Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9748021 by security tracker role at 2026-07-15T07:14:20+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,57 +1,57 @@
CVE-2026-9770 (Kasa EC71 v4 and EC70 v4 firmware contains a static
cryptographic priv ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-9653 (A denial-of-service security issue exists across all the
1756-EN2, EN3 ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-9636 (A security issue exists within CompactLogix\xae 5380,
ControlLogix\xae ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-9561 (Eclipse Kura versions prior to 5.6.2 trust the client-supplied
X-Forwa ...)
TODO: check
CVE-2026-9341 (The Academy LMS \u2013 WordPress LMS Plugin for Complete
eLearning Sol ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-9292 (A Stored Cross-Site Scripting security issue exists within
FactoryTalk ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-9140 (A denial-of-service security issue exists in the1719-AENTR. The
securi ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-9128 (A code execution security issue exists withinStudio 5000 Logix
Designe ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-9127 (A remote code execution security issue exists withinStudio 5000
Logix ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-9108 (A path traversal security issue exists withinStudio 5000 Logix
Designe ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-8920 (Improper Restriction of Communication Channel to Intended
Endpoints an ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2026-8919 (Permissive Cross-domain Security Policy with Untrusted Domains
in ASUS ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2026-8590 (Vulnerability in Spotfire Spotfire Enterprise (Spotfire Server
modules ...)
TODO: check
CVE-2026-8384 (In Eclipse Jetty, an HTTP URI of this form:
/public;/../admin/sec ...)
TODO: check
CVE-2026-8314 (A security issue exists within Arena\xae Simulation due to a
memory co ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-8313 (A security issue exists within Arena\xae Simulation due to a
memory co ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-8312 (A security issue exists within Arena\xae Simulation due to a
memory co ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-8085 (A security issue exists within Arena\xae Simulation due to a
memory co ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-7494 (Nexus Repository 3 is vulnerable to Server-Side Request Forgery
(SSRF) ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2026-6851 (An Improper link resolution before file access ('link
following') vuln ...)
- TODO: check
+ NOT-FOR-US: Bitdefender
CVE-2026-6790 (In Eclipse Jetty, for HTTP/1, HTTP/2 and HTTP/3 requests, there
is no ...)
TODO: check
CVE-2026-62659 (A security flaw was discovered in the NETGEAR WAX333 Access
Point that ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2026-62658 (A security flaw was discovered in certain NETGEAR Nighthawk
RAX series ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2026-62657 (A security flaw in the router's certificate validation process
was dis ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2026-62656 (A security flaw was found in certain NETGEAR RAX models that
could all ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2026-62655 (A security flaw was found in certain NETGEAR Orbi models that
could al ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2026-62422 (In JetBrains YouTrack before 2026.1.13757, 2025.3.148033,
2025.2.14804 ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2026-61520 (Simple Machines Forum 2.1 prior to commit 4bf35cf and 3.0
prior to com ...)
TODO: check
CVE-2026-60119 (Hi.Events before 1.11.0 contains a cross-site scripting
vulnerability ...)
@@ -65,7 +65,7 @@ CVE-2026-5270 (An authentication bypass vulnerability exists
in certain releases
CVE-2026-5269 (In Ciena's Navigator Network Control Suite (NCS) and Manage
Control Pl ...)
TODO: check
CVE-2026-5040 (TP-Link Deco M5 v1 uses a weak password hashing mechanism to
store use ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-59891 (sigstore-js provides JavaScript libraries for interacting with
Sigstor ...)
TODO: check
CVE-2026-59889 (jackson-databind contains the general-purpose data-binding
functionali ...)
@@ -79,17 +79,17 @@ CVE-2026-59885 (pyasn1 is a generic ASN.1 library for
Python. Prior to 0.6.4, th
CVE-2026-59884 (pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4,
the BER ...)
TODO: check
CVE-2026-59841 (A improper restriction of communication channel to intended
endpoints ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2026-59840 (A buffer over-read vulnerability in Fortinet FortiOS 7.6.0
through 7.6 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2026-59839 (A improper limitation of a pathname to a restricted directory
('path t ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2026-59837 (A stack-based buffer overflow vulnerability in Fortinet
FortiOS 7.4.0 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2026-59836 (A improper certificate validation vulnerability in Fortinet
FortiClien ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2026-59835 (A exposure of resource to wrong sphere vulnerability in
Fortinet Forti ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2026-59733 (Rclone is a command-line program to sync files and directories
to and ...)
TODO: check
CVE-2026-59732 (Rclone is a command-line program to sync files and directories
to and ...)
@@ -117,103 +117,103 @@ CVE-2026-59084 (Insufficient Technical Documentation
vulnerability in Apache Tom
CVE-2026-59083 (Improper Handling of URL Encoding (Hex Encoding) vulnerability
in Apac ...)
TODO: check
CVE-2026-58647 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58644 (Deserialization of untrusted data in Microsoft Office
SharePoint allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58640 (Heap-based buffer overflow in Windows NTFS allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58638 (Missing cryptographic step in Windows Boot Loader allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58637 (Use after free in Windows Client-Side Caching (CSC) Service
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58636 (Improper link resolution before file access ('link following')
in Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58635 (Improper neutralization of special elements used in a command
('comman ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58634 (Use after free in Desktop Window Manager allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58633 (Use after free in Desktop Window Manager allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58632 (Use after free in Windows Win32K allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58631 (Improper authorization in Windows Admin Center allows an
authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58629 (Use after free in Windows DirectX allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58628 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58627 (Uncontrolled resource consumption in Windows DHCP Server
allows an una ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58626 (Use after free in Windows Remote Desktop Services allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58619 (Use after free in Windows Sensor Data Service allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58618 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58617 (Improper access control in Microsoft 365 Copilot for iOS
allows an una ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58614 (Out-of-bounds read in Windows Kernel allows an authorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58613 (Use after free in Windows Cloud Files Mini Filter Driver
allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58610 (Heap-based buffer overflow in Microsoft Windows Media
Foundation allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58609 (Out-of-bounds read in Microsoft Graphics Component allows an
unauthori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58608 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58602 (Use after free in Windows Kernel Mode Driver allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58601 (Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport
Driver ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58595 (Improper restriction of rendered ui layers or frames in
Microsoft Bing ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58594 (Integer overflow or wraparound in Windows RDP allows an
unauthorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58547 (Heap-based buffer overflow in Universal Plug and Play
(upnp.dll) allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58546 (Use of uninitialized resource in Windows RDP allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58545 (Improper access control in Windows Kernel allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58544 (Use after free in Windows Management Services allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58543 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58542 (Heap-based buffer overflow in Windows Media allows an
unauthorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58541 (Access of resource using incompatible type ('type confusion')
in Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58540 (Improper authorization in Windows Installer allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58539 (Out-of-bounds read in Windows RDP allows an unauthorized
attacker to d ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58538 (Heap-based buffer overflow in Windows Bluetooth Service allows
an auth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58537 (Use after free in Microsoft NAT Helper Components
(ipnathlp.dll) allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58536 (Use after free in Windows Cloud Files Mini Filter Driver
allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58535 (Use of uninitialized resource in Windows RDP allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58534 (Heap-based buffer overflow in Microsoft Input Method Editor
(IME) allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58533 (Use of uninitialized resource in Windows RDP allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58532 (Integer overflow or wraparound in Windows Kernel allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58531 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58530 (Heap-based buffer overflow in Windows Resilient File System
(ReFS) all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58529 (Out-of-bounds read in Active Directory Federation Services (AD
FS) all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58528 (Out-of-bounds read in Windows USB Audio Class driver
(usbaudio.sys) al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58527 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58526 (Use after free in Windows Storage allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58479 (Sustainable Irrigation Platform (SIP) through version 5.2.16
contains ...)
TODO: check
CVE-2026-58478 (Sustainable Irrigation Platform (SIP) through version 5.2.16
contains ...)
