MSRC Reports – Telegram

MSRC Reports

61 subscribers

2.97K links

Microsoft Security Response Center Reports
(Unofficial).

Reports usually come in bursts, because that's just how Microsoft releases them.

Download Telegram

About

Blog

Apps

Platform

CVE-2026-22998 nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-22998

11 views10:09

CVE-2026-22997 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-22997

10 views10:09

CVE-2026-22996 net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-22996

10 views10:10

CVE-2026-28420 Vim has Heap-based Buffer Overflow and OOB Read in :terminal

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28420

10 views08:09

CVE-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27969

11 views08:09

CVE-2026-28422 Vim has stack-buffer-overflow in build_stl_str_hl()

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28422

12 views08:09

CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28419

12 views08:09

CVE-2026-28418 Vim has Heap-based Buffer Overflow in Emacs tags parsing

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28418

14 views08:09

CVE-2026-28421 Vim has a heap-buffer-overflow and a segmentation fault

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28421

14 views08:09

CVE-2026-28417 Vim has OS Command Injection in netrw

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28417

15 views08:09

CVE-2023-45231 Out-of-Bounds Read in EDK II Network Package

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-45231

13 views09:09

CVE-2023-45229 Out-of-Bounds Read in EDK II Network Package

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-45229

14 views09:09

CVE-2024-38796 Integer overflow in PeCoffLoaderRelocateImage

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38796

14 views09:09

CVE-2022-4304 Timing Oracle in RSA Decryption

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4304

12 views09:09

CVE-2025-68817 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68817

10 views09:09

CVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71089

9 views09:09

CVE-2025-15079 libssh global known_hosts override

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-15079

9 views09:09

CVE-2025-15224 libssh key passphrase bypass without agent set

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-15224

8 views09:09

CVE-2025-11563 wcurl path traversal with percent-encoded slashes

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11563

8 views09:09

CVE-2025-61145 libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-61145

9 views09:09

CVE-2026-21620 TFTP Path Traversal

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21620

9 views09:09