CVE-2026-21536 Microsoft Devices Pricing Program Remote Code Execution Vulnerability
Published March 6, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2026-23231 netfilter: nf_tables: fix use-after-free in nf_tables_addchain()
Published March 5, 2026
Information published.
CVE-2025-71238 scsi: qla2xxx: Fix bsg_done() causing double free
Published March 5, 2026
Information published.
CVE-2026-23238 romfs: check sb_set_blocksize() return value
Published March 5, 2026
Information published.
CVE-2026-23237 platform/x86: classmate-laptop: Add missing NULL pointer checks
Published March 5, 2026
Information published.
CVE-2025-68121 Unexpected session resumption in crypto/tls
Published March 5, 2026
Information published.
CVE-2026-0038 In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published March 5, 2026
Information published.
CVE-2026-3336 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC
Published March 5, 2026
Information published.
CVE-2026-3338 PKCS7_verify Signature Validation Bypass in AWS-LC
Published March 5, 2026
Information published.
CVE-2026-23865 An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.
Published March 5, 2026
Information published.
