CVE-2026-28420 Vim has Heap-based Buffer Overflow and OOB Read in :terminal
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28420
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28420
CVE-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27969
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27969
CVE-2026-28422 Vim has stack-buffer-overflow in build_stl_str_hl()
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28422
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28422
CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28419
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28419
CVE-2026-28418 Vim has Heap-based Buffer Overflow in Emacs tags parsing
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28418
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28418
CVE-2026-28421 Vim has a heap-buffer-overflow and a segmentation fault
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28421
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28421
CVE-2026-28417 Vim has OS Command Injection in netrw
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28417
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28417
CVE-2023-45231 Out-of-Bounds Read in EDK II Network Package
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-45231
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-45231
CVE-2023-45229 Out-of-Bounds Read in EDK II Network Package
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-45229
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-45229
CVE-2024-38796 Integer overflow in PeCoffLoaderRelocateImage
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38796
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38796
CVE-2022-4304 Timing Oracle in RSA Decryption
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4304
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4304
CVE-2025-68817 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68817
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68817
CVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71089
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71089
CVE-2025-15079 libssh global known_hosts override
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-15079
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-15079
CVE-2025-15224 libssh key passphrase bypass without agent set
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-15224
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-15224
CVE-2025-11563 wcurl path traversal with percent-encoded slashes
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11563
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11563
CVE-2025-61145 libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-61145
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-61145
CVE-2026-21620 TFTP Path Traversal
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21620
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21620
CVE-2026-1979 mruby JMPNOT-to-JMPIF Optimization vm.c mrb_vm_exec use after free
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-1979
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-1979
CVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62878
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62878
CVE-2026-27199 Werkzeug safe_join() allows Windows special device names
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27199
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27199