May 12, 2026—KB5087541 (OS Build 25398.2330)

May 12, 2026—KB5087541 OS Build 25398.2330 This cumulative update for Windows Server, version 23H2 KB5087541, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

May 12, 2026—KB5087537 (OS Build 14393.9140)

May 12, 2026—KB5087537 OS Build 14393.9140 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the past...

May 12, 2026—KB5087471 (Monthly Rollup)

May 12, 2026—KB5087471 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only a...

May 12, 2026—KB5087420 (OS Build 22631.7079)

May 12, 2026—KB5087420 OS Build 22631.7079 ​​​​​This cumulative update for Windows 11, version 23H2 KB5087420, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

March 10, 2026—Hotpatch KB5078737 (OS Build 20348.4830)

None None...

May 12, 2026—Hotpatch KB5087424 (OS Build 20348.5074)

None None...

May 12, 2026—KB5087545 (OS Build 20348.5139)

May 12, 2026—KB5087545 OS Build 20348.5139 This cumulative update for Windows Server 2022 KB5087545, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates, optional...

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +288 more potentially affected by CVE-2026-41713 via org.springframework.ai:spring-ai-client-chat (>=1.1.0-M1 <=1.1.5)

org.springframework.ai:spring-ai-client-chat MAVEN version =1.1.0-M1, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.6.0, =1.1.0, =1.1.0, =1.1.0, =1.1.4 and more Source cves: CVE-2026-41713 Source advisory: OSV:GHSA-5852-PHMH-8FHR...

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Demo Khai thác Lỗ hổng Log4Shell CVE-2021-44228 Dự án này m...

EUVD-2026-29347

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...

EUVD-2026-29325

barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...

EUVD-2026-29323

barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the ehentries field against buffer capacity in fs/ext4/ext4common.c. Attackers can supply a malicious ext4 filesystem image via USB, SD card, or network boot to trigg...

Microsoft Windows Secure Boot 安全漏洞

Microsoft Windows Secure Boot is a security boot feature provided by Microsoft Corporation. There are security vulnerabilities associated with Microsoft Windows Secure Boot. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected:...

KB5088064: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: May 12, 2026

KB5088064: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: May 12, 2026 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates o...

PT-2026-40238

Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

CVE-2026-34963

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...

CVE-2026-34962

barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...

CVE-2026-34961

barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the ehentries field against buffer capacity in fs/ext4/ext4common.c. Attackers can supply a malicious ext4 filesystem image via USB, SD card, or network boot to trigg...

CVE-2026-34963

Barebox EFI PE loader (efi/loader/pe.c) contains multiple memory-safety vulnerabilities in versions prior to 2026.04.0: (1) 32-bit arithmetic overflow in virtual image size calculation on section VirtualAddress/size can cause undersized heap allocations, and (2) PE section loading does not valida...

CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...