cvelistv5 - cve-2026-23397

CVE-2026-23397 (GCVE-0-2026-23397)

Vulnerability from cvelistv5

Published

2026-03-26 10:22

Modified

2026-04-18 08:58

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: nfnetlink_osf: validate individual option lengths in fingerprints nfnl_osf_add_callback() validates opt_num bounds and string NUL-termination but does not check individual option length fields. A zero-length option causes nf_osf_match_one() to enter the option matching loop even when foptsize sums to zero, which matches packets with no TCP options where ctx->optp is NULL: Oops: general protection fault KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98) Call Trace: nf_osf_match (net/netfilter/nfnetlink_osf.c:227) xt_osf_match_packet (net/netfilter/xt_osf.c:32) ipt_do_table (net/ipv4/netfilter/ip_tables.c:293) nf_hook_slow (net/netfilter/core.c:623) ip_local_deliver (net/ipv4/ip_input.c:262) ip_rcv (net/ipv4/ip_input.c:573) Additionally, an MSS option (kind=2) with length < 4 causes out-of-bounds reads when nf_osf_match_one() unconditionally accesses optp[2] and optp[3] for MSS value extraction. While RFC 9293 section 3.2 specifies that the MSS option is always exactly 4 bytes (Kind=2, Length=4), the check uses "< 4" rather than "!= 4" because lengths greater than 4 do not cause memory safety issues -- the buffer is guaranteed to be at least foptsize bytes by the ctx->optsize == foptsize check. Reject fingerprints where any option has zero length, or where an MSS option has length less than 4, at add time rather than trusting these values in the packet matching hot path.

References

URL

Tags

	https://git.kernel.org/stable/c/e9cf17b91e733fec725ebcc0b3098bc5ccd505e0
	https://git.kernel.org/stable/c/3c11b5c2436a3a5b450612ab160e3a525b28cfb5
	https://git.kernel.org/stable/c/aa0574182c46963c3cdb8cde46ec93aca21100d8
	https://git.kernel.org/stable/c/224f4678812e1a7bc8341bcb666773a0aec5ea6f
	https://git.kernel.org/stable/c/ec8bf0571b142f29dc0b68ae2ac3952f7a464b38
	https://git.kernel.org/stable/c/3932620c04c2938c93c0890c225960d3d34ba355
	https://git.kernel.org/stable/c/4c6aa008b913e808c4f4d3cde36cb1d9bb5967c6
	https://git.kernel.org/stable/c/dbdfaae9609629a9569362e3b8f33d0a20fd783c

Impacted products

Vendor

Product

Version

Linux

Version: 11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384
Version: 11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384
Version: 11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384
Version: 11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384
Version: 11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384
Version: 11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384
Version: 11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384
Version: 11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384

