Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms - The Hacker News

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms Ravie LakshmananFeb 11, 2026Patch Tuesday / Vulnerability It's Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services. Microsoft issued fixes for 59 flaws, including six actively exploited zero-days in various Windows components that could be abused to bypass security features, escalate privileges, and trigger a denial-of-service (DoS) condition. Elsewhere, Adobe released updates for Audition, After Effects, InDesign Desktop, Substance 3D, Bridge, Lightroom Classic, and DNG SDK. The company said it's not aware of in-the-wild exploitation of any of the shortcomings. SAP shipped fixes for two critical-severity vulnerabilities, including a code injection bug in SAP CRM and SAP S/4HANA (CVE-2026-0488, CVSS score: 9.9) that an authenticated attacker could use to run an arbitrary SQL statement and lead to a full database compromise. The second critical vulnerability is a case of a missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform (CVE-2026-0509, CVSS score: 9.6) that could permit an authenticated, low-privileged user to perform certain background Remote Function Calls without the required S_RFC authorization. "To patch the vulnerability, customers must implement a kernel update and set a profile parameter," Onapsis said. "Adjustments in user roles and UCON settings might be required to not interrupt business processes." Rounding off the list, Intel and Google said they teamed up to examine the security of Intel Trust Domain Extensions (TDX) 1.5, uncovering five vulnerabilities in the module (CVE-2025-32007, CVE-2025-27940, CVE-2025-30513, CVE-2025-27572, and CVE-2025-32467), and nearly three dozen weaknesses, bugs, and improvement suggestions. "Intel TDX 1.5 introduces new features and functionality that bring confidential computing significantly closer to feature parity with traditional virtualization solutions," Google said. "At the same time, these features have increased the complexity of a highly privileged software component in the TCB [Trusted Computing Base]." Software Patches from Other Vendors Security updates have also been released by other vendors in recent weeks to rectify several vulnerabilities, including — ABB Amazon Web Services AMD AMI Apple ASUS AutomationDirect AVEVA Broadcom (including VMware) Canon Check Point Cisco Citrix Commvault ConnectWise D-Link Dassault Systèmes Dell Devolutions dormakaba Drupal F5 Fortinet Foxit Software FUJIFILM Fujitsu Gigabyte GitLab Google Android and Pixel Google Chrome Google Cloud Grafana Hikvision Hitachi Energy HP HP Enterprise (including Aruba Networking and Juniper Networks) IBM Intel Ivanti Lenovo Linux distributions AlmaLinux, Alpine Linux, Amazon Linux, Arch Linux, Debian, Gentoo, Oracle Linux, Mageia, Red Hat, Rocky Linux, SUSE, and Ubuntu MediaTek Mitsubishi Electric MongoDB Moxa Mozilla Firefox and Thunderbird n8n NVIDIA Phoenix Contact QNAP Qualcomm Ricoh Rockwell Automation Samsung Schneider Electric ServiceNow Siemens SolarWinds Splunk Spring Framework Supermicro Synology TP-Link WatchGuard Zoho ManageEngine Zoom, and Zyxel Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  adobe software, cybersecurity, enterprise security, Intel Security, Microsoft Windows, patch Tuesday, SAP Security, Vulnerability, zero-day Trending News TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks 54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits and 20 More Stories Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams ⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers and More FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks Load More ▼ Popular Resources SANS SEC401: Get Hands On Skills to Detect and Respond to Cyber Threats [Demo] Discover SaaS Risks and Monitor Every App in Your Environment Detect AI-Driven Threats Faster With Full Network Visibility [Guide] Learn How to Govern AI Agents With Proven Market Guidance