Security Vulnerabilities
Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacker to disclose information over a network.
CVSS Score
10.0
EPSS Score
0.003
Published
2026-05-22
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.
CVSS Score
9.3
EPSS Score
0.001
Published
2026-05-22
Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.
CVSS Score
9.9
EPSS Score
0.001
Published
2026-05-22
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.
CVSS Score
10.0
EPSS Score
0.004
Published
2026-05-22
Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-05-22
Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
9.1
EPSS Score
0.001
Published
2026-05-22
Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code over a network.
CVSS Score
10.0
EPSS Score
0.001
Published
2026-05-22
Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-05-22
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
CVSS Score
7.7
EPSS Score
0.001
Published
2026-05-22
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow (out-of-bounds read) in the SampleAuxInfoReader constructor. The SampleAuxInfoReader constructor iterates over saiz->get_num_samples() samples but doesn't validate that this count is consistent with the number of chunks in the chunks vector. When saiz declares more samples than the chunks cover, the loop increments current_chunk past chunks.size(), causing an out-of-bounds read on the chunks vector. The vulnerability is triggered during file parsing (heif_context_read_from_file) without any additional user interaction. Any application using libheif to open untrusted HEIF files is affected. This issue has been fixed in version 1.22.0.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-05-22