CVE-2026-27571 nats-server websockets are vulnerable to pre-auth memory DoS
Published February 27, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern
Published February 26, 2026
Information published.
CVE-2026-21863 Malformed Valkey Cluster bus message can lead to Remote DoS
Published February 26, 2026
Information published.
CVE-2025-67733 Valkey Affected by RESP Protocol Injection via Lua error_reply
Published February 26, 2026
Information published.
CVE-2025-61145 libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.
Published February 26, 2026
Information published.
CVE-2025-61144 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
Published February 26, 2026
Information published.
CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.
Published February 26, 2026
Information published.
CVE-2021-20233 A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Published February 26, 2026
Information published.
CVE-2021-20225 A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Published February 26, 2026
Information published.
CVE-2026-26960 node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction
Published February 26, 2026
Information published.
