Vulnerabilites critiques — 4 Juillet 2026

Le Centre de Reponse aux Incidents de Securite Informatique (CIRT.cm) alerte les organisations camerounaises sur des vulnerabilites critiques identifiees recemment dans le cyberespace. Ces failles, pour certaines deja exploitees dans la nature, requerrent une attention immediate.

Cette alerte couvre les publications de la semaine du 4 Juillet 2026, incluant les avis du NIST et du CISA KEV.


CVE critiques identifiees

CVE Score CVSS Description Correctif
CVE-2026-8655 9.8 — Critique Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Ora Appliquer le correctif disponible
CVE-2026-14241 9.8 — Critique Memory safety bugs present in Firefox 152.0.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary c Appliquer le correctif disponible
CVE-2026-11720 9.1 — Critique A path traversal vulnerability exists in the HTTP tool URL builder of googleapis/mcp-toolbox.

When constructing downstream API requests, the URL builder substitutes user-controlled pathParams into th

Appliquer le correctif disponible
CVE-2026-7663 9.1 — Critique IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streama Appliquer le correctif disponible
CVE-2026-11714 8.5 — Eleve IBM WebSphere Application Server – Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled. Appliquer le correctif disponible

Actions recommandees

  1. Appliquer les correctifs de securite pour toutes les CVE listees.
  2. Activer l’authentification multi-facteurs (MFA) sur tous les acces critiques.
  3. Surveiller les connexions HTTPS/SSH sortantes inhabituelles.
  4. Mettre a jour les navigateurs vers les dernieres versions.
  5. Signaler tout incident a incidents@cirt.antic.cm ou au numero vert 8202.

Sources : NVD NIST, CISA KEV
Reference CIRT : CIRT-AL-2026-07-04

By CIRT-CM

Leave a Reply

Your email address will not be published. Required fields are marked *