Log inCVE-2026-45495 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
26 Mei 2026 om 16:00
CWE added. Informational change only.
Normale weergave
Ontvangen β 26 Mei 2026
β
Microsoft Security
-
Microsoft Security
- CVE-2026-45495 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2026-45498 Microsoft Defender Denial of Service Vulnerability
26 Mei 2026 om 16:00
CWE added. Informational change only.
CVE-2026-41091 Microsoft Defender Elevation of Privilege Vulnerability
26 Mei 2026 om 16:00
In the Security Updates table, added links to the Release Notes. This is an informational change only.
CVE-2026-45584 Microsoft Defender Remote Code Execution Vulnerability
26 Mei 2026 om 16:00
In the Security Updates table, added links to the Release Notes. This is an informational change only.
CVE-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF
26 Mei 2026 om 10:41
Information published.
-
- CVE-2025-1176 GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow
CVE-2025-1176 GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow
26 Mei 2026 om 10:39
Information published.
CVE-2025-1178 GNU Binutils ld libbfd.c bfd_putl64 memory corruption
26 Mei 2026 om 10:39
Information published.
CVE-2025-3198 GNU Binutils objdump bucomm.c display_info memory leak
26 Mei 2026 om 10:38
Information published.
-
- CVE-2026-44283 etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks
CVE-2026-44283 etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks
26 Mei 2026 om 10:38
Information published.
-
- CVE-2026-43968 CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1
CVE-2026-43968 CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1
26 Mei 2026 om 10:38
Information published.
-
- CVE-2026-7790 Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS
CVE-2026-7790 Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS
26 Mei 2026 om 10:38
Information published.
-
- CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
26 Mei 2026 om 10:38
Information published.
Ontvangen β 25 Mei 2026
β
Microsoft Security
CVE-2026-43029 mptcp: fix soft lockup in mptcp_recvmsg()
25 Mei 2026 om 10:01
Information published.
CVE-2026-43414 scsi: qla2xxx: Completely fix fcport double free
25 Mei 2026 om 10:01
Information published.
Ontvangen β 24 Mei 2026
β
Microsoft Security
-
- CVE-2026-41054 Missing exit out of permission check in haveged could lead to root exploit
CVE-2026-41054 Missing exit out of permission check in haveged could lead to root exploit
24 Mei 2026 om 10:42
Information published.
Ontvangen β 23 Mei 2026
β
Microsoft Security
-
- CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"
CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"
23 Mei 2026 om 10:44
Information published.
CVE-2025-68768 inet: frags: flush pending skbs in fqdir_pre_exit()
23 Mei 2026 om 10:42
Information published.
-
- CVE-2025-51480 Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.
CVE-2025-51480 Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.
23 Mei 2026 om 10:40
Information published.
CVE-2025-38096 wifi: iwlwifi: don't warn when if there is a FW error
23 Mei 2026 om 10:40
Information published.
CVE-2025-38140 dm: limit swapping tables for devices with zone write plugs
23 Mei 2026 om 10:40
Information published.
-
- CVE-2026-41035 In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable.
CVE-2026-41035 In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable.
23 Mei 2026 om 10:39
Information published.
CVE-2026-43619 Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls
23 Mei 2026 om 10:44
Information published.
-
- CVE-2026-44673 libyang: lyb_read_string() integer overflow β heap buffer overflow
CVE-2026-44673 libyang: lyb_read_string() integer overflow β heap buffer overflow
23 Mei 2026 om 10:44
Information published.
-
- CVE-2026-44390 Unbounded name compression in certain cases causes degradation of service
CVE-2026-44390 Unbounded name compression in certain cases causes degradation of service
23 Mei 2026 om 10:40
Information published.
CVE-2026-42944 Heap overflow with multiple NSID, COOKIE, PADDING EDNS options
23 Mei 2026 om 10:40
Information published.
CVE-2026-42923 Degradation of service with unbounded NSEC3 hash calculations
23 Mei 2026 om 10:40
Information published.
CVE-2026-40622 Another 'ghost domain names' attack variant
23 Mei 2026 om 10:40
Information published.
CVE-2026-42534 Jostle logic bypass degrades resolution performance
23 Mei 2026 om 10:40
Information published.
CVE-2026-41292 Long list of incoming EDNS options degrades performance
23 Mei 2026 om 10:39
Information published.
CVE-2026-33278 Possible arbitrary code execution during DNSSEC validation
23 Mei 2026 om 10:39
Information published.
