Ivanti Endpoint Manager Vulnerabilities

Microsoft Patch Tuesday
Microsoft released its regular monthly patch on Tuesday, addressing 57 flaws.
https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202025/32550
Adobe Patches
Adobe patched five products. The remote code execution in ColdFusion, as well as the code execution issue in Acrobat, will very likely see exploits soon.
https://helpx.adobe.com/security.html
Ivanti Endpoint Manager Patches
Ivanti patched four vulnerabilities in End Point Manager.
https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024?language=en_US
Fortinet FortiCloud SSO Vulnerability
Due to a cryptographic vulnerability, Forinet s FortiCloud SSO authentication is bypassable.
https://fortiguard.fortinet.com/psirt/FG-IR-25-647
ruby-saml vulnerability
Ruby fixed a vulnerability in ruby-saml. The issue is due to an incomplete patch for another vulnerability a few months ago.
https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-9v8j-x534-2fx3