mscve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	MS:CVE-2026-2318	CVE-2026-2318_MS:CVE-2026-2318 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Feb 18, 2026	MSCVE
MEDIUM 6.5	MS:CVE-2026-2320	Chromium: CVE-2026-2320 Inappropriate implementation in File input_MS:CVE-2026-2320 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Feb 18, 2026	MSCVE
MEDIUM 4.3	MS:CVE-2026-2323	Chromium: CVE-2026-2323 Inappropriate implementation in Downloads_MS:CVE-2026-2323 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Feb 18, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-2441	Chromium: CVE-2026-2441 Use after free in CSS_MS:CVE-2026-2441 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Feb 18, 2026	MSCVE
HIGH 7.8	MS:CVE-2026-21246	Windows Graphics Component Elevation of Privilege Vulnerability_MS:CVE-2026-21246 Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.	N/A	N/A	Feb 10, 2026	MSCVE
HIGH 7.8	MS:CVE-2026-21232	Windows HTTP.sys Elevation of Privilege Vulnerability_MS:CVE-2026-21232 Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.	N/A	N/A	Feb 10, 2026	MSCVE
HIGH 7.5	MS:CVE-2026-21243	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability_MS:CVE-2026-21243 Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.	N/A	N/A	Feb 10, 2026	MSCVE
MEDIUM 6.5	MS:CVE-2026-21512	Azure DevOps Server Cross-Site Scripting Vulnerability_MS:CVE-2026-21512 Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.	N/A	N/A	Feb 10, 2026	MSCVE
HIGH 7	MS:CVE-2026-21242	Windows Subsystem for Linux Elevation of Privilege Vulnerability_MS:CVE-2026-21242 Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.	N/A	N/A	Feb 10, 2026	MSCVE
HIGH 7.3	MS:CVE-2026-21235	Windows Graphics Component Elevation of Privilege Vulnerability_MS:CVE-2026-21235 Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.	N/A	N/A	Feb 10, 2026	MSCVE