024-38820 DESCRIPTION: The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase has some Locale dependent exceptions that could...

Security Bulletin: vulerability in IBM Spectrum Symphony with IBM WebSphere Application Server Liberty

Summary vulerability in IBM Spectrum Symphony with IBM WebSphere Application Server Liberty Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass...

Security Bulletin: Vulerability in IBM Spectrum Symphony with OpenSSL

Summary Vulerability in IBM Spectrum Symphony with OpenSSL Vulnerability Details CVEID:CVE-2024-13176 DESCRIPTION: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDS...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in pyasn1-0.6.1.tar.gz

Summary IBM Watson Discovery Cartridge affected by vulnerability in pyasn1-0.6.1.tar.gz Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed...

CVE-2026-32605

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.numvalidators...

Note Mark: Username Enumeration via Login Endpoint Timing Side-Channel

Summary A timing side-channel in the login endpoint allows unauthenticated attackers to determine whether a username exists by measuring response time differences. Requests for valid usernames take noticeably longer because the server performs bcrypt password verification, while requests for...

GHSA-W6M9-39CV-2FWP Note Mark: Username Enumeration via Login Endpoint Timing Side-Channel

Summary A timing side-channel in the login endpoint allows unauthenticated attackers to determine whether a username exists by measuring response time differences. Requests for valid usernames take noticeably longer because the server performs bcrypt password verification, while requests for...

CVE-2026-32605 Nimiq: Remote crash via off-by-one signer bounds check in proposal buffer

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.numvalidators...

CVE-2026-32605

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.numvalidators...

EUVD-2026-22061

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.numvalidators...

CVE-2026-32605 Nimiq: Remote crash via off-by-one signer bounds check in proposal buffer

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.numvalidators...