Microsoft Loop
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Loop.
Recent Microsoft Loop Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-53138 | CVE-2026-53138 drm/amd/display: Bound VBIOS record-chain walk loops | June 28, 2026 |
| CVE-2026-44186 | CVE-2026-44186 Apache HTTP Server: Loop in `proxy_ftp_handler` in mod_proxy_ftp | June 11, 2026 |
| CVE-2026-46314 | CVE-2026-46314 drm/v3d: Reject empty multisync extension to prevent infinite loop | June 10, 2026 |
| CVE-2026-48959 | CVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward | June 2, 2026 |
| CVE-2026-10028 | CVE-2026-10028 Glib-networking: infinite loop in glib-networking gnutls backend allows remote denial of service via circular certificate chain | June 2, 2026 |
| CVE-2026-46138 | CVE-2026-46138 Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt | May 29, 2026 |
| CVE-2026-46146 | CVE-2026-46146 ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() | May 29, 2026 |
| CVE-2026-46090 | CVE-2026-46090 ALSA: aloop: Fix peer runtime UAF during format-change stop | May 28, 2026 |
| CVE-2026-39834 | CVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh | May 27, 2026 |
| CVE-2026-5950 | CVE-2026-5950 Unbounded resend loop in BIND 9 resolver | May 23, 2026 |
By the Year
In 2026 there have been 2 vulnerabilities in Microsoft Loop with an average score of 5.8 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 5.75 |
It may take a day or so for new Loop vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Loop Security Vulnerabilities
May 2026: Microsoft 365 Copilot for Android Spoofing Vulnerability
CVE-2026-41100
4.4 - Medium
- May 12, 2026
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
Authorization
Mar 2026: M365 Copilot Information Disclosure Vulnerability
CVE-2026-26133
7.1 - High
- March 13, 2026
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Command Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Loop or by Microsoft? Click the Watch button to subscribe.
