Microsoft Security Response Center Blog Alerts - Network Services Group

CVE-2026-35199 SymCrypt SymCryptXmssSign function – Heap overflow via 64->32-bit leaf-count truncation

Published April 17, 2026

Information published.

CVE-2026-41035

Published April 17, 2026

Information published.

CVE-2026-35469 SpdyStream: DOS on CRI

Published April 17, 2026

Information published.

CVE-2026-40164 jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed

Published April 17, 2026

Information published.

CVE-2026-39979 jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers

Published April 17, 2026

Information published.

CVE-2026-33948 jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input

Published April 17, 2026

Information published.

CVE-2026-33947 jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted()

Published April 17, 2026

Information published.

CVE-2026-32316 jq: Integer overflow in jvp_string_append() allows Heap-based Buffer Overflow

Published April 17, 2026

Information published.

CVE-2026-32223 Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability

Published April 17, 2026

Acknowledgement added. This is an informational change only.

CVE-2025-64669 Windows Admin Center Elevation of Privilege Vulnerability

Published April 17, 2026

Acknowledgement added. This is an informational change only.

Privacy | General Terms & Conditions | Speed Test | Image Share | ASN

We use cookies to improve your experience. By continuing to use our site, you accept our use of cookies, revised Privacy Policy and Terms of Use.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.