Log inCVE-2026-32161 Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability
15 Mei 2026 om 16:00
Updated Hotpatch links. This is in informational change only.
Normale weergave
Ontvangen β 15 Mei 2026
β
Microsoft Security
-
Microsoft Security
- CVE-2026-32161 Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability
CVE-2026-32170 Windows Rich Text Edit Elevation of Privilege Vulnerability
15 Mei 2026 om 16:00
Updated Hotpatch links. This is in informational change only.
CVE-2026-21530 Windows Rich Text Edit Elevation of Privilege Vulnerability
15 Mei 2026 om 16:00
Updated Hotpatch links. This is in informational change only.
CVE-2026-40379 Azure Entra ID Spoofing Vulnerability
15 Mei 2026 om 16:00
Corrected CVE title. This is an informational change only.
-
- CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
15 Mei 2026 om 10:42
Information published.
-
- CVE-2026-29181 OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)
CVE-2026-29181 OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)
15 Mei 2026 om 10:38
Information published.
-
- CVE-2026-43968 CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1
CVE-2026-43968 CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1
15 Mei 2026 om 10:02
Information published.
-
- CVE-2026-7790 Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS
CVE-2026-7790 Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS
15 Mei 2026 om 10:02
Information published.
-
- CVE-2026-43969 Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1
CVE-2026-43969 Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1
15 Mei 2026 om 10:02
Information published.
-
- CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection
CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection
15 Mei 2026 om 10:02
Information published.
-
- CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command
CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command
15 Mei 2026 om 10:02
Information published.
-
- CVE-2026-42011 Gnutls: gnutls: security bypass due to incorrect name constraint handling
CVE-2026-42011 Gnutls: gnutls: security bypass due to incorrect name constraint handling
15 Mei 2026 om 10:02
Information published.
-
- CVE-2026-42010 Gnutls: gnutls: authentication bypass via nul character in username
CVE-2026-42010 Gnutls: gnutls: authentication bypass via nul character in username
15 Mei 2026 om 10:02
Information published.
CVE-2026-4890 CVE-2026-4890
15 Mei 2026 om 10:02
Information published.
CVE-2026-4892 CVE-2026-4892
15 Mei 2026 om 10:01
Information published.
CVE-2026-5172 CVE-2026-5172
15 Mei 2026 om 10:01
Information published.
CVE-2026-2291 CVE-2026-2291
15 Mei 2026 om 10:01
Information published.
CVE-2026-4893 CVE-2026-4893
15 Mei 2026 om 10:01
Information published.
CVE-2026-4891 CVE-2026-4891
15 Mei 2026 om 10:01
Information published.
CVE-2026-8295 Integer overflow in simdjson
15 Mei 2026 om 10:01
Information published.
-
- CVE-2026-42304 Twisted: Denial of Service (DoS) in twisted.names via Crafted DNS Compression Pointer Chains
CVE-2026-42304 Twisted: Denial of Service (DoS) in twisted.names via Crafted DNS Compression Pointer Chains
15 Mei 2026 om 10:01
Information published.
Ontvangen β 14 Mei 2026
β
Microsoft Security
CVE-2026-32177 .NET Elevation of Privilege Vulnerability
14 Mei 2026 om 16:00
New .NET Framework Packages have been added
CVE-2026-35433 .NET Elevation of Privilege Vulnerability
14 Mei 2026 om 16:00
New .NET Framework Packages have been added
CVE-2026-42897 Microsoft Exchange Server Spoofing Vulnerability
14 Mei 2026 om 16:00
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-41615 Microsoft Authenticator Information Disclosure Vulnerability
14 Mei 2026 om 16:00
Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.
CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve
14 Mei 2026 om 10:42
Information published.
Ontvangen β 13 Mei 2026
β
Microsoft Security
-
- CVE-2026-42898 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
CVE-2026-42898 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
13 Mei 2026 om 16:00
Updated the fixed version number. This is an informational change only.
-
- CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
13 Mei 2026 om 16:00
Updated the fixed version number. This is an informational change only.
CVE-2026-44656 Vim: OS Command Injection via 'path' completion
13 Mei 2026 om 10:43
Information published.
CVE-2026-45130 Vim: Heap Buffer Overflow in spell file loading
13 Mei 2026 om 10:43
Information published.
