CVE-2025-71239 audit: add fchmodat2() to change attributes class
Published March 18, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2026-23241 audit: add missing syscalls to read class
Published March 18, 2026
Information published.
CVE-2026-32778
Published March 17, 2026
Information published.
CVE-2026-32776
Published March 17, 2026
Information published.
CVE-2026-32249 NFA regex engine NULL pointer dereference affects Vim < 9.2.0137
Published March 17, 2026
Information published.
Chromium: CVE-2026-3909 Out of bounds write in Skia
Published March 17, 2026
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information. Google is aware that an exploit for CVE-2026-3909 exists in the wild.
CVE-2026-23069 vsock/virtio: fix potential underflow in virtio_transport_get_credit()
Published March 17, 2026
Information published.
CVE-2026-23066 rxrpc: Fix recvmsg() unconditional requeue
Published March 17, 2026
Information published.
CVE-2025-69648
Published March 17, 2026
Information published.
CVE-2025-69647
Published March 17, 2026
Information published.
