Vulnerability-Lookup

CVE-2026-52915 (GCVE-0-2026-52915)

Vulnerability from cvelistv5 – Published: 2026-06-24 07:14 – Updated: 2026-06-28 06:36

Title

netfilter: ip6t_hbh: reject oversized option lists

Summary

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_hbh: reject oversized option lists struct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors, but hbh_mt6_check() does not reject larger optsnr values supplied from userspace. Validate optsnr in the rule setup path so only match data that fits the fixed-size opts array can be installed. This follows the existing xtables pattern of rejecting invalid user-provided counts in checkentry() and keeps the packet matching path unchanged. `struct ip6t_opts` has a fixed `opts[IP6T_OPTS_OPTSNR]` array, where `IP6T_OPTS_OPTSNR` is 16, then off-by-one array access is possible: [ 137.924693][ T8692] UBSAN: array-index-out-of-bounds in ../net/ipv6/netfilter/ip6t_hbh.c:110:29 [ 137.926167][ T8692] index 16 is out of range for type '__u16 [16]'

Severity

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/2d523ba48d4ecc46a…
https://git.kernel.org/stable/c/588933f1a2ca5ff99…
https://git.kernel.org/stable/c/784aadea7a108c9f9…
https://git.kernel.org/stable/c/41ec2e242f1702e83…
https://git.kernel.org/stable/c/db0250470f023f159…
https://git.kernel.org/stable/c/57b0ac5e1b46f1f03…
https://git.kernel.org/stable/c/6feb43c0995ab3a9c…
https://git.kernel.org/stable/c/4322dcde6b4173c2d…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 2d523ba48d4ecc46acfb6aba548292cfcce1ac02 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 588933f1a2ca5ff99274f8c9f25dc3a25d0191c3 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 784aadea7a108c9f90985683caa87fb0198c6a39 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 41ec2e242f1702e8370ddfe14d22b7a766021c3e (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < db0250470f023f159094052c0bd5ab026a88ae93 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 57b0ac5e1b46f1f0338dff392ef2092e2871b412 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 6feb43c0995ab3a9c826707eb46541a1696fe4f7 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 4322dcde6b4173c2d8e8e6118ed290794263bcc8 (git)
Linux	Linux	Affected: 2.6.12 Unaffected: 0 , < 2.6.12 (semver) Unaffected: 5.10.258 , ≤ 5.10.* (semver) Unaffected: 5.15.209 , ≤ 5.15.* (semver) Unaffected: 6.1.175 , ≤ 6.1.* (semver) Unaffected: 6.6.142 , ≤ 6.6.* (semver) Unaffected: 6.12.92 , ≤ 6.12.* (semver) Unaffected: 6.18.34 , ≤ 6.18.* (semver) Unaffected: 7.0.11 , ≤ 7.0.* (semver) Unaffected: 7.1 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/netfilter/ip6t_hbh.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2d523ba48d4ecc46acfb6aba548292cfcce1ac02",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "588933f1a2ca5ff99274f8c9f25dc3a25d0191c3",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "784aadea7a108c9f90985683caa87fb0198c6a39",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "41ec2e242f1702e8370ddfe14d22b7a766021c3e",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "db0250470f023f159094052c0bd5ab026a88ae93",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "57b0ac5e1b46f1f0338dff392ef2092e2871b412",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "6feb43c0995ab3a9c826707eb46541a1696fe4f7",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "4322dcde6b4173c2d8e8e6118ed290794263bcc8",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/netfilter/ip6t_hbh.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.12"
            },
            {
              "lessThan": "2.6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.258",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.209",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.175",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.142",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.92",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.34",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "unaffected",
              "version": "7.0.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.258",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.209",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.175",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.142",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.92",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.34",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.11",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_hbh: reject oversized option lists\n\nstruct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors,\nbut hbh_mt6_check() does not reject larger optsnr values supplied from\nuserspace.\n\nValidate optsnr in the rule setup path so only match data that fits the\nfixed-size opts array can be installed. This follows the existing xtables\npattern of rejecting invalid user-provided counts in checkentry() and\nkeeps the packet matching path unchanged.\n\n`struct ip6t_opts` has a fixed `opts[IP6T_OPTS_OPTSNR]` array,\nwhere `IP6T_OPTS_OPTSNR` is 16, then off-by-one array access is possible:\n\n[  137.924693][ T8692] UBSAN: array-index-out-of-bounds in ../net/ipv6/netfilter/ip6t_hbh.c:110:29\n[  137.926167][ T8692] index 16 is out of range for type \u0027__u16 [16]\u0027"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-28T06:36:33.329Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2d523ba48d4ecc46acfb6aba548292cfcce1ac02"
