Get Free Assessment

Security Advisories

Disclosures, vulnerability reports, and security guidance from the ISpectra security team.

Critical

High

Medium

Low

Critical ISPEC-ADV-2026-001

Critical SIEM agent authentication bypass vulnerability

Affects versions prior to 3.2.5. Requires immediate patching for all deployments.

SIEM April 15, 2026

Critical ISPEC-ADV-2026-002

Apache OpenSSL 1.1.1 End of Life Notice and upgrade guidance

OpenSSL 1.1.1 reached end of life September 11, 2023. Update to version 3.x immediately.

Infrastructure April 10, 2026

High ISPEC-ADV-2026-003

Log4Shell retrospective: Log4j 2.x security patches recommended

Ensure all Log4j deployments are on 2.17.0 or later. Patch within 30 days.

Application April 1, 2026

High ISPEC-ADV-2026-004

Cloud IAM misconfigurations: S3 bucket and RDS security controls

Review AWS IAM policies and ensure public access is properly restricted.

Cloud Security March 28, 2026

Medium ISPEC-ADV-2026-005

TLS 1.2 deprecation timeline and migration guidance

Prepare for TLS 1.3 enforcement. Plan upgrades over the next 18 months.

Network March 15, 2026

Low ISPEC-ADV-2026-006

Deprecated NPM package security notice

Several popular npm packages are deprecated. Review your dependencies and upgrade to maintained alternatives.

Development March 5, 2026

Responsible Disclosure

Found a Vulnerability?

Please report security vulnerabilities responsibly to our security team. We appreciate your help in keeping ISpectra and our customers secure.

security@ispectratechnologies.com

PGP Encryption

You can encrypt sensitive vulnerability reports using our public PGP key for maximum confidentiality.

Our Commitment

ISpectra follows responsible disclosure practices. We will acknowledge receipt of your report within 48 hours, investigate thoroughly, and keep you informed throughout the resolution process. We ask that you do not publicly disclose the vulnerability until we have released a patch.