Atlassian, GitLab, and Zoom released security updates this week addressing more than two dozen vulnerabilities across multiple products. Administrators are urged to apply these patches promptly to remediate critical and high-severity flaws, including CVE-2026-22844 and several third-party dependency issues. #Atlassian #Zoom
Keypoints
- Atlassian issued 32 security patches for Bamboo, Bitbucket, Confluence, Crowd, and Jira, many tied to third-party dependencies.
- Two critical Atlassian CVEs, CVE-2025-12383 and CVE-2025-66516, impact Eclipse Jersey and Apache Tika respectively.
- CVE-2026-21569 is an XXE flaw in Crowd Data Center and Server that can expose content to authenticated attackers.
- GitLab released CE/EE updates (18.8.2, 18.7.2, 18.6.4) fixing five vulnerabilities, including high-severity issues enabling DoS or 2FA bypasses.
- Zoom patched a critical command injection in Node MMRs (CVE-2026-22844, CVSS 9.9) that could allow remote code execution and provided updated MMR module versions.
Read More: https://www.securityweek.com/atlassian-gitlab-zoom-release-security-patches/