SolarWinds released patches for three critical vulnerabilities in its Serv-U file transfer solution. One flaw allows attackers with admin privileges to execute arbitrary code, posing significant risks to affected systems. The vulnerabilities are listed in the CISA's Known Exploited Vulnerabilities catalog.

Two critical vulnerabilities in Cisco's Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) have been identified, allowing remote code execution without authentication. Cisco has released patches for these vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20282, and users are urged to apply them promptly.

AMD has announced vulnerabilities related to a new side-channel attack known as the Transient Scheduler Attack (TSA) affecting various AMD processors. Although rated low to medium in severity, cybersecurity firms have classified the overall threat as critical due to the potential for information leakage, particularly concerning OS kernel data. Users are advised to apply patches to mitigate risks, as the attacks require local access to execute successfully.