New Alerts for Apache Commons and Tomcat, Anthropic, BD, IBM, and Linux.

Apache

Apache Commons FileUpload contains a vulnerability in multi-part file uploads that can cause a DoS.
More info. And here.

Apache Tomcat contains the DoS vulnerability in Commons FileUpload and other vulnerabilities.
More info. And here.

Anthropic

MCP Inspector is vulnerable to RCE due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. CVSSv4 score of 9.4
More info. And here.

BD

BD has published updates for third-party software included in these products: Pyxis, Data Agent, and Care Coordination Engine.
More info.

IBM

IBM has published Critical bulletins for Cloud Pak for Data, Event Processing, Edge Data Collector, MQ Operator and Queue Manager, Db2 products, Robotic Process Automation, Security QRadar EDR, PowerVC, Security Guardium, API Connect, and DataPower Gateway.
More info.

Linux

SUSE has updated the kernel. More info.
OpenSUSE has updated the kernel. More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page


https://radar.securitywizardry.com/

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/mobile-radar.htm

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts