CVE-2026-3805 use after free in SMB connection reuse
Published March 13, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2026-3904
Published March 13, 2026
Information published.
CVE-2026-26133 M365 Copilot Information Disclosure Vulnerability
Published March 13, 2026
Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-26030 GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable
Published March 13, 2026
Acknowledgement added. This is an informational change only.
CVE-2026-23239 espintcp: Fix race condition in espintcp_close()
Published March 12, 2026
Information published.
CVE-2026-23868
Published March 12, 2026
Information published.
CVE-2026-25679 Incorrect parsing of IPv6 host literals in net/url
Published March 12, 2026
Information published.
Chromium: CVE-2026-3537 Object lifecycle issue in PowerVR
Published March 12, 2026
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
CVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability
Published March 12, 2026
Acknowledgement Updated
CVE-2026-24293 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Published March 12, 2026
Acknowledgement added. This is an informational change only.
