Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore

Alerts & Advisories

Provides alerts and advisories on emerging cyber threats, vulnerabilities, and preventive measures to help individuals and organisations stay secure online.

1171 articles

19 June 2026

Multiple Vulnerabilities in Cisco Identity Services Engine

Attackers can exploit multiple vulnerabilities in Cisco Identity Services Engine to execute arbitrary commands on the underlying operating system and disclose sensitive information. Patch immediately.

Alerts

19 June 2026

High-Severity Vulnerabilities in NGINX

Attackers can exploit high-severity vulnerabilities in NGINX to cause worker process crashes and, under certain conditions, achieve remote code execution. Patch immediately.

Alerts

18 June 2026

Multiple Vulnerabilities in Oracle Solaris

Attackers can exploit multiple vulnerabilities in Oracle Solaris to compromise affected systems, gain unauthorised access to critical data and cause denial of service. Patch immediately.

Alerts

17 June 2026

Critical Vulnerabilities in MariaDB Community Server

Attackers can exploit critical vulnerabilities in MariaDB Community Server to execute arbitrary shell commands on the affected system. Patch immediately.

Alerts

16 June 2026

Vulnerability in Cisco Catalyst SD-WAN Manager

Attackers are exploiting a vulnerability in Cisco Catalyst SD-WAN Manager to overwrite files on the underlying filesystem and escalate privileges to root. Patch immediately.

Alerts

16 June 2026

Multiple Vulnerabilities in GitLab Products

Attackers can exploit multiple high-severity vulnerabilities in GitLab to achieve account takeover, cause denial of service, add unauthorised email addresses and execute arbitrary client-side code. Patch immediately.

Alerts

12 June 2026

Critical Vulnerabilities in SAP NetWeaver and SAP Commerce Cloud

Attackers can exploit critical vulnerabilities in SAP NetWeaver and SAP Commerce Cloud to gain unauthorised access and compromise affected systems. Users and administrators are advised to patch immediately.

Alerts

12 June 2026

Critical Vulnerabilities in Ivanti Sentry

Attackers can exploit OS command injection (CVE-2026-10520) and authentication bypass (CVE-2026-10523) vulnerabilities in Ivanti Sentry to execute commands as root, create unauthorised administrative accounts, and gain full system administrative control without authentication. Patch immediately.

Alerts

12 June 2026

Critical Vulnerability in Fortinet FortiSandbox

Attackers can exploit a critical vulnerability in Fortinet FortiSandbox via HTTP requests to execute unauthorised commands on the affected system. Patch immediately.

Alerts

12 June 2026

Critical Vulnerability in Oracle PeopleSoft Enterprise PeopleTools

Oracle has released security updates to address a critical vulnerability in Oracle PeopleSoft Enterprise PeopleTools that could allow unauthenticated attackers to perform remote code execution and fully compromise the affected system. Patch immediately.

Alerts