@@ -227,395 +227,395 @@ CVE-2026-58475 (Sustainable Irrigation Platform (SIP)
through version 5.2.16 con
CVE-2026-58461
REJECTED
CVE-2026-58279 (Missing authorization in Azure CycleCloud allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58277 (Improper authorization in Microsoft Office SharePoint allows
an author ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-58229 (Allocation of resources without limits vulnerability in
elixir-mint mi ...)
TODO: check
CVE-2026-57982 (Use of uninitialized resource in Windows RDP allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57979 (Out-of-bounds read in Windows RDP allows an unauthorized
attacker to d ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57976 (Null pointer dereference in Active Directory Domain Services
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57973 (Time-of-check time-of-use (toctou) race condition in Windows
Subsystem ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57969 (Missing authentication for critical function in Azure
CycleCloud allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57968 (Buffer over-read in Windows Subsystem for Linux allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57898 (In Eclipse BaSyx Java Server SDK versions 2.0.0-milestone-05
to 2.0.0- ...)
TODO: check
CVE-2026-57108 (Access of resource using incompatible type ('type confusion')
in .NET ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57107 (Improper authentication in Windows Admin Center allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57102 (Inclusion of functionality from untrusted control sphere in
Visual Stu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57101 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57097 (Untrusted search path in Microsoft XML allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57096 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57095 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57094 (Heap-based buffer overflow in Microsoft Windows Media
Foundation allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57093 (Use after free in Windows Ancillary Function Driver for
WinSock allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57092 (Use after free in Windows VMSwitch allows an authorized
attacker to el ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57091 (Stack-based buffer overflow in Windows File History Service
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57090 (Heap-based buffer overflow in Microsoft Windows Media
Foundation allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57089 (Use after free in Windows SMB Server Network Transport Driver
(srvnet. ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57088 (Improper access control in Extensible Storage Engine (ESENT)
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57087 (Heap-based buffer overflow in Microsoft Windows Media
Foundation allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57085 (Out-of-bounds read in Windows Print Spooler Components allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57084 (Use of uninitialized resource in Windows File Explorer allows
an unaut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-57083 (Use of uninitialized resource in Microsoft Windows Codecs
Library allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56650 (Heap-based buffer overflow in Windows Network File System
allows an au ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56649 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56648 (Time-of-check time-of-use (toctou) race condition in Windows
Network F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56647 (Integer overflow or wraparound in Windows Remote Access
Service Infras ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56644 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56643 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56642 (Stack-based buffer overflow in Microsoft Fabric Data Warehouse
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56451 (A vulnerability has been identified in Opcenter X (All
versions < V260 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2026-56197 (Improper neutralization of special elements used in a command
('comman ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56196 (Relative path traversal in Windows Admin Center allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56195 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56194 (Heap-based buffer overflow in Windows Network File System
allows an au ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56193 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56192 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56190 (Use of uninitialized resource in Windows RDP allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56189 (Heap-based buffer overflow in Microsoft Windows Media
Foundation allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56188 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56187 (Use after free in Windows MIDI Service Module allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56186 (Out-of-bounds read in Windows Schannel allows an authorized
attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56185 (Improper authentication in Windows Admin Center allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56184 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56183 (Use after free in Windows MIDI Service Module allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56182 (Integer overflow or wraparound in Windows NTFS allows an
authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56181 (Origin validation error in Windows Network Address Translation
(NAT) a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56178 (Time-of-check time-of-use (toctou) race condition in Microsoft
Defende ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56176 (Out-of-bounds read in Windows Win32K - GRFX allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56175 (Heap-based buffer overflow in Windows NTFS allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56173 (Use after free in Windows WebView allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56170 (Allocation of resources without limits or throttling in
ASP.NET Core a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56169 (Improper authentication in Windows Admin Center allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56168 (Null pointer dereference in Windows SMB Server allows an
authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56164 (Missing authentication for critical function in Microsoft
Office Share ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56159 (Heap-based buffer overflow in Windows DHCP Server allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56157 (Improper access control in Microsoft Office SharePoint allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56156 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-56155 (Insufficient granularity of access control in Active Directory
Federat ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55954 (Authentication Bypass by Spoofing vulnerability in ueberauth
ueberauth ...)
TODO: check
CVE-2026-55949 (Use of uninitialized resource in Microsoft Office Excel allows
an unau ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55948 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55947 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55944 (Deserialization of untrusted data in Microsoft Dynamics NAV
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55899 (Stack-based buffer overflow in Microsoft Office Excel allows
an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55898 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55651 (Easy!Appointments is a self hosted appointment scheduler. In
version 1 ...)
TODO: check
CVE-2026-55145 (Improper neutralization of special elements used in a command
('comman ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55144 (Missing cryptographic step in Windows CryptoAPI allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55142 (Numeric truncation error in Microsoft Office Word allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55141 (Stack-based buffer overflow in Microsoft Office Excel allows
an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55140 (Heap-based buffer overflow in Microsoft Office allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55139 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55138 (Untrusted pointer dereference in Microsoft Office Excel allows
an unau ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55137 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55136 (Untrusted pointer dereference in Microsoft Office Excel allows
an unau ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55135 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55134 (Stack-based buffer overflow in Microsoft Office Word allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55133 (Heap-based buffer overflow in Microsoft Office OneNote allows
an unaut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55132 (Double free in Microsoft Office Word allows an unauthorized
attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55131 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55130 (Heap-based buffer overflow in Microsoft Office Word allows an
unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55129 (Heap-based buffer overflow in Microsoft Office allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55128 (Use after free in Microsoft Office Word allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55127 (Heap-based buffer overflow in Microsoft Office Word allows an
unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55126 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55125 (Heap-based buffer overflow in Microsoft Office allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55124 (Improper validation of specified type of input in Microsoft
Office Wor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55123 (Heap-based buffer overflow in Microsoft Office PowerPoint
allows an un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55122 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55121 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55120 (Heap-based buffer overflow in Microsoft Office PowerPoint
allows an un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55058 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55057 (Integer overflow or wraparound in Microsoft Office allows an
unauthori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55056 (Heap-based buffer overflow in Microsoft Office allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55055 (Stack-based buffer overflow in Microsoft Office Word allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55054 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55053 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55052 (Missing authorization in Microsoft Office SharePoint allows an
authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55051 (Server-side request forgery (ssrf) in Microsoft Office
SharePoint allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55050 (Out-of-bounds read in Microsoft Office Word allows an
unauthorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55049 (Heap-based buffer overflow in Microsoft Office allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55048 (Integer overflow or wraparound in Microsoft Office Excel
allows an una ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55047 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55046 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55045 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55044 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55043 (Heap-based buffer overflow in Microsoft Office PowerPoint
allows an un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55042 (Use of uninitialized resource in Microsoft Office allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55041 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55040 (Weak authentication in Microsoft Office SharePoint allows an
unauthori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55039 (Integer underflow (wrap or wraparound) in Microsoft Office
Excel allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55038 (Stack-based buffer overflow in Microsoft Office Word allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55037 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55036 (Buffer over-read in Microsoft Office Excel allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55035 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55034 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55033 (Integer overflow or wraparound in Microsoft Office Word allows
an unau ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55032 (Use after free in Microsoft Office Word allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55031 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55030 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55029 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55028 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55027 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55026 (Integer overflow or wraparound in Microsoft Office allows an
unauthori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55025 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55024 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55023 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55022 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55021 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55020 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55019 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55018 (Use after free in Microsoft Office allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55017 (Heap-based buffer overflow in Microsoft Office allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55016 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55014 (Improper access control in Windows Remote Help Defense allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55012 (Integer overflow or wraparound in Microsoft Defender allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55011 (Integer underflow (wrap or wraparound) in Microsoft Defender
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55010 (Heap-based buffer overflow in Minecraft Bedrock Dedicated
Server allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55009 (Deserialization of untrusted data in Microsoft Exchange Server
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55008 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55006 (Insufficient granularity of access control in Microsoft
Exchange Serve ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55005 (Heap-based buffer overflow in Microsoft Exchange Server allows
an auth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55004 (Double free in Microsoft Printer Drivers allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55003 (Use of uninitialized resource in Windows RDP allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55002 (External control of file name or path in SQL Server allows an
authoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55001 (Improper certificate validation in Windows Active Directory
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-55000 (Use after free in Windows USB Print Driver allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54999 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54997 (Use of uninitialized resource in Windows SMB allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54996 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54995 (Use after free in Reliable Multicast Transport Driver (RMCAST)
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54993 (Heap-based buffer overflow in Microsoft Windows Media
Foundation allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54992 (Heap-based buffer overflow in Windows Message Queuing Queue
Manager al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54991 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54990 (Heap-based buffer overflow in Remote Desktop Client allows an
unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54989 (Use after free in Quality Windows Audio/Video Experience
(QWAVE) servi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54988 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54987 (Heap-based buffer overflow in Windows Overlay Filter allows an
authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54986 (Heap-based buffer overflow in Windows Win32K allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54983 (Stack-based buffer overflow in Active Directory Federation
Services (A ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54982 (Integer underflow (wrap or wraparound) in Reliable Multicast
Transport ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54684 (jadx is a Dex to Java decompiler. From 1.5.2 to 1.5.5, a
malicious .xa ...)