        },
        {
          "url": "https://git.kernel.org/stable/c/588933f1a2ca5ff99274f8c9f25dc3a25d0191c3"
        },
        {
          "url": "https://git.kernel.org/stable/c/784aadea7a108c9f90985683caa87fb0198c6a39"
        },
        {
          "url": "https://git.kernel.org/stable/c/41ec2e242f1702e8370ddfe14d22b7a766021c3e"
        },
        {
          "url": "https://git.kernel.org/stable/c/db0250470f023f159094052c0bd5ab026a88ae93"
        },
        {
          "url": "https://git.kernel.org/stable/c/57b0ac5e1b46f1f0338dff392ef2092e2871b412"
        },
        {
          "url": "https://git.kernel.org/stable/c/6feb43c0995ab3a9c826707eb46541a1696fe4f7"
        },
        {
          "url": "https://git.kernel.org/stable/c/4322dcde6b4173c2d8e8e6118ed290794263bcc8"
        }
      ],
      "title": "netfilter: ip6t_hbh: reject oversized option lists",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-52915",
    "datePublished": "2026-06-24T07:14:12.569Z",
    "dateReserved": "2026-06-09T07:44:35.367Z",
    "dateUpdated": "2026-06-28T06:36:33.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-52915",
      "date": "2026-06-29",
      "epss": "0.00126",
      "percentile": "0.0259"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-52915\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-06-24T08:16:21.340\",\"lastModified\":\"2026-06-28T08:16:23.190\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: ip6t_hbh: reject oversized option lists\\n\\nstruct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors,\\nbut hbh_mt6_check() does not reject larger optsnr values supplied from\\nuserspace.\\n\\nValidate optsnr in the rule setup path so only match data that fits the\\nfixed-size opts array can be installed. This follows the existing xtables\\npattern of rejecting invalid user-provided counts in checkentry() and\\nkeeps the packet matching path unchanged.\\n\\n`struct ip6t_opts` has a fixed `opts[IP6T_OPTS_OPTSNR]` array,\\nwhere `IP6T_OPTS_OPTSNR` is 16, then off-by-one array access is possible:\\n\\n[  137.924693][ T8692] UBSAN: array-index-out-of-bounds in ../net/ipv6/netfilter/ip6t_hbh.c:110:29\\n[  137.926167][ T8692] index 16 is out of range for type \u0027__u16 [16]\u0027\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"net/ipv6/netfilter/ip6t_hbh.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"2d523ba48d4ecc46acfb6aba548292cfcce1ac02\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"588933f1a2ca5ff99274f8c9f25dc3a25d0191c3\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"784aadea7a108c9f90985683caa87fb0198c6a39\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"41ec2e242f1702e8370ddfe14d22b7a766021c3e\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"db0250470f023f159094052c0bd5ab026a88ae93\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"57b0ac5e1b46f1f0338dff392ef2092e2871b412\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"6feb43c0995ab3a9c826707eb46541a1696fe4f7\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"4322dcde6b4173c2d8e8e6118ed290794263bcc8\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"net/ipv6/netfilter/ip6t_hbh.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"2.6.12\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"2.6.12\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.10.258\",\"lessThanOrEqual\":\"5.10.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.15.209\",\"lessThanOrEqual\":\"5.15.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.175\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.142\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.92\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.34\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0.11\",\"lessThanOrEqual\":\"7.0.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.1\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2d523ba48d4ecc46acfb6aba548292cfcce1ac02\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/41ec2e242f1702e8370ddfe14d22b7a766021c3e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4322dcde6b4173c2d8e8e6118ed290794263bcc8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/57b0ac5e1b46f1f0338dff392ef2092e2871b412\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/588933f1a2ca5ff99274f8c9f25dc3a25d0191c3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6feb43c0995ab3a9c826707eb46541a1696fe4f7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/784aadea7a108c9f90985683caa87fb0198c6a39\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/db0250470f023f159094052c0bd5ab026a88ae93\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}

