Skip to content
.ca
sign in
3 minhigh

Cyber Centre Daily Advisory Digest — 2026-03-25 (6 advisories)

The Canadian Centre for Cyber Security released a daily digest of six security advisories on March 25, 2026. The advisories highlight vulnerabilities across various enterprise products including GitLab, Node.js, n8n, Hitachi, ISC BIND, and Cisco, urging administrators to apply necessary updates and mitigations.

Conf:highAnalyzed:2026-03-25reports

Authors: Canadian Centre for Cyber Security

VulnerabilityPatch ManagementAdvisory DigestCVE

Source:Canadian Centre for Cyber Security

Key Takeaways

  • The Canadian Centre for Cyber Security released 6 security advisories on March 25, 2026.
  • Critical updates are required for GitLab, Node.js, n8n, Hitachi, ISC BIND, and Cisco products.
  • ISC BIND vulnerabilities include denial of service and ACL bypass flaws (CVE-2026-1519, CVE-2026-3104, CVE-2026-3119, CVE-2026-3591).
  • Hitachi advisories address Open Redirect and other vulnerabilities (CVE-2026-1166, CVE-2026-2072).

Affected Systems

  • GitLab Community Edition (CE) and Enterprise Edition (EE) prior to 18.10.1, 18.9.3, 18.8.7
  • Node.js 20, 22, 24, and 25
  • n8n (Merge Node, Community Edition, Binary Data Inline HTML Rendering, GSuiteAdmin Node, Form Trigger/Chat Trigger Nodes)
  • Hitachi Ops Center Administrator, Infrastructure Analytics Advisor, and Ops Center Analyzer (Linux)
  • ISC BIND 9 and BIND Supported Preview Edition
  • Cisco Catalyst Switches (9300, 9200, 9000, ESS9300, IE9310, IE9320, IE3500, IE3505, CW9800 series)
  • Cisco IOS and IOS XE Software
  • Cisco Secure Firewall ASA and FTD Software
  • Cisco Meraki MS390 and Catalyst SD-WAN Manager

Vulnerabilities (CVEs)

  • CVE-2026-1166
  • CVE-2026-2072
  • CVE-2026-1519
  • CVE-2026-3104
  • CVE-2026-3119
  • CVE-2026-3591

Attack Chain

The provided text is a compilation of security advisories and does not detail a specific attack chain. It lists vulnerabilities in various software products that could potentially be exploited if left unpatched, such as open redirects in Hitachi products and ACL bypasses or denial of service conditions in ISC BIND.

Detection Availability

  • YARA Rules: No
  • Sigma Rules: No
  • Snort/Suricata Rules: No
  • KQL Queries: No
  • Splunk SPL Queries: No
  • EQL Queries: No
  • Other Detection Logic: No

No specific detection rules or queries are provided in the advisory digest.

Detection Engineering Assessment

EDR Visibility: None — The article is a patch advisory digest and does not contain behavioral indicators or malware execution details. Network Visibility: Low — While some vulnerabilities (like BIND DNS flaws) occur over the network, no specific network signatures or traffic patterns are provided in the text. Detection Difficulty: Hard — Detecting exploitation of these vulnerabilities requires specific signatures for each CVE, which are not provided in the summary text.

Required Log Sources

  • Vulnerability Management Scans
  • Asset Inventory

Hunting Hypotheses

HypothesisTelemetryATT&CK StageFP Risk
Threat actors may attempt to exploit the newly disclosed ISC BIND vulnerabilities to cause denial of service or bypass ACLs.DNS server logs, network traffic analysisInitial AccessLow

Control Gaps

  • Patch Management

False Positive Assessment

  • Low

Recommendations

Immediate Mitigation

  • Review the provided advisory links for GitLab, Node.js, n8n, Hitachi, ISC BIND, and Cisco.
  • Apply the necessary security updates to affected products immediately.

Infrastructure Hardening

  • Ensure vulnerability management programs are tracking the newly announced CVEs.
  • Implement network segmentation to limit the blast radius of potentially vulnerable appliances like Cisco switches and BIND servers.

User Protection

  • N/A

Security Awareness

  • Inform IT and security operations teams of the new advisories to prioritize patching efforts.

MITRE ATT&CK Mapping

  • T1190 - Exploit Public-Facing Application

Related