TODO: check
CVE-2026-54572 (Rclone is a command-line program to sync files and directories
to and ...)
TODO: check
CVE-2026-54429 (A vulnerability has been identified in SIMATIC S7-PLCSIM
Advanced (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2026-54132 (Heap-based buffer overflow in Windows Kernel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54131 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54129 (Use after free in Windows Hyper-V allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54128 (Use after free in Windows DHCP Client allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54127 (Use after free in Windows Hyper-V allows an unauthorized
attacker to e ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54126 (Out-of-bounds read in Windows RDP allows an unauthorized
attacker to d ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54125 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54124 (Integer overflow or wraparound in Windows Terminal allows an
unauthori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54122 (Heap-based buffer overflow in Windows GDI+ allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54121 (Improper authorization in Active Directory Certificate
Services (AD CS ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54119 (Loop with unreachable exit condition ('infinite loop') in
Windows Acti ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54118 (Deserialization of untrusted data in SQL Server allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54117 (Deserialization of untrusted data in SQL Server allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54116 (Access of resource using incompatible type ('type confusion')
in SQL S ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54115 (Integer overflow or wraparound in Windows Active Directory
allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54114 (Use after free in Windows Win32K allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54112 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54111 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54109 (Integer overflow or wraparound in Windows Resilient File
System (ReFS) ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54108 (External control of file name or path in Microsoft Office
SharePoint a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54107 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-54058 (Pillow is a Python imaging library. Prior to 12.3.0, when
Pillow loads ...)
TODO: check
CVE-2026-53633 (Vitest is a testing framework powered by Vite. From 3.0.0
until 3.2.5, ...)
TODO: check
CVE-2026-53566 (Out-of-bounds read vulnerability in Citrix Citrix Secure
Access Client ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2026-53565 (Improper Privilege Management vulnerability in Citrix Secure
Access Cl ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2026-53486 (The decompress package for Node.js extracts archives. Prior to
10.2.1 ...)
TODO: check
CVE-2026-52841 (Easy!Appointments is a self hosted appointment scheduler. In
versions ...)
@@ -639,529 +639,529 @@ CVE-2026-51807 (Buffer Overflow vulnerability in
OpenHTJ2K v.0.18.4 and before a
CVE-2026-51105 (Buffer Overflow vulnerability in aMULE-Project aMule v.2.3.3
allows a ...)
TODO: check
CVE-2026-50697 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50696 (Heap-based buffer overflow in Windows Internet Key Exchange
(IKE) Prot ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50695 (Stack-based buffer overflow in Active Directory Federation
Services al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50694 (Use after free in Windows Secure Socket Tunneling Protocol
(SSTP) allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50692 (Heap-based buffer overflow in Desktop Window Manager allows an
authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50690 (Use of uninitialized resource in Windows SMB allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50689 (Use after free in Windows Clipboard Server allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50688 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50687 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50686 (Access of resource using incompatible type ('type confusion')
in Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50685 (Double free in Windows DHCP Server allows an authorized
attacker to ex ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50684 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50683 (Heap-based buffer overflow in Windows DHCP Server allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50682 (Out-of-bounds read in Windows Active Directory allows an
authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50681 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50680 (Heap-based buffer overflow in Windows Hyper-V allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50679 (Heap-based buffer overflow in Microsoft Windows Search
Component allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50678 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50677 (Use after free in Windows Media allows an authorized attacker
to eleva ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50676 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50675 (Heap-based buffer overflow in Microsoft Office Excel allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50674 (Use after free in Windows USB Print Driver allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50673 (Null pointer dereference in Windows Kernel allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50672 (Use after free in Windows NTFS allows an authorized attacker
to elevat ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50670 (Out-of-bounds read in Windows Kernel allows an authorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50669 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50668 (Heap-based buffer overflow in Windows NTFS allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50667 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50666 (Use after free in Windows Remote Access Connection Manager
allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50665 (Out-of-bounds read in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50663 (Relative path traversal in Age of Empires II: Definitive
Edition Game ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50661 (Protection mechanism failure in Windows BitLocker allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50659 (Improper encoding or escaping of output in .NET allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50658 (Time-of-check time-of-use (toctou) race condition in Microsoft
Defende ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50657 (Exposure of private personal information to an unauthorized
actor in M ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50655 (Heap-based buffer overflow in Windows Media allows an
unauthorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50653 (Loop with unreachable exit condition ('infinite loop') in
Azure Active ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50652 (Deserialization of untrusted data in Azure Active Directory
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50651 (Allocation of resources without limits or throttling in .NET
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50650 (Improper control of generation of code ('code injection') in
.NET Fram ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50649 (Deserialization of untrusted data in .NET allows an
unauthorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50648 (Allocation of resources without limits or throttling in .NET
Framework ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50647 (Loop with unreachable exit condition ('infinite loop') in
Active Direc ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50646 (Protection mechanism failure in .NET Framework allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50528 (Incorrect authorization in .NET allows an unauthorized
attacker to byp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50527 (Stack-based buffer overflow in .NET Framework allows an
unauthorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50526 (Improper link resolution before file access ('link following')
in .NET ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50525 (Allocation of resources without limits or throttling in .NET
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50524 (Improper validation of specified type of input in .NET
Framework allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50522 (Deserialization of untrusted data in Microsoft Office
SharePoint allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50520 (Improper neutralization of special elements used in a command
('comman ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50518 (Heap-based buffer overflow in Windows DHCP Server allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50510 (Improper restriction of names for files and other resources in
Github ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50509 (Deserialization of untrusted data in Windows Wireless Wide
Area Networ ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50506 (Allocation of resources without limits or throttling in
ASP.NET Core a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50505 (Use after free in Windows Message Queuing allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50504 (Buffer over-read in Remote Desktop Client allows an
unauthorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50503 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50502 (Insufficient granularity of access control in Windows Event
Logging Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50501 (Stack-based buffer overflow in Windows Resilient File System
(ReFS) al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50500 (Use after free in Windows Netlogon allows an authorized
attacker to el ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50499 (Heap-based buffer overflow in Windows Print Spooler Components
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50498 (Windows Universal Disk Format File System Driver (UDFS)
Elevation of P ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50497 (Off-by-one error in Windows Remote Desktop Protocol allows an
unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50496 (Out-of-bounds read in Windows Network Policy Server SNMP
allows an una ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50495 (Improper access control in Microsoft Windows DNS allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50494 (Heap-based buffer overflow in Windows NTFS allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50493 (Use after free in Windows Graphics Kernel allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50492 (Heap-based buffer overflow in Windows Resilient File System
(ReFS) all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50491 (Out-of-bounds read in Code Integrity DLL (ci.dll) allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50490 (Use after free in Windows Installer allows an authorized
attacker to e ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50489 (Heap-based buffer overflow in Windows Win32K allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50488 (Improper neutralization of special elements used in a command
('comman ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50487 (Use after free in Microsoft Windows DNS allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50486 (Use after free in Windows Runtime allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50485 (Buffer over-read in Windows Hyper-V allows an authorized
attacker to d ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50484 (Heap-based buffer overflow in Windows Kernel allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50483 (Exposure of sensitive information to an unauthorized actor in
Microsof ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50482 (Heap-based buffer overflow in Windows NTFS allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50480 (Heap-based buffer overflow in Windows Web Proxy Auto-Discovery
Protoco ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50479 (Untrusted pointer dereference in Windows USB Hub Driver allows
