MSRC Reports – Telegram

MSRC Reports

61 subscribers

3.01K links

Microsoft Security Response Center Reports
(Unofficial).

Reports usually come in bursts, because that's just how Microsoft releases them.

Download Telegram

About

Blog

Apps

Platform

CVE-2026-23942 SFTP root escape via component-agnostic prefix check in ssh_sftpd

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23942

10 views07:09

CVE-2026-32777

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32777

9 views07:09

CVE-2026-32778

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32778

8 views07:09

CVE-2026-32776

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32776

8 views07:09

CVE-2026-32249 NFA regex engine NULL pointer dereference affects Vim < 9.2.0137

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32249

9 views07:09

CVE-2025-69648

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69648

10 views07:09

CVE-2025-69647

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69647

11 views07:09

CVE-2026-23943 Pre-auth SSH DoS via unbounded zlib inflate

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23943

12 views07:09

CVE-2026-23941 Request smuggling via first-wins Content-Length parsing in inets httpd

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23941

12 views07:09

CVE-2026-32775

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32775

15 views07:09

CVE-2026-23069 vsock/virtio: fix potential underflow in virtio_transport_get_credit()

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23069

14 views08:09

CVE-2026-1703 Limited path traversal when installing wheel archives

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-1703

14 views08:09

CVE-2026-23066 rxrpc: Fix recvmsg() unconditional requeue

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23066

14 views08:09

CVE-2025-71239 audit: add fchmodat2() to change attributes class

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71239

12 views07:09

CVE-2026-23241 audit: add missing syscalls to read class

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23241

12 views07:09

CVE-2026-27459 pyOpenSSL DTLS cookie callback buffer overflow

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27459

6 views07:09

CVE-2026-27448 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27448

6 views07:09

CVE-2025-71265 fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71265

5 views07:09

CVE-2026-23247 tcp: secure_seq: add back ports to TS offset

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23247

5 views07:09

CVE-2026-23246 wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23246

4 views07:09

CVE-2026-23248 perf/core: Fix refcount bug and potential UAF in perf_mmap

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23248

4 views07:09