Microsoft Security Response Center Blog Alerts - Network Services Group

CVE-2026-2739 This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.

Published February 26, 2026

Information published.

CVE-2026-23225 sched/mmcid: Don't assume CID is CPU owned on mode switch

Published February 26, 2026

Information published.

CVE-2026-21620 TFTP Path Traversal

Published February 26, 2026

Information published.

CVE-2026-23224 erofs: fix UAF issue for file-backed mounts w/ directio option

Published February 26, 2026

Information published.

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Published February 26, 2026

Information published.

CVE-2026-23223 xfs: fix UAF in xchk_btree_check_block_owner

Published February 26, 2026

Information published.

CVE-2025-38656 wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()

Published February 26, 2026

Information published.

CVE-2025-71230 hfs: ensure sb->s_fs_info is always cleaned up

Published February 26, 2026

Information published.

CVE-2026-23229 crypto: virtio – Add spinlock protection with virtqueue notification

Published February 26, 2026

Information published.

CVE-2025-11563 wcurl path traversal with percent-encoded slashes

Published February 26, 2026

Information published.

Privacy | General Terms & Conditions | Speed Test | Image Share | ASN

We use cookies to improve your experience. By continuing to use our site, you accept our use of cookies, revised Privacy Policy and Terms of Use.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.