an auth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50478 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50477 (Heap-based buffer overflow in Windows Kernel allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50476 (Use after free in Microsoft Windows allows an authorized
attacker to e ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50475 (Buffer over-read in Windows Kernel allows an authorized
attacker to di ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50474 (Use after free in Remote Desktop Client allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50473 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50471 (Heap-based buffer overflow in Windows NTFS allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50470 (Out-of-bounds read in Windows Network Policy Server SNMP
allows an una ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50469 (Improper link resolution before file access ('link following')
in Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50468 (Buffer over-read in SQL Server allows an authorized attacker
to disclo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50467 (Use after free in Microsoft Office allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50466 (Use after free in Windows Brokering File System allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50465 (Improper access control in Microsoft Windows DNS allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50463 (Out-of-bounds read in Windows Kernel allows an unauthorized
attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50462 (External control of file name or path in Windows Ancillary
Function Dr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50461 (Heap-based buffer overflow in Windows NTFS allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50460 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50459 (Use after free in Windows Kernel allows an unauthorized
attacker to el ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50458 (Use after free in Microsoft Brokering File System allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50457 (Use after free in Windows Runtime allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50456 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50455 (Use of uninitialized resource in Universal Plug and Play
(upnp.dll) al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50454 (Relative path traversal in Windows User Interface Core allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50453 (Out-of-bounds read in Windows USB Audio Class driver
(usbaudio.sys) al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50452 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50451 (Missing authentication for critical function in Windows
Routing and Re ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50450 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50449 (Use after free in Windows Runtime allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50448 (Heap-based buffer overflow in Windows NTFS allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50447 (Heap-based buffer overflow in Windows Message Queuing allows
an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50445 (Buffer over-read in Windows RDP allows an unauthorized
attacker to dis ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50444 (Missing authentication for critical function in Windows Server
Update ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50442 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50441 (Untrusted pointer dereference in Windows Resilient File System
(ReFS) ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50440 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50439 (Use after free in Microsoft Message Queuing Queue Manager
allows an un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50438 (Improper link resolution before file access ('link following')
in Micr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50437 (Out-of-bounds read in Windows DWM Core Library allows an
authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50436 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50435 (Buffer over-read in Windows Overlay Filter allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50434 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50433 (Use after free in Windows Media allows an authorized attacker
to eleva ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50432 (Use after free in Windows Virtual Filtering Platform (VFP)
allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50431 (Windows Quality of Service (QoS) Packet Scheduler Information
Disclosu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50430 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50429 (Out-of-bounds read in Windows Kernel allows an unauthorized
attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50428 (Out-of-bounds read in Windows Container Isolation FS Filter
Driver (un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50427 (Use after free in Content Delivery Manager allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50426 (Relative path traversal in DNS Server allows an authorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50425 (Use after free in Windows Internal System User Profile allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50424 (Untrusted pointer dereference in Windows Domain Controller
allows an u ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50423 (Improper access control in Windows Kernel allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50422 (Out-of-bounds read in Windows NTFS allows an authorized
attacker to el ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50421 (Access of resource using incompatible type ('type confusion')
in Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50420 (Out-of-bounds read in Windows HTTP.sys allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50419 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50418 (Improper access control in Windows System allows an
unauthorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50417 (Heap-based buffer overflow in Windows NTFS allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50416 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50415 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50414 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50413 (Use after free in Windows Runtime allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50412 (Stack-based buffer overflow in Windows NTFS allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50411 (Stack-based buffer overflow in Active Directory Federation
Services (A ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50410 (Use after free in Windows Runtime allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50409 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50408 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50407 (Heap-based buffer overflow in Windows Resilient File System
(ReFS) all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50406 (Use after free in Windows Backup Engine allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50405 (Insufficient granularity of access control in Windows
Filtering Platfo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50404 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50403 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50402 (Incorrect conversion between numeric types in Windows NTFS
allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50401 (Out-of-bounds read in Windows Cloud Files Mini Filter Driver
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50400 (Stack-based buffer overflow in Windows App Installer allows an
authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50399 (Out-of-bounds read in Windows Kernel allows an authorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50398 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50397 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50396 (Use after free in Windows Kernel-Mode Drivers allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50394 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50393 (Use after free in Windows Kernel-Mode Drivers allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50392 (Use after free in Windows Secure Kernel Mode allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50391 (Improper privilege management in Windows Group Policy allows
an author ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50390 (Access of resource using incompatible type ('type confusion')
in Windo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50389 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50388 (Out-of-bounds read in Windows NTFS allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50387 (Stack-based buffer overflow in Windows GDI allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50386 (Heap-based buffer overflow in Windows NTFS allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50385 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50384 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50383 (Buffer over-read in Windows Print Spooler Components allows an
authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50382 (Untrusted pointer dereference in Windows DirectX allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50381 (Access of resource using incompatible type ('type confusion')
in Compo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50380 (Heap-based buffer overflow in Windows GDI+ allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50379 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50378 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50377 (Out-of-bounds read in Windows Kernel allows an authorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50376 (Use of uninitialized resource in Windows RDP allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50375 (Heap-based buffer overflow in Windows DirectX allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50374 (Use after free in Windows Cloud Files Mini Filter Driver
allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50373 (Improper access control in Microsoft Windows Search Component
allows a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50372 (Buffer over-read in Windows Redirected Drive Buffering allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50371 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50370 (Heap-based buffer overflow in Windows DHCP Server allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50369 (Use after free in Windows Remote Desktop Services allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50368 (Stack-based buffer overflow in Active Directory Federation
Services al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50367 (Incorrect access of indexable resource ('range error') in
Windows Sens ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50366 (Null pointer dereference in Active Directory Domain Services
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50365 (Improper authentication in Windows RPC API allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50364 (Improper link resolution before file access ('link following')
in Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50363 (Heap-based buffer overflow in Windows Push Notifications
allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50362 (Heap-based buffer overflow in Windows Resilient File System
(ReFS) all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50361 (Double free in Microsoft Brokering File System allows an
authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50360 (Incorrect implementation of authentication algorithm in
Windows SMB Se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50359 (Use after free in Microsoft XML Core Services allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50358 (Use after free in Windows Media allows an authorized attacker
to eleva ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50357 (Numeric truncation error in Windows Resilient File System
(ReFS) allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50356 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50355 (Stack-based buffer overflow in Active Directory Federation
Services al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50354 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50353 (Use after free in Windows DirectX allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50352 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50351 (Improper access control in Windows Audio Compression Manager
