65 matches found
May 12, 2026—KB5087537 (OS Build 14393.9140)
May 12, 2026—KB5087537 OS Build 14393.9140 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in...
March 21, 2026—KB5085516 (OS Builds 26200.8039 and 26100.8039) Out-of-band
March 21, 2026—KB5085516 OS Builds 26200.8039 and 26100.8039 Out-of-band This out-of-band update for Windows 11, version 25H2 and 24H2 KB5085516 is cumulative. It includes updates from previous security and non-security releases, along with an additional fix. To learn more about differences...
CVE-2026-21264
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Account allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-21264
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Account allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-21264
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Account allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-21264
CVE-2026-21264 concerns improper neutralization of input during web page generation (XSS) in Microsoft Account, enabling a network-based spoofing scenario. The vulnerability affects Microsoft Account web page rendering and can lead to spoofing without listed exploitation likelihood in the provide...
CVE-2026-21264 Microsoft Account Spoofing Vulnerability
...
CVE-2026-21264 Microsoft Account Spoofing Vulnerability
...
Microsoft Account Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Account allows an unauthorized attacker to perform spoofing over a network...
PT-2026-4306
Name of the Vulnerable Software and Affected Versions Microsoft Account affected versions not specified Description The issue involves improper neutralization of input during web page generation, specifically a 'cross-site scripting' condition within Microsoft Account. This allows an unauthorized...
Microsoft Account cross-site scripting vulnerability
The Microsoft Account is an account service provided by the American company Microsoft. The Microsoft Account has a cross-site scripting vulnerability, which stems from improper input during the web page generation process...
CVE-2025-64754
Jitsi Meet is an open source video conferencing application. A vulnerability present in versions prior to 2.0.10532 allows attackers to hijack the OAuth authentication window for Microsoft accounts. This is fixed in version 2.0.10532. No known workarounds are available...
PT-2025-46918
Name of the Vulnerable Software and Affected Versions Jitsi Meet versions prior to 2.0.10532 Description Jitsi Meet is a video conferencing application. A flaw exists that allows attackers to hijack the OAuth authentication window for Microsoft accounts. This issue does not have any known...
Jitsi Meet 输入验证错误漏洞
Jitsi Meet is a set of open source projects from Jitsi Open Source. Enabling users to use and deploy a video conferencing platform with state-of-the-art video quality and features. An input validation error vulnerability exists in versions prior to Jitsi Meet 2.0.10532 that stems from a possible...
EUVD-2019-9743
Malware in sbrugna...
EUVD-2025-2457
Malicious code in bioql PyPI...
EUVD-2023-50476
Malicious code in bioql PyPI...
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Microsoft on Monday announced that it has moved the Microsoft Account MSA signing service to Azure confidential virtual machines VMs and that it's also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed...
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score
Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The flaws are listed below - CVE-2025-21396 CVSS score: 7.5 - Microsoft Accou...
CVE-2025-21396
Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network...