CERTFR-2026-AVI-0812

Vulnerability from certfr_avis - Published: 2026-06-29 - Updated: 2026-06-29

De multiples vulnérabilités ont été découvertes dans Microsoft Azure Linux. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	Azure Linux	azl3 libssh2 1.11.1-2 versions antérieures à 1.11.1-3
Microsoft	Azure Linux	azl3 libssh2 1.11.1-3 versions antérieures à 1.11.1-3
Microsoft	Azure Linux	azl3 nodejs 24.14.1-3 versions antérieures à 24.17.0-1
Microsoft	Azure Linux	azl3 kernel 6.6.141.1-1 versions antérieures à 6.6.143.1-1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2026-53215	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53209	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52912	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-9697	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53080	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53247	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53218	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53221	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53255	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52926	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52916	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52924	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53239	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53254	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-9675	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52930	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52941	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53236	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53176	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52942	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53268	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53266	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53160	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53148	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53270	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53217	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52934	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53253	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52943	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53227	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53182	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53230	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53186	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53184	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53161	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52923	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53237	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53213	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52947	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53245	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52922	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53159	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53150	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53275	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53133	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53264	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53267	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53265	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53196	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53219	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53149	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53242	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53146	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53252	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53194	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52919	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52931	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52921	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53181	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53154	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52913	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53135	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53183	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53249	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53228	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53147	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53143	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53158	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52915	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53238	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53263	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53207	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53225	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53214	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-55200	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53177	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53199	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52927	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53274	2026-06-27	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "azl3 libssh2 1.11.1-2 versions ant\u00e9rieures \u00e0 1.11.1-3",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 libssh2 1.11.1-3 versions ant\u00e9rieures \u00e0 1.11.1-3",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 nodejs 24.14.1-3 versions ant\u00e9rieures \u00e0 24.17.0-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 kernel 6.6.141.1-1 versions ant\u00e9rieures \u00e0 6.6.143.1-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-9697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-9697"
    },
    {
      "name": "CVE-2026-53230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53230"
    },
    {
      "name": "CVE-2026-52934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52934"
    },
    {
      "name": "CVE-2026-53214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53214"
    },
    {
      "name": "CVE-2026-53274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53274"
    },
    {
      "name": "CVE-2026-52947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52947"
    },
    {
      "name": "CVE-2026-53218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53218"
    },
    {
      "name": "CVE-2026-53143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53143"
    },
    {
      "name": "CVE-2026-53161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53161"
    },
    {
      "name": "CVE-2026-52924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52924"
    },
    {
      "name": "CVE-2026-53227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53227"
    },
    {
      "name": "CVE-2026-53239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53239"
    },
    {
      "name": "CVE-2026-53181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53181"
    },
    {
      "name": "CVE-2026-52943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52943"
    },
    {
      "name": "CVE-2026-52915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52915"
    },
    {
      "name": "CVE-2026-53146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53146"
    },
    {
      "name": "CVE-2026-52913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52913"
    },
    {
      "name": "CVE-2026-52941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52941"
    },
    {
      "name": "CVE-2026-53150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53150"
    },
    {
      "name": "CVE-2026-53147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53147"
    },
    {
      "name": "CVE-2026-52942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52942"
    },
    {
      "name": "CVE-2026-53183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53183"
    },
    {
      "name": "CVE-2026-52931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52931"
    },
    {
      "name": "CVE-2026-52919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52919"
    },
    {
      "name": "CVE-2026-53266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53266"
    },
    {
      "name": "CVE-2026-53149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53149"
    },
    {
      "name": "CVE-2026-53176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53176"
    },
    {
      "name": "CVE-2026-53158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53158"
    },
    {
      "name": "CVE-2026-53219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53219"
    },
    {
      "name": "CVE-2026-53249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53249"
    },
    {
      "name": "CVE-2026-53217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53217"
    },
    {
      "name": "CVE-2026-52916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52916"
    },
    {
      "name": "CVE-2026-53236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53236"
    },
    {
      "name": "CVE-2026-53225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53225"
    },
    {
      "name": "CVE-2026-52922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52922"
    },
    {
      "name": "CVE-2026-53209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53209"
    },
    {
      "name": "CVE-2026-53135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53135"
    },
    {
      "name": "CVE-2026-52927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52927"
    },
    {
      "name": "CVE-2026-53237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53237"
    },
    {
      "name": "CVE-2026-53186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53186"
    },
    {
      "name": "CVE-2026-53182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53182"
    },
    {
      "name": "CVE-2026-53177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53177"
    },
    {
      "name": "CVE-2026-53255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53255"
    },
    {
      "name": "CVE-2026-53207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53207"
    },
    {
      "name": "CVE-2026-53160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53160"
    },
    {
      "name": "CVE-2026-53245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53245"
    },
    {
      "name": "CVE-2026-53148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53148"
    },
    {
      "name": "CVE-2026-53133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53133"
    },
    {
      "name": "CVE-2026-53263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53263"
    },
    {
      "name": "CVE-2026-53228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53228"
    },
    {
      "name": "CVE-2026-53194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53194"
    },
    {
      "name": "CVE-2026-53242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53242"
    },
    {
      "name": "CVE-2026-53199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53199"
    },
    {
      "name": "CVE-2026-53247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53247"
    },
    {
      "name": "CVE-2026-53268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53268"
    },
    {
      "name": "CVE-2026-53159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53159"
    },
    {
      "name": "CVE-2026-9675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-9675"
    },
    {
      "name": "CVE-2026-53080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53080"
    },
    {
      "name": "CVE-2026-53267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53267"
    },
    {
      "name": "CVE-2026-52912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52912"
