CVE-2025-14821 Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows
Published April 17, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2026-39956 jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosure
Published April 17, 2026
Information published.
CVE-2026-35199 SymCrypt SymCryptXmssSign function – Heap overflow via 64->32-bit leaf-count truncation
Published April 17, 2026
Information published.
CVE-2026-41035
Published April 17, 2026
Information published.
CVE-2026-35469 SpdyStream: DOS on CRI
Published April 17, 2026
Information published.
CVE-2026-40164 jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed
Published April 17, 2026
Information published.
CVE-2026-39979 jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers
Published April 17, 2026
Information published.
CVE-2026-33948 jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input
Published April 17, 2026
Information published.
CVE-2026-33947 jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted()
Published April 17, 2026
Information published.
CVE-2026-32316 jq: Integer overflow in jvp_string_append() allows Heap-based Buffer Overflow
Published April 17, 2026
Information published.