(ACM) all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50350 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50348 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50347 (Heap-based buffer overflow in Windows Data dll allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50346 (Improper authorization in RPC Runtime allows an authorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50345 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50344 (Improper authorization in Windows OLE allows an authorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50343 (Improper privilege management in Microsoft Install Service
allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50342 (Improper access control in Windows MIDI Service Module allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50341 (Buffer over-read in Windows NTFS allows an authorized attacker
to disc ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50340 (Use after free in Windows Runtime allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50339 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50338 (Improper authentication in Azure Spring Apps allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50337 (Incorrect type conversion or cast in Windows Notification
allows an au ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50336 (Heap-based buffer overflow in Windows Media allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50335 (Improper access control in Windows Operating Systems allows an
authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50334 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50333 (Missing authentication for critical function in Windows
Spaceport.sys ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50332 (Heap-based buffer overflow in Windows Kernel allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50331 (Use after free in Windows Application Model allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50330 (Heap-based buffer overflow in Remote Desktop Client allows an
unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50329 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50328 (Uncaught exception in Windows Server Update Service allows an
unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50327 (Heap-based buffer overflow in Windows Media allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50326 (Use after free in Windows Unified Consent System allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50325 (Improper access control in Windows Win32K allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50324 (Loop with unreachable exit condition ('infinite loop') in
Active Direc ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50323 (Use after free in Windows Runtime allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50322 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50321 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50318 (Stack-based buffer overflow in Windows Resilient File System
(ReFS) al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50317 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50316 (Insertion of sensitive information into log file in Windows
Kernel all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50315 (Null pointer dereference in Windows Image Acquisition allows
an author ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50314 (Use after free in Microsoft Office allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50313 (Heap-based buffer overflow in Windows NTFS allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50312 (Use after free in Windows Ancillary Function Driver for
WinSock allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50311 (Improper access control in Windows Server allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50310 (Integer overflow or wraparound in Windows Devices Human
Interface allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50309 (Heap-based buffer overflow in Windows NTFS allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50308 (Integer underflow (wrap or wraparound) in Windows NTFS allows
an unaut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50307 (Use after free in Windows TCP/IP allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50306 (Use after free in Windows TCP/IP allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50305 (Use after free in Microsoft Brokering File System allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50304 (Stack-based buffer overflow in Active Directory Federation
Services al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50303 (Use of a cryptographic primitive with a risky implementation
in Window ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50302 (Improper certificate validation in Windows Cryptographic
Services allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50301 (Heap-based buffer overflow in Microsoft Office allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50300 (Integer underflow (wrap or wraparound) in Windows Kernel
allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50299 (Integer overflow or wraparound in Windows Storage Spaces
Direct allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50298 (Integer overflow or wraparound in Windows Spaceport.sys allows
an unau ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50297 (Improper access control in Windows Win32K allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50296 (Use after free in Graphics Kernel allows an authorized
attacker to ele ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50295 (Improper privilege management in Microsoft Windows DNS allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50294 (Exposure of sensitive system information to an unauthorized
control sp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50293 (Use after free in Windows Internal Task Bar allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-50130 (Pi-hole is a DNS sinkhole that protects devices from unwanted
content ...)
TODO: check
CVE-2026-4018 (TOCTOU Race Condition in specific trace commands of the
TraceEvent() s ...)
- TODO: check
+ NOT-FOR-US: Blackberry
CVE-2026-4017 (Buffer Overflow in the entry handler of the TraceEvent() system
call c ...)
- TODO: check
+ NOT-FOR-US: Blackberry
CVE-2026-49981 (Twig is a template language for PHP. Prior to 3.27.0, the
per-template ...)
TODO: check
CVE-2026-49978 (DOMPurify is a DOM-only cross-site scripting sanitizer for
HTML, MathM ...)
@@ -1173,53 +1173,53 @@ CVE-2026-49854 (Tornado is a Python web framework and
asynchronous networking li
CVE-2026-49853 (Tornado is a Python web framework and asynchronous networking
library. ...)
TODO: check
CVE-2026-49808 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49807 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49806 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49805 (Improper access control in Windows Win32K allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49804 (Heap-based buffer overflow in Windows USB Video Driver allows
an unaut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49803 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49802 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49801 (Use of uninitialized resource in Windows SMB allows an
authorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49800 (Integer overflow or wraparound in Windows Web Proxy
Auto-Discovery Pro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49799 (Uncontrolled resource consumption in Windows Local Security
Authority ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49798 (Use after free in Windows Kernel allows an unauthorized
attacker to el ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49797 (Heap-based buffer overflow in Windows NTFS allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49796 (Heap-based buffer overflow in Windows GDI+ allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49795 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49794 (Out-of-bounds read in Windows USB Audio Class driver
(usbaudio.sys) al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49793 (Heap-based buffer overflow in Windows Resilient File System
(ReFS) all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49792 (Numeric truncation error in Windows Resilient File System
(ReFS) allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49791 (Improper link resolution before file access ('link following')
in Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49790 (Windows Universal Disk Format File System Driver (UDFS)
Elevation of P ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49789 (Stack-based buffer overflow in Windows NTFS allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49788 (Allocation of resources without limits or throttling in HTTP/2
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49787 (Allocation of resources without limits or throttling in
Windows HTTP.s ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49784 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49783 (Improperly implemented security check for standard in Windows
Secure B ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49477 (Soup Sieve is a CSS selector library designed to be used with
Beautifu ...)
TODO: check
CVE-2026-49476 (Soup Sieve is a CSS selector library designed to be used with
Beautifu ...)
@@ -1229,45 +1229,45 @@ CVE-2026-49459 (DOMPurify is a DOM-only cross-site
scripting sanitizer for HTML,
CVE-2026-49458 (DOMPurify is a DOM-only cross-site scripting sanitizer for
HTML, MathM ...)
TODO: check
CVE-2026-49184 (Heap-based buffer overflow in Windows NTFS allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49183 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49181 (Integer underflow (wrap or wraparound) in Windows DHCP Client
allows a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49180 (Improper link resolution before file access ('link following')
in Univ ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49178 (Heap-based buffer overflow in Active Directory Domain Services
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49177 (Out-of-bounds read in Windows TCP/IP allows an authorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49176 (Improper privilege management in Windows WalletService allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49175 (Heap-based buffer overflow in Windows DNS allows an authorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49174 (Missing authentication for critical function in Microsoft
Windows DNS ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49173 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49172 (Heap-based buffer overflow in Windows FTP Service allows an
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49171 (Use after free in Microsoft Windows Speech allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49170 (Insufficient granularity of access control in Windows
StateRepository ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49169 (Use after free in DNS Server allows an authorized attacker to
execute ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49168 (Integer overflow or wraparound in Windows Storage Spaces
Direct allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49167 (Use after free in Windows Kernel allows an authorized attacker
to elev ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49166 (Use after free in Microsoft Printer Drivers allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49165 (Use of uninitialized resource in Microsoft Windows App Store
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49164 (Heap-based buffer overflow in Active Directory Domain Services
allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-49162 (Use after free in Microsoft Brokering File System allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-48816 (sigstore-js provides JavaScript libraries for interacting with
Sigstor ...)
TODO: check
CVE-2026-48815 (sigstore-js provides JavaScript libraries for interacting with
Sigstor ...)
@@ -1277,159 +1277,159 @@ CVE-2026-48801 (linkify-it is a links recognition
library with full Unicode supp
CVE-2026-48758 (sigstore-js provides JavaScript libraries for interacting with
Sigstor ...)