    },
    {
      "name": "CVE-2026-53221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53221"
    },
    {
      "name": "CVE-2026-53275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53275"
    },
    {
      "name": "CVE-2026-55200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-55200"
    },
    {
      "name": "CVE-2026-53215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53215"
    },
    {
      "name": "CVE-2026-53253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53253"
    },
    {
      "name": "CVE-2026-53252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53252"
    },
    {
      "name": "CVE-2026-53270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53270"
    },
    {
      "name": "CVE-2026-53264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53264"
    },
    {
      "name": "CVE-2026-53184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53184"
    },
    {
      "name": "CVE-2026-53254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53254"
    },
    {
      "name": "CVE-2026-53238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53238"
    },
    {
      "name": "CVE-2026-52921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52921"
    },
    {
      "name": "CVE-2026-53213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53213"
    },
    {
      "name": "CVE-2026-52930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52930"
    },
    {
      "name": "CVE-2026-53265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53265"
    },
    {
      "name": "CVE-2026-52923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52923"
    },
    {
      "name": "CVE-2026-53154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53154"
    },
    {
      "name": "CVE-2026-53196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53196"
    },
    {
      "name": "CVE-2026-52926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52926"
    }
  ],
  "initial_release_date": "2026-06-29T00:00:00",
  "last_revision_date": "2026-06-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0812",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-06-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Azure Linux. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Azure Linux",
  "vendor_advisories": [
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53215",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53215"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53209",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53209"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52912",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52912"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-9697",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9697"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53080",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53080"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53247",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53247"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53218",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53218"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53221",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53221"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53255",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53255"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52926",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52926"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52916",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52916"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52924",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52924"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53239",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53239"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53254",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53254"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-9675",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9675"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52930",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52930"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52941",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52941"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53236",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53236"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53176",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53176"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52942",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52942"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53268",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53268"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53266",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53266"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53160",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53160"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53148",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53148"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53270",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53270"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53217",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53217"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52934",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52934"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53253",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53253"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52943",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52943"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53227",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53227"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53182",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53182"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53230",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53230"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53186",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53186"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53184",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53184"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53161",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53161"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52923",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52923"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53237",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53237"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53213",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53213"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52947",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52947"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53245",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53245"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52922",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52922"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53159",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53159"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53150",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53150"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53275",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53275"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53133",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53133"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53264",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53264"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53267",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53267"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53265",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53265"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53196",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53196"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53219",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53219"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53149",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53149"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53242",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53242"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53146",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53146"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53252",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53252"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53194",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53194"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52919",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52919"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52931",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52931"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52921",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52921"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53181",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53181"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53154",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53154"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52913",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52913"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53135",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53135"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53183",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53183"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53249",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53249"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53228",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53228"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53147",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53147"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53143",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53143"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53158",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53158"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52915",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52915"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53238",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53238"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53263",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53263"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53207",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53207"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53225",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53225"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53214",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53214"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-55200",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55200"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53177",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53177"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53199",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53199"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52927",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52927"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53274",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53274"
    }
  ]
}

