216 matches found
Security Updates for Microsoft Word Products (May 2026)
The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-40364 - Use after free in...
PT-2026-40243
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description External control of a file name or path allows an unauthorized attacker to disclose sensitive information over a network. Recommendations At the moment, there is no...
CVE-2026-42826
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network...
EUVD-2026-28445
Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network...
EUVD-2026-28446
Improper neutralization of special elements in output used by a downstream component 'injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...
EUVD-2026-28450
Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network...
CVE-2026-42826
Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network...
CVE-2026-33823
Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network...
CVE-2026-26129
Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network...
M365 Copilot Information Disclosure Vulnerability
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...
PT-2026-38587
Name of the Vulnerable Software and Affected Versions Azure DevOps affected versions not specified Description Exposure of sensitive information in Azure DevOps allows an unauthorized actor to disclose information over a network. Recommendations At the moment, there is no information about a newe...
OPENSUSE-SU-2026:20586-1 Security update for roundcubemail
This update for roundcubemail fixes the following issues: Changes in roundcubemail: - update to 1.6.15 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to some regressions introduced in the previous release as well a recently reported security...
CVE-2026-32151
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network...
EUVD-2026-22536
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network...
CVE-2026-32151
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network...
CVE-2026-32151
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network...
PT-2026-32821
CVE-2026-32151 Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network. https://t.co/O48PBwBtPo...
CVE-2026-32173
Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network...
Azure SRE Agent Information Disclosure Vulnerability
Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network...
Fedora 43 : roundcubemail (2026-2decd38070)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2decd38070 advisory. Version 1.6.14 Fix Postgres connection using IPv6 address 10104 Security: Fix pre-auth arbitrary file write via unsafe deserialization in redis/memcache...