CVE-2026-32287 Infinite loop in github.com/antchfx/xpath
Published April 2, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2026-29785 NATS Server panic via malicious compression on leafnode port
Published April 2, 2026
Information published.
CVE-2026-33216 NATS has MQTT plaintext password disclosure
Published April 2, 2026
Information published.
CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`
Published April 2, 2026
Information published.
CVE-2026-2436 Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake
Published April 2, 2026
Information published.
CVE-2026-4732 Out-of-bounds Read Overflow in tildearrow/furnace
Published April 2, 2026
Information published.
CVE-2026-4897 Polkit: polkit: denial of service via unbounded input processing through standard input
Published April 2, 2026
Information published.
CVE-2026-34043 Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects
Published April 2, 2026
Information published.
CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys
Published April 2, 2026
Information published.
CVE-2026-5107 FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control
Published April 2, 2026
Information published.
