Cyber Alert Feed https://digital.nhs.uk/ en-gb enquiries@nhsdigital.nhs.uk (NHS Digital) enquiries@nhsdigital.nhs.uk (NHS Digital) CC-4776 - Active Exploitation of Local Privilege Escalation Vulnerability in the Linux Kernel Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>CVE-2026-31431 (dubbed "Copy Fail") affects all Linux kernel builds since 2017, and could allow a local, unprivileged attacker to escalate privileges to root.</p><p> CVE-2026-31431 (dubbed "Copy Fail") affects all Linux kernel builds since 2017, and could allow a local, unprivileged attacker to escalate privileges to root.</p><p> Updated: 05 May 2026</p> eef1c9ea-044f-438a-8188-52d330528051 Thu, 30 Apr 2026 15:32:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4776 CC-4775 - SonicWall Releases Security Updates for SonicOS Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>CVE-2026-0204 could allow an unauthenticated attacker to access certain management interface functions</p><p> CVE-2026-0204 could allow an unauthenticated attacker to access certain management interface functions</p><p> Updated: 30 Apr 2026</p> 9dd07394-e747-4a81-950a-3b1d1b6a1c53 Thu, 30 Apr 2026 12:15:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4775 CC-4774 - Critical Vulnerability in cPanel and Web Host Manager (WHM) High enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: High</p> <p>CVE-2026-41940 could allow unauthenticated remote attackers to gain unauthorised access to the affected cPanel management console</p><p> CVE-2026-41940 could allow unauthenticated remote attackers to gain unauthorised access on the affected cPanel management console</p><p> Updated: 30 Apr 2026</p> 45a6cfb8-45f7-4bd3-9529-b739a2cc6369 Thu, 30 Apr 2026 10:34:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4774 CC-4771 - Microsoft Releases April 2026 Security Updates Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>Scheduled updates for Microsoft products address 165 vulnerabilities, including CVE‑2026‑32201, an exploited spoofing vulnerability affecting SharePoint Server</p><p> Scheduled updates for Microsoft products address 165 vulnerabilities, including CVE‑2026‑32201, an exploited spoofing vulnerability affecting SharePoint Server</p><p> Updated: 24 Apr 2026</p> 1a57bc08-4592-4720-8500-e59cae44d044 Wed, 15 Apr 2026 14:48:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4771 CC-4773 - Oracle Releases April 2026 Critical Patch Update Advisory Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>Scheduled advisory includes 481&nbsp;security updates across multiple Oracle product families</p><p> Scheduled advisory includes 481 security updates across multiple Oracle product families</p><p> Updated: 22 Apr 2026</p> 0c425e17-13eb-4652-9e78-c07cc3df34f4 Wed, 22 Apr 2026 12:16:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4773 CC-4772 - Cisco Releases Security Advisories for Critical Vulnerabilities in Identity Services Engine Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>An authenticated attacker could exploit the vulnerabilities to achieve remote code execution</p><p> An authenticated attacker could exploit the vulnerabilities to achieve remote code execution</p><p> Updated: 16 Apr 2026</p> f477d07c-4a4b-4ec2-9c3c-741e09e1cfd5 Thu, 16 Apr 2026 13:03:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4772 CC-4770 - Axios Releases Security Update to Address Critical Vulnerability Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>CVE‑2026‑40175 could be used in an attack chain to allow for remote code execution or full cloud compromise</p><p> CVE‑2026‑40175 could be used in an attack chain to allow for remote code execution or full cloud compromise</p><p> Updated: 14 Apr 2026</p> 1e24f3b3-9e2f-415e-8b68-e3f62de3d961 Tue, 14 Apr 2026 10:47:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4770 CC-4769 - Adobe Releases Security Update to Address a Vulnerability in Acrobat and Reader Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>CVE‑2026‑34621 could allow arbitrary code execution via malicious PDF files opened in vulnerable Adobe Acrobat or Reader installations.</p><p> CVE‑2026‑34621 could allow arbitrary code execution via malicious PDF files opened in vulnerable Adobe Acrobat or Reader installations.</p><p> Updated: 13 Apr 2026</p> 00caa41c-19b6-486c-994b-687d9415e19a Mon, 13 Apr 2026 13:37:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4769 CC-4768 - Mitel Releases Security Advisory for MiCollab Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>A critical SQL injection vulnerability could allow a remote unauthenticated attacker to access system information and execute arbitrary SQL database commands</p><p> A critical SQL injection vulnerability could allow a remote unauthenticated attacker to access system information and execute arbitrary SQL database commands</p><p> Updated: 09 Apr 2026</p> 0860387a-08f8-48b5-a8ad-3faeeab62225 Thu, 09 Apr 2026 12:20:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4768 CC-4767 - Progress Releases Security Updates for ShareFile Storage Zones Controller (SZC) Medium enquiries@nhsdigital.nhs.uk (NHS Digital) <p>Severity: Medium</p> <p>Successful exploitation could allow an unauthenticated remote attacker to access on-prem storage zones controller’s configuration pages, potentially leading to changes in system configuration and remote code execution</p><p> Successful exploitation could allow an unauthenticated remote attacker to access on-prem storage zones controller’s configuration pages, potentially leading to changes in system configuration and remote code execution</p><p> Updated: 07 Apr 2026</p> e3d1a751-77e3-437b-8520-91eb55cd08db Tue, 07 Apr 2026 15:03:00 GMT https://digital.nhs.uk/cyber-alerts/2026/cc-4767