April 14, 2026—KB5082052 (OS Build 22631.6936)

April 14, 2026—KB5082052 OS Build 22631.6936 ​​​​​This cumulative update for Windows 11, version 23H2 KB5082052, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security update...

KB5082806: Cumulative security update for Internet Explorer: April 14, 2026

KB5082806: Cumulative security update for Internet Explorer: April 14, 2026 Important Certain versions of Microsoft Internet Explorer have reached the end of support. Note that some versions of Internet Explorer may be supported past the latest OS end date when Extended Security Updates ESUs are...

April 14, 2026—KB5082200 (OS Builds 19045.7184 and 19044.7184)

April 14, 2026—KB5082200 OS Builds 19045.7184 and 19044.7184 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business...

April 14, 2026—KB5082126 (Monthly Rollup)

April 14, 2026—KB5082126 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only...

April 14, 2026—KB5082123 (OS Build 17763.8644)

April 14, 2026—KB5082123 OS Build 17763.8644 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the past...

PT-2026-32716

Name of the Vulnerable Software and Affected Versions Windows Boot Loader affected versions not specified Description Reliance on untrusted inputs in a security decision allows an authorized attacker to bypass a security feature locally. Recommendations At the moment, there is no information abou...

Microsoft Windows Secure Boot 安全漏洞

Microsoft Windows Secure Boot is a security boot feature provided by Microsoft Corporation. There are security vulnerabilities associated with Microsoft Windows Secure Boot. The following products and versions are affected: Windows 11 Version 26H1 for ARM64-based Systems, Windows 11 Version 26H1...

PT-2026-32752

Name of the Vulnerable Software and Affected Versions Windows Boot Manager affected versions not specified Description Use of an uninitialized resource allows an unauthorized attacker to bypass a security feature through a physical attack. Recommendations At the moment, there is no information...

Incorrect use of LocateProtocol Service of the EFI_BOOT_Services table in SMI Handler

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54502| Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to achieve privilege escalation...

Microsoft Windows 安全漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a security vulnerability present in the Microsoft Windows Boot Loader. Attackers can exploit this vulnerability to bypass certain functions. The following products and versions are...

Microsoft Windows Boot Manager 安全漏洞

Microsoft Windows Boot Manager is a UEFI application provided by Microsoft Corporation, used to configure the boot environment. There are security vulnerabilities in Microsoft Windows Boot Manager. Attackers can exploit these vulnerabilities to bypass certain functions. The following products and...

KLA90980 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code, cause denial of service, read local...

PT-2026-33497

New from Eclypsium: CVE-2026-25250. A Microsoft-signed third-party bootloader that completely skips signature verification when loading drivers. Secure Boot bypass on most Windows systems. Discovered by Mickey Shkatov and Stas Lyakhov. Patch now. https://t.co/ofZmE2CVeN https://t.co/FhYKdMNdxJ...

This Week in Spring - April 14th, 2026

Hi, Spring fans! ¡Hola from Barcelona, Spain! I'm at the amazing Spring I/O event, hanging out with some of the amazing Spring ecosystem developers! Life is amazing here in the warm sun of springtime. There's a lot to look at this week, so let's dive right into it! Another nice tutorial on how to...

cn.angis.warm-flow-beetlsql:warm-flow-beetlsql-sb-starter (>=1.6.9.1 <=1.8.4.0), cn.angis.warm-flow-beetlsql:warm-flow-beetlsql-sb-test (>=1.6.9.1 <=1.7.2.3) +34 more potentially affected by CVE-2026-6125 via org.dromara.warm:warm-flow-plugin-modes-sb (>=1.3.4 <=1.8.5-m3)

org.dromara.warm:warm-flow-plugin-modes-sb MAVEN version =1.3.4, =1.6.9.1, =1.6.9.1, =1.6.8.1, =4.0.0, =2025.13.0, =2025.3.2, =1.6.6, =1.6.6, =1.8.4 - org.dromara.warm-flow-mybatis-flex:warm-flow-mybatis-flex-solon-test =1.6.6 and more Source cves: CVE-2026-6125 Sourc...

Vulnerabilities fixed in Microsoft Windows

Microsoft fixed vulnerabilities in Windows A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Accessing sensitive data - Execution of arbitrary code user privileges - Executio...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 — Log4Shell PoC Lab DISCLAIMER Este...

Exploit for Code Injection in Pivotal_Software Spring_Data_Commons

SpringBoot-Toolkit An interactive penetration-testing tool de...

CVE-2026-20446

In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09963054; Issue ID:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006676)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006676 advisory. In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the...