The Canadian Centre for Cyber Security issued advisories regarding a critical RCE vulnerability in PTC Windchill and FlexPLM, and an actively exploited critical vulnerability (CVE-2026-33634) that temporarily compromised the Aqua Security Trivy ecosystem supply chain.