Linux

Version: 2.6.31

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nfnetlink_osf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e9cf17b91e733fec725ebcc0b3098bc5ccd505e0",
              "status": "affected",
              "version": "11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384",
              "versionType": "git"
            },
            {
              "lessThan": "3c11b5c2436a3a5b450612ab160e3a525b28cfb5",
              "status": "affected",
              "version": "11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384",
              "versionType": "git"
            },
            {
              "lessThan": "aa0574182c46963c3cdb8cde46ec93aca21100d8",
              "status": "affected",
              "version": "11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384",
              "versionType": "git"
            },
            {
              "lessThan": "224f4678812e1a7bc8341bcb666773a0aec5ea6f",
              "status": "affected",
              "version": "11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384",
              "versionType": "git"
            },
            {
              "lessThan": "ec8bf0571b142f29dc0b68ae2ac3952f7a464b38",
              "status": "affected",
              "version": "11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384",
              "versionType": "git"
            },
            {
              "lessThan": "3932620c04c2938c93c0890c225960d3d34ba355",
              "status": "affected",
              "version": "11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384",
              "versionType": "git"
            },
            {
              "lessThan": "4c6aa008b913e808c4f4d3cde36cb1d9bb5967c6",
              "status": "affected",
              "version": "11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384",
              "versionType": "git"
            },
            {
              "lessThan": "dbdfaae9609629a9569362e3b8f33d0a20fd783c",
              "status": "affected",
              "version": "11eeef41d5f63c7d2f7fdfcc733eb7fb137cc384",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nfnetlink_osf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.31"
            },
            {
              "lessThan": "2.6.31",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.253",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.203",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.167",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.130",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.78",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.20",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.19.*",
              "status": "unaffected",
              "version": "6.19.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.253",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.203",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.167",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.130",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.78",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.20",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19.10",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0",
                  "versionStartIncluding": "2.6.31",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfnetlink_osf: validate individual option lengths in fingerprints\n\nnfnl_osf_add_callback() validates opt_num bounds and string\nNUL-termination but does not check individual option length fields.\nA zero-length option causes nf_osf_match_one() to enter the option\nmatching loop even when foptsize sums to zero, which matches packets\nwith no TCP options where ctx-\u003eoptp is NULL:\n\n Oops: general protection fault\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n  nf_osf_match (net/netfilter/nfnetlink_osf.c:227)\n  xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n  ipt_do_table (net/ipv4/netfilter/ip_tables.c:293)\n  nf_hook_slow (net/netfilter/core.c:623)\n  ip_local_deliver (net/ipv4/ip_input.c:262)\n  ip_rcv (net/ipv4/ip_input.c:573)\n\nAdditionally, an MSS option (kind=2) with length \u003c 4 causes\nout-of-bounds reads when nf_osf_match_one() unconditionally accesses\noptp[2] and optp[3] for MSS value extraction.  While RFC 9293\nsection 3.2 specifies that the MSS option is always exactly 4\nbytes (Kind=2, Length=4), the check uses \"\u003c 4\" rather than\n\"!= 4\" because lengths greater than 4 do not cause memory\nsafety issues -- the buffer is guaranteed to be at least\nfoptsize bytes by the ctx-\u003eoptsize == foptsize check.\n\nReject fingerprints where any option has zero length, or where an MSS\noption has length less than 4, at add time rather than trusting these\nvalues in the packet matching hot path."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-18T08:58:32.483Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e9cf17b91e733fec725ebcc0b3098bc5ccd505e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/3c11b5c2436a3a5b450612ab160e3a525b28cfb5"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa0574182c46963c3cdb8cde46ec93aca21100d8"
        },
        {
          "url": "https://git.kernel.org/stable/c/224f4678812e1a7bc8341bcb666773a0aec5ea6f"
        },
        {
          "url": "https://git.kernel.org/stable/c/ec8bf0571b142f29dc0b68ae2ac3952f7a464b38"
        },
        {
          "url": "https://git.kernel.org/stable/c/3932620c04c2938c93c0890c225960d3d34ba355"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c6aa008b913e808c4f4d3cde36cb1d9bb5967c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/dbdfaae9609629a9569362e3b8f33d0a20fd783c"
        }
      ],
      "title": "nfnetlink_osf: validate individual option lengths in fingerprints",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-23397",
    "datePublished": "2026-03-26T10:22:49.954Z",
    "dateReserved": "2026-01-13T15:37:46.011Z",
    "dateUpdated": "2026-04-18T08:58:32.483Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CERTFR-2026-AVI-0376

