CVE-2026-43490 ksmbd: validate inherited ACE SID length

Microsoft Security

16 Mei 2026 om 10:05

Information published.

CVE-2026-46333 ptrace: slightly saner 'get_dumpable()' logic

Microsoft Security

16 Mei 2026 om 10:05

Information published.

CVE-2026-44662 rust-openssl: Heap buffer overflow when encrypting with AES key-wrap-with-padding

Microsoft Security

16 Mei 2026 om 10:05

Information published.

CVE-2026-44431 urllib3: Sensitive headers forwarded across origins in proxied low-level redirects

Microsoft Security

16 Mei 2026 om 10:05

Information published.

CVE-2026-42946 NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability

Microsoft Security

16 Mei 2026 om 10:05

Information published.

CVE-2026-42945 NGINX ngx_http_rewrite_module vulnerability

Microsoft Security

16 Mei 2026 om 10:05

Information published.

CVE-2026-42934 NGINX ngx_http_charset_module vulnerability

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-40701 NGINX ngx_http_ssl_module vulnerability

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-40460 NGINX ngx_quic_module vulnerability

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6479 PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6477 PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6637 PostgreSQL refint allows stack buffer overflow and SQL injection

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6472 PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6474 PostgreSQL timeofday() can disclose portions of server memory

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6475 PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6473 PostgreSQL server undersizes allocations, via integer wraparound

Microsoft Security

16 Mei 2026 om 10:04

Information published.

CVE-2026-6478 PostgreSQL discloses MD5-hashed passwords via covert timing channel

Microsoft Security

16 Mei 2026 om 10:03

Information published.

CVE-2026-44673 libyang: lyb_read_string() integer overflow → heap buffer overflow

Microsoft Security

16 Mei 2026 om 10:03

Information published.

CVE-2026-32161 Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability

Microsoft Security

15 Mei 2026 om 16:00

Updated Hotpatch links. This is in informational change only.

CVE-2026-32170 Windows Rich Text Edit Elevation of Privilege Vulnerability

Microsoft Security

15 Mei 2026 om 16:00

Updated Hotpatch links. This is in informational change only.

CVE-2026-21530 Windows Rich Text Edit Elevation of Privilege Vulnerability

Microsoft Security

15 Mei 2026 om 16:00

Updated Hotpatch links. This is in informational change only.

CVE-2026-40379 Azure Entra ID Spoofing Vulnerability

Microsoft Security

15 Mei 2026 om 16:00

Corrected CVE title. This is an informational change only.

CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net

Microsoft Security

15 Mei 2026 om 10:42

Information published.

CVE-2026-29181 OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)

Microsoft Security

15 Mei 2026 om 10:38

Information published.

CVE-2026-43968 CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1

Microsoft Security

15 Mei 2026 om 10:02

Information published.

CVE-2026-7790 Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS

Microsoft Security

15 Mei 2026 om 10:02

Information published.

CVE-2026-43969 Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1

Microsoft Security

15 Mei 2026 om 10:02

Information published.

CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection

Microsoft Security

15 Mei 2026 om 10:02

Information published.

CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command

Microsoft Security

15 Mei 2026 om 10:02

Information published.

Lees weergave