TODO: check
CVE-2026-48581 (Insufficient granularity of access control in Microsoft
Surface allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-48580 (Untrusted pointer dereference in Microsoft Office Excel allows
an unau ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-48572 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-48571 (Use after free in Windows App Installer allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-48564 (Heap-based buffer overflow in Windows DHCP Server allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-48561 (Improper neutralization of special elements used in a command
('comman ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-48371 (Adobe Commerce is affected by a stored Cross-Site Scripting
(XSS) vuln ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48370 (Media Encoder is affected by an out-of-bounds write
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48369 (Premiere Pro is affected by an out-of-bounds write
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48368 (Audition is affected by an out-of-bounds write vulnerability
that coul ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48367 (After Effects is affected by an out-of-bounds write
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48366 (Media Encoder is affected by an out-of-bounds write
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48365 (Audition is affected by an out-of-bounds write vulnerability
that coul ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48359 (Adobe Experience Manager is affected by an Improper
Restriction of XML ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48358 (Adobe Commerce is affected by an Improper Encoding or Escaping
of Outp ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48357 (CAI Content Credentials is affected by an Uncontrolled
Resource Consum ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48356 (Adobe Commerce is affected by an Unrestricted Upload of File
with Dang ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48355 (Adobe Experience Manager is affected by a stored Cross-Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48354 (CAI Content Credentials is affected by an Integer Overflow or
Wraparou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48353 (CAI Content Credentials is affected by an Improper Input
Validation vu ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48352 (CAI Content Credentials is affected by an Improper Input
Validation vu ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48351 (CAI Content Credentials is affected by an Improper Input
Validation vu ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48350 (Animate is affected by an Improper Limitation of a Pathname to
a Restr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48349 (Animate is affected by an Incorrect Authorization
vulnerability that c ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48348 (Animate is affected by an Incorrect Authorization
vulnerability that c ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48347 (Animate is affected by an Improper Neutralization of Special
Elements ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48346 (Animate is affected by an Untrusted Search Path vulnerability
that cou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48345 (Animate is affected by an Improper Neutralization of Special
Elements ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48344 (Creative Cloud Desktop is affected by a Time-of-check
Time-of-use (TOC ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48343 (Bridge is affected by an out-of-bounds write vulnerability
that could ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48342 (Bridge is affected by an Integer Overflow or Wraparound
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48341 (Bridge is affected by an out-of-bounds write vulnerability
that could ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48340 (Bridge is affected by an Untrusted Pointer Dereference
vulnerability t ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48339 (Bridge is affected by a Heap-based Buffer Overflow
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48338 (ColdFusion is affected by an Improper Limitation of a Pathname
to a Re ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48337 (Illustrator is affected by an out-of-bounds write
vulnerability that c ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48336 (Illustrator is affected by an out-of-bounds write
vulnerability that c ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48335 (Illustrator is affected by an out-of-bounds write
vulnerability that c ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48334 (Illustrator is affected by an Improper Input Validation
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48332 (ColdFusion is affected by a Server-Side Request Forgery (SSRF)
vulnera ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48329 (ColdFusion is affected by an Insufficient Session Expiration
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48328 (ColdFusion is affected by an Improper Input Validation
vulnerability t ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48327 (ColdFusion is affected by an Incorrect Authorization
vulnerability tha ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48325 (ColdFusion is affected by a Missing Authentication for
Critical Functi ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48324 (ColdFusion is affected by an Improper Neutralization of
Special Elemen ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48322 (ColdFusion is affected by an Improper Control of Generation of
Code (' ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48321 (ColdFusion is affected by an Incorrect Authorization
vulnerability tha ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48320 (ColdFusion is affected by a reflected Cross-Site Scripting
(XSS) vulne ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48319 (ColdFusion is affected by an Improper Limitation of a Pathname
to a Re ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48318 (ColdFusion is affected by an Improper Limitation of a Pathname
to a Re ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48312 (CAI Content Credentials is affected by an Improper Input
Validation vu ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48311 (Bridge is affected by an out-of-bounds write vulnerability
that could ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48310 (Adobe Experience Manager is affected by an Improper Limitation
of a Pa ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48309 (Audition is affected by an out-of-bounds write vulnerability
that coul ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48308 (Premiere Pro is affected by an Improper Input Validation
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48302 (CAI Content Credentials is affected by an Improper Input
Validation vu ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48298 (CAI Content Credentials is affected by an Integer Underflow
(Wrap or W ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48296 (CAI Content Credentials is affected by an Integer Underflow
(Wrap or W ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48295 (CAI Content Credentials is affected by an Insufficiently
Protected Cre ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48290 (CAI Content Credentials is affected by a Server-Side Request
Forgery ( ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48287 (CAI Content Credentials is affected by an Untrusted Search
Path vulner ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48284 (ColdFusion is affected by an Improper Input Validation
vulnerability t ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48275 (Illustrator is affected by an Untrusted Search Path
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48274 (After Effects is affected by an out-of-bounds write
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48272 (Creative Cloud Desktop is affected by an Uncontrolled Search
Path Elem ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48270 (Premiere Pro is affected by an out-of-bounds write
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48269 (Premiere Pro is affected by a Heap-based Buffer Overflow
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48263 (Adobe Experience Manager is affected by a stored Cross-Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48262 (Adobe Experience Manager is affected by a DOM-based Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48261 (Adobe Experience Manager is affected by a DOM-based Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48260 (Adobe Experience Manager is affected by a DOM-based Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48259 (Adobe Experience Manager is affected by a Server-Side Request
Forgery ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48257 (Adobe Experience Manager is affected by a DOM-based Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48255 (Adobe Experience Manager is affected by a DOM-based Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48254 (Adobe Experience Manager is affected by a DOM-based Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48253 (Adobe Experience Manager is affected by a DOM-based Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48252 (Adobe Experience Manager is affected by a Missing
Authentication for C ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48125 (UAParser.js is a JavaScript library to detect browsers,
operating syst ...)
TODO: check
CVE-2026-48069 (@grpc/grps-js implements the core functionality of gRPC purely
in Java ...)
@@ -1439,39 +1439,39 @@ CVE-2026-48068 (@grpc/grps-js implements the core
functionality of gRPC purely i
CVE-2026-48038 (joi is a schema description language and data validator for
JavaScript ...)
TODO: check
CVE-2026-48001 (Adobe Commerce is affected by an Information Exposure
vulnerability th ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-48000 (Adobe Commerce is affected by an Improper Redirect (Open
Redirect) vul ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47999 (Adobe Commerce is affected by a stored Cross-Site Scripting
(XSS) vuln ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47998 (Adobe Commerce is affected by an Incorrect Authorization
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47997 (Adobe Commerce is affected by an Incorrect Authorization
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47996 (Adobe Commerce is affected by an Incorrect Authorization
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47995 (Adobe Commerce is affected by a stored Cross-Site Scripting
(XSS) vuln ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47994 (Adobe Commerce is affected by a stored Cross-Site Scripting
(XSS) vuln ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47992 (Adobe Commerce is affected by an Improper Neutralization of
Special El ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47988 (Adobe Commerce is affected by an Incorrect Authorization
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47984 (Adobe Commerce is affected by an Incorrect Authorization
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47979 (Media Encoder is affected by an out-of-bounds read
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47976 (Media Encoder is affected by an out-of-bounds write
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47971 (Media Encoder is affected by a Stack-based Buffer Overflow
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47969 (Audition is affected by an out-of-bounds read vulnerability
that could ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47968 (Audition is affected by an out-of-bounds write vulnerability
that coul ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47967 (Audition is affected by an out-of-bounds write vulnerability
that coul ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-47767 (Symfony is a PHP framework for web and console applications
and a set ...)
TODO: check
CVE-2026-47737 (Puma is a Ruby/Rack web server built for parallelism. From
5.5.0 until ...)
@@ -1479,33 +1479,33 @@ CVE-2026-47737 (Puma is a Ruby/Rack web server built
for parallelism. From 5.5.0
CVE-2026-47736 (Puma is a Ruby/Rack web server built for parallelism. From
5.5.0 until ...)
TODO: check
CVE-2026-47642 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47632 (Improper certificate validation in Azure Monitor Agent allows
an unaut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47482 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47481 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47480 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47479 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47478 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47477 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47476 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47475 (NVIDIA TensorRT-LLM contains a vulnerability in the
OpenAI-compatible ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47473 (NVIDIA TensorRT-LLM contains a vulnerability where an attacker
could c ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47472 (NVIDIA TensorRT-LLM contains a vulnerability in its
inter-process comm ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47471 (NVIDIA TensorRT-LLM for any platform contains a vulnerability
in tenso ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47470 (NVIDIA TensorRT-LLM for any platform contains a vulnerability
in the g ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-47429 (Vitest is a testing framework powered by Vite. Prior to 3.2.5
and 4.1. ...)
