Microsoft MSRC
CVE-2026-46302 selinux: allow multiple opens of /sys/fs/selinux/policy
Information published.
vulnerability
Archive
Page 7 of 19 — 1128 stories total
Microsoft MSRC
CVE-2026-46291 crypto: caam - guard HMAC key hex dumps in hash_digest_key
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46301 spi: topcliff-pch: fix use-after-free on unbind
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46312 media: videobuf2: Set vma_flags in vb2_dma_sg_mmap
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46282 iio: frequency: admv1013: fix NULL pointer dereference on str
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46274 io-wq: check that the predecessor is hashed in io_wq_remove_pending()
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46280 lib: test_hmm: evict device pages on file close to avoid use-after-free
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46285 mtd: docg3: fix use-after-free in docg3_release()
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46275 Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46292 pmdomain: core: Fix detach procedure for virtual devices in genpd
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46307 wifi: ath5k: do not access array OOB
Information published.
vulnerability
Microsoft MSRC
CVE-2026-46289 lib/scatterlist: fix length calculations in extract_kvec_to_sg
Information published.
vulnerability
Krebs on Security
A Record-Breaking Patch Tuesday for June 2026
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft's most dire "criti...
vulnerabilitymicrosoft
Dark Reading
The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life
Former National Cyber Director Chris Inglis warns that cyberattacks threaten hospitals, utilities, and essential services.
Dark Reading
Blame AI: Patch Tuesday Hits Record 206 CVEs
Voluminous patch updates could soon be the norm, as artificial intelligence accelerates the speed and scale of vulnerability discovery.
vulnerability
Dark Reading
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address
“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's being actively abused in the wild.
zero daymicrosoft
Dark Reading
Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
microsoftsupply chain
Microsoft Security
Reconstructing AI activity in investigations
Learn how to investigate AI activity in Microsoft 365 Copilot and Azure AI services using a structured, telemetry-driven approach. This playbook helps security teams reconstruct events, assess data exposure, and detect potential threats faster. The post Reconstructing AI activ...
microsoft
Dark Reading
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine.
vulnerability
Actively exploitedCVE-2025-8088 · EPSS 81%
Schneier on Security
GPS As a Key Distribution Platform
This is interesting: The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite into a hidden “numbers station,” according to Steven Murdoch… That means every device that uses GPS ...
Microsoft MSRC
Chromium: CVE-2026-10934 Use after free in Autofill
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-10984 Inappropriate implementation in Accessibility
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11145 Race in Geolocation
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11035 Insufficient validation of untrusted input in Custom Tabs
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-10929 Heap buffer overflow in ANGLE
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11034 Insufficient validation of untrusted input in Tab Group Sync
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11247 Insufficient policy enforcement in CustomTabs
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11082 Use after free in GPU
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11029 Insufficient validation of untrusted input in Drag and Drop
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11080 Use after free in WebView
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11188 Use after free in USB
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-10923 Use after free in WebAppInstalls
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11297 Insufficient validation of untrusted input in Reader Mode
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11295 Inappropriate implementation in WebView
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11077 Out of bounds read in Dawn
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11131 Use after free in Autofill
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-10967 Use after free in SurfaceCapture
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11291 Policy bypass in Android Autofill
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11072 Use after free in WebView
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11019 Inappropriate implementation in Payments
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11127 Inappropriate implementation in WebAPKs
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11290 Integer overflow in WebView
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11178 Policy bypass in WebView
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11287 Insufficient validation of untrusted input in Navigation
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11175 Incorrect security UI in Messages
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-10959 Use after free in Input
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11065 Use after free in ANGLE
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11172 Incorrect security UI in Contact Picker
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11012 Use after free in Serial
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11119 Insufficient validation of untrusted input in GPU
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11226 Insufficient policy enforcement in PreviewTab
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11064 Uninitialized Use in GPU
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11010 Use after free in WebShare
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11278 Inappropriate implementation in CustomTabs
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11167 Inappropriate implementation in WebView
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-10953 Use after free in Core
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11007 Insufficient validation of untrusted input in WebView
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11163 Use after free in Messages
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11108 Inappropriate implementation in NFC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft
Microsoft MSRC
Chromium: CVE-2026-11215 Inappropriate implementation in Cronet
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
vulnerabilitymicrosoft