GHSA-9HFH-P7QH-475C

Vulnerability from github – Published: 2026-06-24 09:30 – Updated: 2026-06-28 09:31

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ip6t_hbh: reject oversized option lists

struct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors, but hbh_mt6_check() does not reject larger optsnr values supplied from userspace.

Validate optsnr in the rule setup path so only match data that fits the fixed-size opts array can be installed. This follows the existing xtables pattern of rejecting invalid user-provided counts in checkentry() and keeps the packet matching path unchanged.

struct ip6t_opts has a fixed opts[IP6T_OPTS_OPTSNR] array, where IP6T_OPTS_OPTSNR is 16, then off-by-one array access is possible:

[ 137.924693][ T8692] UBSAN: array-index-out-of-bounds in ../net/ipv6/netfilter/ip6t_hbh.c:110:29 [ 137.926167][ T8692] index 16 is out of range for type '__u16 [16]'

Severity

7.1 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-52915"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-24T08:16:21Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_hbh: reject oversized option lists\n\nstruct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors,\nbut hbh_mt6_check() does not reject larger optsnr values supplied from\nuserspace.\n\nValidate optsnr in the rule setup path so only match data that fits the\nfixed-size opts array can be installed. This follows the existing xtables\npattern of rejecting invalid user-provided counts in checkentry() and\nkeeps the packet matching path unchanged.\n\n`struct ip6t_opts` has a fixed `opts[IP6T_OPTS_OPTSNR]` array,\nwhere `IP6T_OPTS_OPTSNR` is 16, then off-by-one array access is possible:\n\n[  137.924693][ T8692] UBSAN: array-index-out-of-bounds in ../net/ipv6/netfilter/ip6t_hbh.c:110:29\n[  137.926167][ T8692] index 16 is out of range for type \u0027__u16 [16]\u0027",
  "id": "GHSA-9hfh-p7qh-475c",
  "modified": "2026-06-28T09:31:35Z",
  "published": "2026-06-24T09:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-52915"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2d523ba48d4ecc46acfb6aba548292cfcce1ac02"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/41ec2e242f1702e8370ddfe14d22b7a766021c3e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4322dcde6b4173c2d8e8e6118ed290794263bcc8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/57b0ac5e1b46f1f0338dff392ef2092e2871b412"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/588933f1a2ca5ff99274f8c9f25dc3a25d0191c3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6feb43c0995ab3a9c826707eb46541a1696fe4f7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/784aadea7a108c9f90985683caa87fb0198c6a39"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/db0250470f023f159094052c0bd5ab026a88ae93"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

MSRC_CVE-2026-52915

Vulnerability from csaf_microsoft - Published: 2026-06-02 00:00 - Updated: 2026-06-28 01:48

Summary

netfilter: ip6t_hbh: reject oversized option lists

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2026-52915

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 21443-17084		—

Known affected 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 17084-1		—	Vendor Fix fix

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2026/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2026/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2026-52915 netfilter: ip6t_hbh: reject oversized option lists - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-52915.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "netfilter: ip6t_hbh: reject oversized option lists",
    "tracking": {
      "current_release_date": "2026-06-28T01:48:36.000Z",
      "generator": {
        "date": "2026-06-28T07:10:57.239Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2026-52915",
      "initial_release_date": "2026-06-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-06-27T01:08:30.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2026-06-28T01:48:36.000Z",
          "legacy_version": "2",
          "number": "2",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 kernel 0:6.6.141.1-1.azl3",
                "product": {
                  "name": "\u003cazl3 kernel 0:6.6.141.1-1.azl3",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 kernel 0:6.6.141.1-1.azl3",
                "product": {
                  "name": "azl3 kernel 0:6.6.141.1-1.azl3",
                  "product_id": "21443"
                }
              }
            ],
            "category": "product_name",
            "name": "kernel"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 kernel 0:6.6.141.1-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "17084-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 kernel 0:6.6.141.1-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "21443-17084"
        },
        "product_reference": "21443",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-52915",
      "notes": [
        {
          "category": "general",
          "text": "Linux",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "21443-17084"
        ],
        "known_affected": [
          "17084-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-52915 netfilter: ip6t_hbh: reject oversized option lists - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-52915.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-27T01:08:30.000Z",
          "details": "0:6.6.143.1-1.azl3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "title": "netfilter: ip6t_hbh: reject oversized option lists"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-52915 (GCVE-0-2026-52915)

CERTFR-2026-AVI-0812

Solutions

GHSA-9HFH-P7QH-475C

MSRC_CVE-2026-52915

Tags

Sightings

Nomenclature