Microsoft Loop
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Loop.
Recent Microsoft Loop Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-27171 | CVE-2026-27171 zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. | March 14, 2026 |
| CVE-2026-26018 | CVE-2026-26018 CoreDNS Loop Detection Denial of Service Vulnerability | March 11, 2026 |
| CVE-2026-23220 | CVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths | February 28, 2026 |
| CVE-2026-2739 | CVE-2026-2739 This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely. | February 25, 2026 |
| CVE-2025-68753 | CVE-2025-68753 ALSA: firewire-motu: add bounds check in put_user loop for DSP events | January 8, 2026 |
| CVE-2025-68308 | CVE-2025-68308 can: kvaser_usb: leaf: Fix potential infinite loop in command parsers | January 7, 2026 |
| CVE-2024-32650 | CVE-2024-32650 Rustls vulnerable to an infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input | January 1, 2026 |
| CVE-2025-38692 | CVE-2025-38692 exfat: add cluster chain loop check for dir | January 1, 2026 |
| CVE-2024-50024 | CVE-2024-50024 net: Fix an unsafe loop on the list | January 1, 2026 |
| CVE-2023-3255 | CVE-2023-3255 Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service | January 1, 2026 |
By the Year
In 2026 there have been 1 vulnerability in Microsoft Loop with an average score of 7.1 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.10 |
It may take a day or so for new Loop vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Loop Security Vulnerabilities
Mar 2026: M365 Copilot Information Disclosure Vulnerability
CVE-2026-26133
7.1 - High
- March 13, 2026
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Loop or by Microsoft? Click the Watch button to subscribe.
