CyberSecurity
on February 10, 2026 at 8:00 am — CVE-2026-21258 Microsoft Excel Information Disclosure Vulnerability
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
on February 10, 2026 at 8:00 am — CVE-2026-21519 Desktop Window Manager Elevation of Privilege Vulnerability
Access of resource using incompatible type (‘type confusion’) in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
on February 10, 2026 at 8:00 am — CVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
Improper neutralization of special elements used in a command (‘command injection’) in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.
on February 10, 2026 at 8:00 am — CVE-2026-21517 Windows App for Mac Installer Elevation of Privilege Vulnerability
Improper link resolution before file access (‘link following’) in Windows App for Mac allows an authorized attacker to elevate privileges locally.
on February 10, 2026 at 8:00 am — CVE-2026-21512 Azure DevOps Server Cross-Site Scripting Vulnerability
Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.
on February 10, 2026 at 8:00 am — CVE-2026-21259 Microsoft Excel Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.