MSRC Reports
@msrcreports
61 subscribers
2.97K links
Microsoft Security Response Center Reports
(Unofficial).

Reports usually come in bursts, because that's just how Microsoft releases them.
Download Telegram
About
Blog
Apps
Platform
Join
MSRC Reports
61 subscribers
MSRC Reports
CVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability

Changes made to the security updates links and information. This is an informational change only.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21257
11 views
MSRC Reports
CVE-2026-25172 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

The hotpatch has been re‑released to ensure comprehensive coverage across all affected scenarios. Customers are advised to apply the updated release to ensure full protection.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25172
12 views
MSRC Reports
CVE-2026-25173 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

The hotpatch has been re‑released to ensure comprehensive coverage across all affected scenarios. Customers are advised to apply the updated release to ensure full protection.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25173
10 views
MSRC Reports
CVE-2026-26111 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

The hotpatch has been re‑released to ensure comprehensive coverage across all affected scenarios. Customers are advised to apply the updated release to ensure full protection.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26111
12 views
MSRC Reports
Chromium: CVE-2026-3930 Unsafe navigation in Navigation

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3930
10 views
MSRC Reports
CVE-2026-0385 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0385
7 views
MSRC Reports
Chromium: CVE-2026-3913 Heap buffer overflow in WebML

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3913
7 views
MSRC Reports
Chromium: CVE-2026-3914 Integer overflow in WebML

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3914
6 views
MSRC Reports
Chromium: CVE-2026-3916 Out of bounds read in Web Speech

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3916
7 views
MSRC Reports
Chromium: CVE-2026-3917 Use after free in Agents

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3917
6 views
MSRC Reports
Chromium: CVE-2026-3918 Use after free in WebMCP

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3918
6 views
MSRC Reports
Chromium: CVE-2026-3919 Use after free in Extensions

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3919
6 views
MSRC Reports
Chromium: CVE-2026-3920 Out of bounds memory access in WebML

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3920
5 views
MSRC Reports
Chromium: CVE-2026-3921 Use after free in TextEncoding

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3921
6 views
MSRC Reports
Chromium: CVE-2026-3922 Use after free in MediaStream

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3922
6 views
MSRC Reports
Chromium: CVE-2026-3923 Use after free in WebMIDI

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3923
6 views
MSRC Reports
Chromium: CVE-2026-3924 Use after free in WindowDialog

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3924
6 views
MSRC Reports
Chromium: CVE-2026-3926 Out of bounds read in V8

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3926
5 views
MSRC Reports
Chromium: CVE-2026-3927 Incorrect security UI in PictureInPicture

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3927
6 views
MSRC Reports
Chromium: CVE-2026-3928 Insufficient policy enforcement in Extensions

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3928
6 views
MSRC Reports
Chromium: CVE-2026-3929 Side-channel information leakage in ResourceTiming

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3929
5 views