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	CBL Mariner	cbl2 telegraf 1.29.4-21 versions antérieures à 1.29.4-22
Microsoft	Azure Linux	azl3 glibc 2.38-18 versions antérieures à 2.38-19
Microsoft	Azure Linux	azl3 squid 6.13-3 versions antérieures à 6.13-4
Microsoft	Azure Linux	azl3 python-pyasn1 0.4.8-1 versions antérieures à 0.4.8-2
Microsoft	Azure Linux	azl3 nginx 1.28.2-1 versions antérieures à 1.28.3-1
Microsoft	CBL Mariner	cbl2 ncurses 6.4-3 versions antérieures à 6.4-4
Microsoft	Azure Linux	azl3 kernel 6.6.126.1-1 versions antérieures à 6.6.130.1-1
Microsoft	Azure Linux	azl3 ncurses 6.4-2 versions antérieures à 6.4-3
Microsoft	CBL Mariner	cbl2 terraform 1.3.2-29 versions antérieures à 1.3.2-30
Microsoft	Azure Linux	azl3 libsoup 3.4.4-12 versions antérieures à 3.4.4-14
Microsoft	Azure Linux	azl3 etcd 3.5.21-1 versions antérieures à 3.5.28-1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2026-32748	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4438	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23347	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23268	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23392	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23319	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23253	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23296	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23364	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23368	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27654	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-30922	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23286	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23396	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23340	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23324	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33515	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23318	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23379	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23317	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27784	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23359	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23245	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23269	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23298	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23304	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23370	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23100	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23271	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23352	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33343	2026-03-28	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4437	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23343	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33413	2026-03-28	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23246	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23279	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23244	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23367	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23307	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23398	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2025-69720	2026-03-25	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-28755	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23300	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23381	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23356	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23351	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23277	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23315	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4645	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33526	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23382	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23310	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23306	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23336	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-2369	2026-03-25	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23391	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23290	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23312	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23388	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23390	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23303	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23289	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23293	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27651	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23291	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-28753	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23334	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-32647	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23397	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23281	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23365	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23285	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23292	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23284	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23395	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23274	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23357	2026-03-26	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "cbl2 telegraf 1.29.4-21 versions ant\u00e9rieures \u00e0 1.29.4-22",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 glibc 2.38-18 versions ant\u00e9rieures \u00e0 2.38-19",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 squid 6.13-3 versions ant\u00e9rieures \u00e0 6.13-4",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 python-pyasn1 0.4.8-1 versions ant\u00e9rieures \u00e0 0.4.8-2",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 nginx 1.28.2-1 versions ant\u00e9rieures \u00e0 1.28.3-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "cbl2 ncurses 6.4-3 versions ant\u00e9rieures \u00e0 6.4-4",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 kernel 6.6.126.1-1 versions ant\u00e9rieures \u00e0 6.6.130.1-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 ncurses 6.4-2 versions ant\u00e9rieures \u00e0 6.4-3",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "cbl2 terraform 1.3.2-29 versions ant\u00e9rieures \u00e0 1.3.2-30",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 libsoup 3.4.4-12 versions ant\u00e9rieures \u00e0 3.4.4-14",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 etcd 3.5.21-1 versions ant\u00e9rieures \u00e0 3.5.28-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-23318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23318"
    },
    {
      "name": "CVE-2026-23368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23368"
    },
    {
      "name": "CVE-2026-23281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23281"
    },
    {
      "name": "CVE-2026-32647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
    },
    {
      "name": "CVE-2026-23269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23269"
    },
    {
      "name": "CVE-2026-23293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23293"
    },
    {
      "name": "CVE-2026-23290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23290"
    },
    {
      "name": "CVE-2026-27651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
    },
    {
      "name": "CVE-2026-23303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23303"
    },
    {
      "name": "CVE-2026-27654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
    },
    {
      "name": "CVE-2026-23340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23340"
    },
    {
      "name": "CVE-2026-23253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23253"
    },
    {
      "name": "CVE-2026-33343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33343"
    },
    {
      "name": "CVE-2026-23271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23271"
    },
    {
      "name": "CVE-2026-23268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23268"
    },
    {
      "name": "CVE-2026-23285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23285"
    },
    {
      "name": "CVE-2026-23304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23304"
    },
    {
      "name": "CVE-2026-23357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23357"
    },
    {
      "name": "CVE-2026-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4645"
    },
    {
      "name": "CVE-2026-23324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23324"
    },
    {
      "name": "CVE-2026-23347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23347"
    },
    {
      "name": "CVE-2026-28755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28755"
    },
    {
      "name": "CVE-2026-23317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23317"
    },
    {
      "name": "CVE-2026-23334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23334"
    },
    {
      "name": "CVE-2026-23391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23391"
    },
    {
      "name": "CVE-2026-23319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23319"
    },
    {
      "name": "CVE-2026-23279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23279"
    },
    {
      "name": "CVE-2026-23244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23244"
    },
    {
      "name": "CVE-2026-23246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23246"
    },
    {
      "name": "CVE-2026-30922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
    },
    {
      "name": "CVE-2026-23286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23286"
    },
    {
      "name": "CVE-2026-23359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23359"
    },
    {
      "name": "CVE-2026-23298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23298"
    },
    {
      "name": "CVE-2026-23296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23296"
    },
    {
      "name": "CVE-2026-23396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23396"
    },
    {
      "name": "CVE-2026-23370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23370"
    },
    {
      "name": "CVE-2026-23315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23315"
    },
    {
      "name": "CVE-2026-23352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23352"
    },
    {
      "name": "CVE-2026-23367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23367"
    },
    {
      "name": "CVE-2026-32748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32748"
    },
    {
      "name": "CVE-2026-23300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23300"
    },
    {
      "name": "CVE-2026-23379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23379"
    },
    {
      "name": "CVE-2026-23381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23381"
    },
    {
      "name": "CVE-2026-23392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23392"
    },
    {
      "name": "CVE-2026-23245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23245"
    },
    {
      "name": "CVE-2026-4438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4438"
    },
    {
      "name": "CVE-2026-23364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23364"
    },
    {
      "name": "CVE-2026-23274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23274"
    },
    {
      "name": "CVE-2026-23284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23284"
    },
    {
