🚨 CVE-2026-6238
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory.
These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.
🎖@cveNotify
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory.
These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.
🎖@cveNotify
🚨 CVE-2026-42824
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.
🎖@cveNotify
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.
🎖@cveNotify
🚨 CVE-2026-42915
Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally.
🎖@cveNotify
Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally.
🎖@cveNotify
🚨 CVE-2026-44803
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-44812
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-44817
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-44818
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-44819
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-44820
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-44821
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
🎖@cveNotify
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
🎖@cveNotify
🚨 CVE-2026-44822
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
🎖@cveNotify
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
🎖@cveNotify
🚨 CVE-2026-44823
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-44824
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-45455
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
🎖@cveNotify
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
🎖@cveNotify
🚨 CVE-2026-45456
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-45457
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-45458
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-45459
Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
🎖@cveNotify
Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
🎖@cveNotify
🚨 CVE-2026-45460
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
🎖@cveNotify
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
🎖@cveNotify
🚨 CVE-2026-45461
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
🎖@cveNotify
🚨 CVE-2026-45466
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
🎖@cveNotify
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
🎖@cveNotify