TODO: check
CVE-2026-47428 (Vitest is a testing framework powered by Vite. From 4.0.17
until 4.1.6 ...)
@@ -1513,57 +1513,57 @@ CVE-2026-47428 (Vitest is a testing framework powered
by Vite. From 4.0.17 until
CVE-2026-47423 (DOMPurify is a DOM-only cross-site scripting sanitizer for
HTML, MathM ...)
TODO: check
CVE-2026-47305 (Protection mechanism failure in Visual Studio allows an
unauthorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47304 (Improper verification of cryptographic signature in .NET
allows an una ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47303 (Authentication bypass by assumed-immutable data in ASP.NET
Core allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47302 (Allocation of resources without limits or throttling in .NET
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47301 (Improper access control in Microsoft Configuration Manager
allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47300 (Incorrect implementation of authentication algorithm in
ASP.NET Core a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47296 (Improper neutralization of special elements used in an sql
command ('s ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47295 (Improper neutralization of special elements used in an sql
command ('s ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47290 (Use after free in Microsoft Office allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-47282 (Insufficiently protected credentials in GitHub Copilot and
Visual Stud ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-45646 (Allocation of resources without limits or throttling in
ASP.NET Core a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-45496 (Improper limitation of a pathname to a restricted directory
('path tra ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-45363 (ruby-jwt is a Ruby implementation of the RFC 7519 OAuth JSON
Web Token ...)
TODO: check
CVE-2026-44806 (Missing release of memory after effective lifetime in Windows
Cryptogr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-44800 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-42990 (Heap-based buffer overflow in SQL Server ODBC driver allows an
unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-42982 (Improper validation of consistency within input in Windows
Secure Kern ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-42975 (Heap-based buffer overflow in Windows Bluetooth Port Driver
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-42936 (The installer of HYPER SBI 2 insecurely loads Dynamic Link
Libraries. ...)
TODO: check
CVE-2026-42900 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-42447 (jadx is a Dex to Java decompiler. Prior to 1.5.6, jadx-gui is
affected ...)
TODO: check
CVE-2026-42049 (jadx is a Dex to Java decompiler. Prior to 1.5.6, jadx inserts
the and ...)
TODO: check
CVE-2026-41087 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-40422 (Use of uninitialized resource in Windows File Explorer allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-40400 (Relative path traversal in Windows PowerShell allows an
authorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-40378 (Memory allocation with excessive size value in Windows Local
Security ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-3014 (Milestone has released a new version of XProtect\xae (and
several cumu ...)
TODO: check
CVE-2026-38450 (An issue in Aetopia Digital Asset Management DAM v.1.0.0
allows a remo ...)
@@ -1573,41 +1573,41 @@ CVE-2026-36214 (osTicket versions from 1.10 up to
1.17.7 and from 1.18.0 up to 1
CVE-2026-36035 (Incorrect access control in the /api/License/deactivateOffline
endpoin ...)
TODO: check
CVE-2026-34349 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-34348 (Protection mechanism failure in Windows Event Logging Service
allows a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-34346 (Cleartext transmission of sensitive information in Windows
Ancillary F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-34328 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-33842 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2026-24272 (NVIDIA TensorRT contains a vulnerability where an attacker
might cause ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24271 (NVIDIA TensorRT-LLM contains a vulnerability in the
OpenAI-compatible ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24268 (NVIDIA TensorRT contains a vulnerability where an attacker
might cause ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24259 (NVIDIA TensorRT-LLM for Linux contains a vulnerability where
an attack ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24238 (NVIDIA TensorRT for contains a vulnerability where an attacker
might c ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24234 (NVIDIA TensorRT-LLM for Linux contains a vulnerability in the
multimod ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24233 (NVIDIA TensorRT-LLM for Linux contains a vulnerability in the
restrict ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24229 (NVIDIA TensorRT-LLM for Linux contains a vulnerability in the
disaggre ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24227 (NVIDIA TensorRT for contains a vulnerability where a user
might cause ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24226 (NVIDIA TensorRT-LLM for Linux contains a vulnerability where
an attack ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-24220 (NVIDIA TensorRT-LLM for any platform contains a vulnerability
in visua ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2026-23573 (An Improper Neutralization of Input During Web Page Generation
('Cross ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2026-21840 (HCL BigFix Platform is affected by a user enumeration
vulnerability wh ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2026-15778 (Insufficient validation of untrusted input in Navigation in
Google Chr ...)
TODO: check
CVE-2026-15777 (Use after free in UI in Google Chrome on Linux prior to
150.0.7871.125 ...)
@@ -1639,7 +1639,7 @@ CVE-2026-15765 (Use after free in Ozone in Google Chrome
prior to 150.0.7871.125
CVE-2026-15764 (Use after free in Ozone in Google Chrome on Linux prior to
150.0.7871. ...)
TODO: check
CVE-2026-15757 (A security flaw was discovered in the NETGEAR DGND3700v1 that
could al ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2026-15753 (A vulnerability was determined in zhinianboke
xianyu-auto-reply on Ser ...)
TODO: check
CVE-2026-15752 (A vulnerability was found in zhinianboke xianyu-auto-reply up
to dcb44 ...)
@@ -1651,13 +1651,13 @@ CVE-2026-15750 (A weakness has been identified in
mastergo-design mastergo-magic
CVE-2026-15749 (A security flaw has been discovered in mastergo-design
mastergo-magic- ...)
TODO: check
CVE-2026-15738 (Incorrect behavior order in the Gateway API listener-rule
generation i ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-15736 (Snowflake SQLAlchemy versions prior to 1.11.0 contain several
security ...)
TODO: check
CVE-2026-15720 (InOpen5GS through version 2.7.7 a pre-authenticationheap
out-of-bounds ...)
TODO: check
CVE-2026-15715 (A vulnerability was identified in SourceCodester Class and
Exam Timeta ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-15714 (An out-of-bounds read vulnerability was found in libsoup's
multipart p ...)
TODO: check
CVE-2026-15713 (A vulnerability was found in libsoup's HTTP/2 protocol
implementation. ...)
@@ -1669,13 +1669,13 @@ CVE-2026-15711 (A vulnerability was found in libsoup's
WebSocket frame parsing i
CVE-2026-15709 (A flaw was found in libsoup's WebSocket implementation when
using the ...)
TODO: check
CVE-2026-15703 (A vulnerability was detected in SourceCodester Simple and Nice
Shoppin ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-15702 (A security vulnerability has been detected in tamagui up to
2.3.0. Thi ...)
TODO: check
CVE-2026-15701 (A weakness has been identified in Totolink NR1800X
9.1.0u.6279_B202109 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-15700 (A security flaw has been discovered in DedeCMS 5.7.118.
Affected by th ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2026-15699 (A vulnerability was identified in spencermountain compromise
up to 14. ...)
TODO: check
CVE-2026-15698 (A vulnerability was determined in kofrasa mingo up to 7.2.1.
This impa ...)
@@ -1683,131 +1683,131 @@ CVE-2026-15698 (A vulnerability was determined in
kofrasa mingo up to 7.2.1. Thi
CVE-2026-15697 (A vulnerability was found in svgdotjs svg.js up to 3.2.5. This
affects ...)
TODO: check
CVE-2026-15696 (A vulnerability has been found in Tenda BE12 Pro 16.03.66.23.
The impa ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-15695 (A flaw has been found in Tenda BE12 Pro 16.03.66.23. The
affected elem ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-15694 (A vulnerability was detected in Tenda BE12 Pro 16.03.66.23.
