CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-22701
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-22701
CVE-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28364
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28364
CVE-2026-3494 MariaDB Server Audit Plugin Comment Handling Bypass
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3494
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3494
CVE-2025-14524 bearer token leak on cross-protocol redirect
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-14524
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-14524
CVE-2025-10966 missing SFTP host verification with wolfSSH
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10966
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10966
CVE-2026-27138 Panic in name constraint checking for malformed certificates in crypto/x509
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27138
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27138
CVE-2026-27137 Incorrect enforcement of email constraints in crypto/x509
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27137
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27137
CVE-2025-69644 An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless output until manually interrupted. This issue affects versions prior to the upstream fix and allows a local attacker to cause excessive resource consumption by supplying a malicious input file.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69644
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69644
CVE-2025-69651 GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain partially uninitialized. Later, process_got_section_contents() may attempt to free an invalid r_symbol pointer, triggering memory corruption checks in glibc and causing the program to terminate with SIGABRT. No evidence of further memory corruption or code execution was observed; the impact is limited to denial of service.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69651
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69651
CVE-2025-69650 GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array. As a result, process_got_section_contents() may pass an uninitialized r_symbol pointer to free(), leading to a double free and terminating the program with SIGABRT. No evidence of exploitable memory corruption or code execution was observed; the impact is limited to denial of service.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69650
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69650
CVE-2026-29786 node-tar: Hardlink Path Traversal via Drive-Relative Linkpath
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-29786
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-29786
CVE-2024-14027 xattr: switch to CLASS(fd)
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-14027
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-14027
CVE-2026-27139 FileInfo can escape from a Root in os
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27139
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27139
CVE-2026-3713 pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3713
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3713
CVE-2026-3494 MariaDB Server Audit Plugin Comment Handling Bypass
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3494
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3494
CVE-2026-23865 An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23865
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23865
CVE-2026-27142 URLs in meta content attribute actions are not escaped in html/template
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27142
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27142
CVE-2025-69649 GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69649
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69649
CVE-2025-69645 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69645
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69645
CVE-2025-69652 GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69652
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69652
CVE-2025-69646 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69646
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69646