Microsoft Security Response Center Blog Alerts - Network Services Group

CVE-2026-32287 Infinite loop in github.com/antchfx/xpath

Published April 2, 2026

Information published.

CVE-2026-29785 NATS Server panic via malicious compression on leafnode port

Published April 2, 2026

Information published.

CVE-2026-33216 NATS has MQTT plaintext password disclosure

Published April 2, 2026

Information published.

CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`

Published April 2, 2026

Information published.

CVE-2026-2436 Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake

Published April 2, 2026

Information published.

CVE-2026-4732 Out-of-bounds Read Overflow in tildearrow/furnace

Published April 2, 2026

Information published.

CVE-2026-4897 Polkit: polkit: denial of service via unbounded input processing through standard input

Published April 2, 2026

Information published.

CVE-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64

Published April 2, 2026

Information published.

CVE-2026-34043 Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects

Published April 2, 2026

Information published.

CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys

Published April 2, 2026

Information published.

Privacy | General Terms & Conditions | Speed Test | Image Share | ASN

We use cookies to improve your experience. By continuing to use our site, you accept our use of cookies, revised Privacy Policy and Terms of Use.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.