Impacted i ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-15693 (A security vulnerability has been detected in Tenda BE12 Pro
16.03.66. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-15692 (A weakness has been identified in Tenda BE12 Pro 16.03.66.23.
This vul ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-15691 (A security flaw has been discovered in Tenda BE12 Pro
16.03.66.23. Thi ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-15690 (A vulnerability was identified in open62541 up to 1.5.5.
Affected by t ...)
TODO: check
CVE-2026-15643 (AWS HealthLake MCP Server (awslabs.healthlake-mcp-server) is a
Model C ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-15642 (Insertion of sensitive information into a file in the Recovery
Kit res ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-15641 (Improper authorization in the access request status endpoint
in Devolu ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-15637 (Improper authorization in the PAM SSH key and certificate
retrieval e ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-15429 (A privilege escalation vulnerability exists in the HTTP
authentication ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-15428 (An OS command injection vulnerability exists in Archer VX800v
v1 due t ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-15427 (An OS command injection vulnerability exists in the TR-069 /
CWMP mana ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-15416 (A flaw was identified in Argo CD, the GitOps engine used by
Red Hat Op ...)
- TODO: check
+ NOT-FOR-US: Argo CD
CVE-2026-15410 (Post-authentication improper control of generation of code
('Code Inje ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2026-15409 (A Server-side request forgery (SSRF) vulnerability has been
identified ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2026-15389 (A vulnerability relating to insufficient access control has
been ident ...)
TODO: check
CVE-2026-15305 (Users were able to upload files with arbitrary MIME types to
forms usi ...)
- TODO: check
+ NOT-FOR-US: TYPO3 (core or extensions)
CVE-2026-15265 (A path traversal vulnerability in Tenable Agent 11.2.0 and
11.1.3 and ...)
TODO: check
CVE-2026-15183 (Multiple input validation vulnerabilities in the Snowflake
Spark Conne ...)
TODO: check
CVE-2026-15076 (In versions up to and including 4.5.29 (4.x branch) and 5.1.4
(5.x bra ...)
- TODO: check
+ NOT-FOR-US: Eclipse
CVE-2026-15075 (In Eclipse Vert.x versions up to and including 4.5.29 (4.x
branch) and ...)
- TODO: check
+ NOT-FOR-US: Eclipse
CVE-2026-15058 (Improper authorization in the secure messages deletion
endpoint in Dev ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2026-15030 (Out-of-bounds Read in ASUS System Control Interface v3, ASUS
System Co ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2026-15029 (Untrusted Pointer Dereference in ASUS System Control Interface
v3, ASU ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2026-14903 (Path traversal inIvantiXtractionbeforeversion2026.2.1allows a
remote a ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2026-14902 (An open redirect in IvantiXtractionbeforeversion2026.2.1allows
a remot ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2026-14852 (Privilege escalation in Checkmk versions 2.5.0 before 2.5.0p9,
2.4.0 b ...)
TODO: check
CVE-2026-14646 (Nexus Repository 3 did not apply its existing Server-Side
Request Forg ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2026-14645 (Nexus Repository 3 does not validate the destination of the
"Webhook: ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2026-14504 (An authorization bypass in Nexus Repository 3's component
upload API a ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2026-13699 (In Eclipse KUKSA Databroker version 0.6.1,
thekuksa.val.v2.VAL/Publish ...)
- TODO: check
+ NOT-FOR-US: Eclipse
CVE-2026-13585 (Allocation of Resources Without Limits and Throttling and
Sensitive In ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2026-13385 (An Improper Validation of Integrity Check Value and Improper
Certifica ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2026-13230 (An information disclosure vulnerability was identified in
TP-Link Kasa ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2026-13001 (The Podlove Podcast Publisher plugin for WordPress is
vulnerable to ar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12707 (Summary Cloudflare quiche was discovered to be vulnerable
to memory ...)
TODO: check
CVE-2026-12659 (A denial-of-service security issue exists in the affected
products. Th ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-12606 (Eclipse Grizzly in versions before 5.0.2, cannot properly
parse the tr ...)
TODO: check
CVE-2026-12588 (An attacker with access to an HX 10.0.0 and previous versions,
may sen ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2026-12523 (Summary Cloudflare quiche's HTTP/3 layer was discovered to
be vulne ...)
TODO: check
CVE-2026-12512 (The Quotes llama WordPress plugin before 3.1.6 does not
properly sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-12478 (The fix for CVE-2026-0716 (commit 6ff7ef0, libsoup 3.6.6)
placed the i ...)
TODO: check
CVE-2026-12281 (The Shibboleth WordPress plugin before 2.5.4 does not fail
closed when ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11944 (openSIS Classic 9.3 contains an authenticated path traversal
vulnerabi ...)
TODO: check
CVE-2026-11917 (A path traversal security issue exists within Rockwell
AutomationThinM ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-11851 (Improper Neutralization of Special Elements used in an SQL
Command ("S ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2026-11580 (The Kali Forms \u2014 Contact Form & Drag-and-Drop Builder
WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11579 (The Kali Forms \u2014 Contact Form & Drag-and-Drop Builder
WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-11403 (A vulnerability in Sonatype Nexus Repository Manager's
format-specific ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2026-10714 (A security issue exists within FactoryTalk\xae Services
Platform (FTSP ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-10672 (subsys/net/lib/lwm2m/lwm2m_pull_context.c copied the
firmware-update P ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-10671 (In Zephyr's kernel pipe implementation, the userspace syscall
verifier ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-10670 (The CONFIG_USERSPACE verification handler for the
k_thread_name_copy() ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-10669 (On Xtensa SoCs built with CONFIG_XTENSA_MPU and
CONFIG_USERSPACE, arch ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2026-10577 (A security issue exists within the 1715-AENTR EtherNet/IP
Adapter. The ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-10573 (A denial-of-service security issue exists in
1734POINTI/O\u2122module. ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2026-10051 (In Eclipse Jetty, a first HTTP/1.1 request with trailers
causes the se ...)
TODO: check
CVE-2026-0515 (Insufficient Parameter Validation in the SchedGet() system call
could ...)
- TODO: check
+ NOT-FOR-US: Blackberry
CVE-2025-8412 (A Buffer Copy without Checking Size of Input ('Classic Buffer
Overflow ...)
TODO: check
CVE-2025-62826 (An Improper Neutralization of CRLF Sequences in HTTP Headers
('HTTP Re ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-62675 (An Improper Neutralization of CRLF Sequences in HTTP Headers
('HTTP Re ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-56365 (A reachable assertion vulnerability exists in the Matter SDK
(connecte ...)
TODO: check
CVE-2025-56364 (A use of uninitialized value vulnerability exists in the
Matter SDK (c ...)
@@ -1819,17 +1819,17 @@ CVE-2025-56362 (A reachable assertion vulnerability
exists in the Matter SDK (co
CVE-2025-56361 (A reachable assertion vulnerability exists in the Matter SDK
(connecte ...)
TODO: check
CVE-2025-53379 (A out-of-bounds read vulnerability in Fortinet
FortiAuthenticator 6.6. ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-43892 (A buffer over-read vulnerability in Fortinet FortiOS 7.6.0
through 7.6 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-40945 (A vulnerability has been identified in COMOS V10.4.5 (All
versions < V ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-12012 (A denial-of-service issue exists
in5380/5480/5580controllers.This vuln ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-12011 (A denial-of-service issue existsin5370/5570controllers. This
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-11698 (A denial-of-service issue exists
in5380/5480/5580controllersbootfirmwa ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-7708 (For requests that have a body, but reading the body may end up
in read ...)
TODO: check
CVE-2026-15719 (We are aware that exploit code for this is public however we
are not a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e97480210c6c6b7ba88ea1c0ac3c9675eadcd680
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e97480210c6c6b7ba88ea1c0ac3c9675eadcd680
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits