Kategorie: Allgemein

[CVE-2026-26030](https://www.cve.org/CVERecord?id=CVE-2026-26030) is a Remote Code Execution vulnerability that has been identified in Microsoft Semantic Kernel Python SDK, specifically within the InMemoryVectorStore filter functionality. GitHub created this CVE on their behalf. GitHub created this CVE on their behalf. This document incorporates updates in the Microsoft Semantic Kernel Repository which address this vulnerability. Please see [CVE-2026-26030](https://www.cve.org/CVERecord?id=CVE-2026-26030) for…
Weiterlesen

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.

External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in an sql command (’sql injection‘) in SQL Server allows an authorized attacker to elevate privileges over a network.

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.

Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network.

Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack.

Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network.

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.