Vulnerabilites critiques — 5 Juillet 2026

Le Centre de Reponse aux Incidents de Securite Informatique (CIRT.cm) alerte les organisations camerounaises sur des vulnerabilites critiques identifiees recemment dans le cyberespace. Ces failles, pour certaines deja exploitees dans la nature, requerrent une attention immediate.

Cette alerte couvre les publications de la semaine du 5 Juillet 2026, incluant les avis du NIST et du CISA KEV.


CVE critiques identifiees

CVE Score CVSS Description Correctif
CVE-2026-10560 8.2 — Eleve IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing authentication vulnerability in /api/v1/build_public_tmp/ endpoints that allows an unauthenticated attacker to read build event data or cancel j Appliquer le correctif disponible
CVE-2026-13449 7.6 — Eleve IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerab Appliquer le correctif disponible
CVE-2026-58016 7.5 — Eleve A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a < Appliquer le correctif disponible
CVE-2026-13772 7.5 — Eleve IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ‘s Object Query Language engine resolves attacker-supplied class names via Class.forName() and invokes their constructors with no allow-list at thre Appliquer le correctif disponible
CVE-2026-11541 7.4 — Eleve IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server – Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability. Appliquer le correctif disponible

Actions recommandees

  1. Appliquer les correctifs de securite pour toutes les CVE listees.
  2. Activer l’authentification multi-facteurs (MFA) sur tous les acces critiques.
  3. Surveiller les connexions HTTPS/SSH sortantes inhabituelles.
  4. Mettre a jour les navigateurs vers les dernieres versions.
  5. Signaler tout incident a incidents@cirt.antic.cm ou au numero vert 8202.

Sources : NVD NIST, CISA KEV
Reference CIRT : CIRT-AL-2026-07-05

By CIRT-CM

Leave a Reply

Your email address will not be published. Required fields are marked *