CVE-2026-5507 Session Cache Restore — Arbitrary Free via Deserialized Pointer
Published April 30, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2019-1551 rsaz_512_sqr overflow bug on x86_64
Published April 30, 2026
Information published.
CVE-2026-5504 PKCS7 CBC Padding Oracle — Plaintext Recovery
Published April 30, 2026
Information published.
CVE-2026-33825 Microsoft Defender Elevation of Privilege Vulnerability
Published April 30, 2026
Added FAQ information. This is an informational change only.
CVE-2026-5393 OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS
Published April 30, 2026
Information published.
CVE-2026-24051 OpenTelemetry-Go Affected by Arbitrary Code Execution via PATH Hijacking
Published April 30, 2026
Information published.
CVE-2026-31420 bridge: mrp: reject zero test interval to avoid OOM panic
Published April 30, 2026
Information published.
CVE-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
Published April 30, 2026
Information published.
CVE-2026-34477 Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass
Published April 30, 2026
Information published.
CVE-2026-41898 rust-openssl: Unchecked callback-returned length in PSK and cookie generate trampolines can cause OpenSSL to leak adjacent memory to the network peer
Published April 30, 2026
Information published.
