Microsoft Loop
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Loop.
Recent Microsoft Loop Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-48959 | CVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward | June 2, 2026 |
| CVE-2026-10028 | CVE-2026-10028 Glib-networking: infinite loop in glib-networking gnutls backend allows remote denial of service via circular certificate chain | June 2, 2026 |
| CVE-2026-46138 | CVE-2026-46138 Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt | May 29, 2026 |
| CVE-2026-46146 | CVE-2026-46146 ALSA: usb-audio: Avoid potential endless loop in convert_chmap_v3() | May 29, 2026 |
| CVE-2026-46090 | CVE-2026-46090 ALSA: aloop: Fix peer runtime UAF during format-change stop | May 28, 2026 |
| CVE-2026-39834 | CVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh | May 27, 2026 |
| CVE-2026-5950 | CVE-2026-5950 Unbounded resend loop in BIND 9 resolver | May 23, 2026 |
| CVE-2026-47783 | CVE-2026-47783 In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass. | May 21, 2026 |
| CVE-2026-33814 | CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net | May 10, 2026 |
| CVE-2026-3298 | CVE-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes | April 30, 2026 |
By the Year
In 2026 there have been 1 vulnerability in Microsoft Loop with an average score of 7.1 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.10 |
It may take a day or so for new Loop vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Loop Security Vulnerabilities
Mar 2026: M365 Copilot Information Disclosure Vulnerability
CVE-2026-26133
7.1 - High
- March 13, 2026
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Command Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Loop or by Microsoft? Click the Watch button to subscribe.
