Windows update

1. CVE-2025-9403 jqlang jq JSON jq_test.c run_jq_tests assertion

   Information published.

2. CVE-2025-8224 GNU Binutils BFD Library elf.c bfd_elf_get_str_section null pointer dereference

   Information published.

3. CVE-2026-34757 LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure

   Information published.

4. CVE-2026-37555

   Information published.

5. CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions

   Information published.

6. CVE-2026-31431 crypto: algif_aead - Revert to operating out-of-place

   Information published.

7. CVE-2026-6845 Binutils: binutils: denial of service via crafted elf file

   Information published.

8. CVE-2026-6846 Binutils: binutils: arbitrary code execution via malformed xcoff object file processing

   Information published.

9. CVE-2026-30656

   Information published.

10. CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service

    Information published.

11. CVE-2017-20230 Storable versions before 3.05 for Perl has a stack overflow

    Information published.

12. CVE-2026-32148 Lockfile checksums not verified in Hex allows dependency integrity bypass

    Information published.

13. CVE-2025-11083 GNU Binutils Linker elfcode.h elf_swap_shdr heap-based overflow

    Information published.

14. CVE-2026-7598 libssh2 userauth.c userauth_password integer overflow

    Information published.

15. CVE-2026-43058 media: vidtv: fix pass-by-value structs causing MSAN warnings

    Information published.

16. CVE-2026-41080

    Information published.

17. CVE-2026-31602 ALSA: ctxfi: Limit PTP to a single page

    Information published.

18. CVE-2026-31598 ocfs2: fix possible deadlock between unlink and dio_end_io_write

    Information published.

19. CVE-2026-31608 smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()

    Information published.

20. CVE-2026-28532 FRRouting 10.5.3 Integer Overflow in OSPF TLV Parser Functions

    Information published.

21. CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

    Information published.

22. CVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup

    Information published.

23. CVE-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization

    Information published.

24. CVE-2026-41080

    Information published.

25. CVE-2026-31606 usb: gadget: f_hid: don't call cdev_init while cdev in use

    Information published.

26. CVE-2026-31605 fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO

    Information published.

27. CVE-2026-31599 media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections

    Information published.

28. CVE-2026-31602 ALSA: ctxfi: Limit PTP to a single page

    Information published.

29. CVE-2026-31610 ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc

    Information published.

30. CVE-2026-31598 ocfs2: fix possible deadlock between unlink and dio_end_io_write

    Information published.

31. CVE-2026-31603 staging: sm750fb: fix division by zero in ps_to_hz()

    Information published.

32. CVE-2026-31608 smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()

    Information published.

33. CVE-2026-31611 ksmbd: require 3 sub-authorities before reading sub_auth[2]

    Information published.

34. CVE-2026-31612 ksmbd: validate EaNameLength in smb2_get_ea()

    Information published.

35. CVE-2026-31597 ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY

    Information published.

36. CVE-2026-6357 pip self-update functionality can import newly installed modules after wheel installation

    Information published.

37. CVE-2026-41607 Apache Thrift: C++ JSON OOB read

    Information published.

38. CVE-2026-41636 Apache Thrift: Node.js skip() recursion

    Information published.

39. CVE-2026-31533 net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption

    Information published.

40. CVE-2026-41526

    Information published.

41. CVE-2026-40356

    Information published.

42. CVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs

    Information published.

43. CVE-2026-31478 ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len()

    Information published.

44. CVE-2026-31532 can: raw: fix ro->uniq use-after-free in raw_rcv()

    Information published.

45. CVE-2026-31596 ocfs2: handle invalid dinode in ocfs2_group_extend

    Information published.

46. CVE-2026-31609 smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()

    Information published.

47. CVE-2026-6238 Buffer overread in ns_printrrf with corrupted RDATA field

    Information published.

48. CVE-2025-48431 Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.

    Information published.

49. CVE-2026-41602 Apache Thrift: Go TFramedTransport uint32 overflow

    Information published.

50. CVE-2026-41604 Apache Thrift: Swift Range crash in skip()

    Information published.