CVE-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
Published April 30, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2026-34477 Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass
Published April 30, 2026
Information published.
CVE-2026-41898 rust-openssl: Unchecked callback-returned length in PSK and cookie generate trampolines can cause OpenSSL to leak adjacent memory to the network peer
Published April 30, 2026
Information published.
CVE-2026-31584 media: mediatek: vcodec: fix use-after-free in encoder release path
Published April 30, 2026
Information published.
CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document
Published April 30, 2026
Information published.
CVE-2026-2708 Libsoup: libsoup: http request smuggling via duplicate content-length headers
Published April 30, 2026
Information published.
CVE-2019-1547 ECDSA remote timing attack
Published April 30, 2026
Information published.
CVE-2026-5778 Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path.
Published April 30, 2026
Information published.
CVE-2026-5188 Integer underflow in X.509 SAN parsing in wolfSSL
Published April 30, 2026
Information published.
CVE-2019-1543 ChaCha20-Poly1305 with long nonces
Published April 30, 2026
Information published.
