Log inCVE-2026-42898 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
13 Mei 2026 om 16:00
Updated the fixed version number. This is an informational change only.
Normale weergave
Vandaag ontvangen β 13 Mei 2026
β
Microsoft Security
-
Microsoft Security
- CVE-2026-42898 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
-
- CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
13 Mei 2026 om 16:00
Updated the fixed version number. This is an informational change only.
CVE-2026-44656 Vim: OS Command Injection via 'path' completion
13 Mei 2026 om 10:43
Information published.
CVE-2026-45130 Vim: Heap Buffer Overflow in spell file loading
13 Mei 2026 om 10:43
Information published.
CVE-2026-6666 PgBouncer crash in kill_pool_logins_server_error
13 Mei 2026 om 10:42
Information published.
CVE-2026-6667 PgBouncer missing authorization check in KILL_CLIENT admin command
13 Mei 2026 om 10:42
Information published.
CVE-2026-6665 PgBouncer buffer overflow in SCRAM
13 Mei 2026 om 10:42
Information published.
CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing
13 Mei 2026 om 10:42
Information published.
CVE-2026-35469 SpdyStream: DOS on CRI
13 Mei 2026 om 10:40
Information published.
CVE-2026-41636 Apache Thrift: Node.js skip() recursion
13 Mei 2026 om 10:40
Information published.
CVE-2026-41605 Apache Thrift: Swift Compact Protocol integer overflow
13 Mei 2026 om 10:40
Information published.
CVE-2026-41603 Apache Thrift: Java TSSLTransportFactory hostname verification
13 Mei 2026 om 10:40
Information published.
CVE-2026-41602 Apache Thrift: Go TFramedTransport uint32 overflow
13 Mei 2026 om 10:40
Information published.
-
- CVE-2025-48431 Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.
CVE-2025-48431 Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.
13 Mei 2026 om 10:39
Information published.
-
- CVE-2026-42151 Prometheus Azure AD remote write OAuth client secret exposed via config API
CVE-2026-42151 Prometheus Azure AD remote write OAuth client secret exposed via config API
13 Mei 2026 om 10:06
Information published.
-
- CVE-2026-42154 Prometheus: remote read endpoint allows denial of service via crafted snappy payload
CVE-2026-42154 Prometheus: remote read endpoint allows denial of service via crafted snappy payload
13 Mei 2026 om 10:05
Information published.
-
- CVE-2026-6210 Type confusion and heap-buffer-overflow in Qt SVG marker handling causing application crash
CVE-2026-6210 Type confusion and heap-buffer-overflow in Qt SVG marker handling causing application crash
13 Mei 2026 om 10:05
Information published.
CVE-2026-39817 Invoking "go tool pack" does not sanitize output paths in cmd/go
13 Mei 2026 om 10:05
Information published.
CVE-2026-33811 Crash when handling long CNAME response in net
13 Mei 2026 om 10:05
Information published.
-
- CVE-2026-8177 XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences
CVE-2026-8177 XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences
13 Mei 2026 om 10:05
Information published.
CVE-2026-42501 Malicious module proxy can bypass checksum database in cmd/go
13 Mei 2026 om 10:05
Information published.
-
- CVE-2026-39819 Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
CVE-2026-39819 Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
13 Mei 2026 om 10:05
Information published.
CVE-2026-39823 Bypass of meta content URL escaping causes XSS in html/template
13 Mei 2026 om 10:04
Information published.
CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail
13 Mei 2026 om 10:04
Information published.
CVE-2026-39826 Escaper bypass leads to XSS in html/template
13 Mei 2026 om 10:04
Information published.
-
- CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil
CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil
13 Mei 2026 om 10:04
Information published.
CVE-2026-42499 Quadratic string concatenation in consumePhrase in net/mail
13 Mei 2026 om 10:04
Information published.
-
- CVE-2026-39836 Panic in Dial and LookupPort when handling NUL byte on Windows in net
CVE-2026-39836 Panic in Dial and LookupPort when handling NUL byte on Windows in net
13 Mei 2026 om 10:04
Information published.
CVE-2026-45186
13 Mei 2026 om 10:03
Information published.
-
- CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
13 Mei 2026 om 10:03
Information published.