      "name": "CVE-2026-23397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23397"
    },
    {
      "name": "CVE-2026-23343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23343"
    },
    {
      "name": "CVE-2026-23336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23336"
    },
    {
      "name": "CVE-2025-69720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69720"
    },
    {
      "name": "CVE-2026-23289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23289"
    },
    {
      "name": "CVE-2026-23292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23292"
    },
    {
      "name": "CVE-2026-23277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23277"
    },
    {
      "name": "CVE-2026-4437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4437"
    },
    {
      "name": "CVE-2026-27784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
    },
    {
      "name": "CVE-2026-23388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23388"
    },
    {
      "name": "CVE-2026-28753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28753"
    },
    {
      "name": "CVE-2026-33526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33526"
    },
    {
      "name": "CVE-2026-23310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23310"
    },
    {
      "name": "CVE-2026-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2369"
    },
    {
      "name": "CVE-2026-33515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33515"
    },
    {
      "name": "CVE-2026-23395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23395"
    },
    {
      "name": "CVE-2026-23100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23100"
    },
    {
      "name": "CVE-2026-23306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23306"
    },
    {
      "name": "CVE-2026-33413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33413"
    },
    {
      "name": "CVE-2026-23291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23291"
    },
    {
      "name": "CVE-2026-23382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23382"
    },
    {
      "name": "CVE-2026-23312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23312"
    },
    {
      "name": "CVE-2026-23365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23365"
    },
    {
      "name": "CVE-2026-23356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23356"
    },
    {
      "name": "CVE-2026-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23307"
    },
    {
      "name": "CVE-2026-23398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23398"
    },
    {
      "name": "CVE-2026-23351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23351"
    },
    {
      "name": "CVE-2026-23390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23390"
    }
  ],
  "initial_release_date": "2026-03-30T00:00:00",
  "last_revision_date": "2026-03-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0376",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-32748",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4438",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23347",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23268",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23392",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23319",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23253",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23296",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23364",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23368",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27654",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-30922",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23286",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23396",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23396"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23340",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23340"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23324",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23324"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33515",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33515"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23318",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23318"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23379",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23379"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23317",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23317"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27784",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27784"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23359",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23359"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23245",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23245"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23269",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23269"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23298",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23298"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23304",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23304"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23370",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23370"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23100",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23100"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23271",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23271"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23352",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23352"
    },
    {
      "published_at": "2026-03-28",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33343",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33343"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4437",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4437"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23343",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23343"
    },
    {
      "published_at": "2026-03-28",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33413",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33413"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23246",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23246"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23279",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23279"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23244",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23244"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23367",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23367"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23307",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23307"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23398",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23398"
    },
    {
      "published_at": "2026-03-25",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-69720",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69720"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28755",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28755"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23300",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23300"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23381",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23381"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23356",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23356"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23351",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23351"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23277",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23277"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23315",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23315"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4645",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4645"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33526",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33526"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23382",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23382"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23310",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23310"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23306",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23306"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23336",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23336"
    },
    {
      "published_at": "2026-03-25",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-2369",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-2369"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23391",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23391"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23290",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23290"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23312",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23312"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23388",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23388"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23390",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23390"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23303",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23303"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23289",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23289"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23293",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23293"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27651",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27651"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23291",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23291"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28753",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28753"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23334",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23334"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-32647",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32647"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23397",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23397"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23281",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23281"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23365",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23365"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23285",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23285"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23292",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23292"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23284",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23284"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23395",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23395"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23274",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23274"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23357",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23357"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2026-23397 (GCVE-0-2026-23397)

Vulnerability from cvelistv5

CERTFR-2026-AVI-0376

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature