CVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability
Published March 12, 2026
Acknowledgement Updated
Microsoft Security Response Center Blog Alerts
CVE-2026-24293 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Published March 12, 2026
Acknowledgement added. This is an informational change only.
CVE-2026-3784 wrong proxy connection reuse with credentials
Published March 12, 2026
Information published.
CVE-2026-1965 bad reuse of HTTP Negotiate connection
Published March 12, 2026
Information published.
CVE-2026-3783 token leak with redirect and netrc
Published March 12, 2026
Information published.
CVE-2025-69646 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis.
Published March 11, 2026
Information published.
CVE-2026-29786 node-tar: Hardlink Path Traversal via Drive-Relative Linkpath
Published March 11, 2026
Information published.
CVE-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds
Published March 11, 2026
Information published.
CVE-2024-14027 xattr: switch to CLASS(fd)
Published March 11, 2026
Information published.
CVE-2026-27139 FileInfo can escape from a Root in os
Published March 11, 2026
Information published.
