Multiple vulnerabilities have been identified in Microsoft products, allowing attackers to exploit unspecified security issues. The CERT‑FR advisory lists several CVEs, including CVE‑2026‑21712, CVE‑2025‑49010, CVE‑2025‑66037, CVE‑2025‑66038, CVE‑2025‑66215, CVE‑2026‑21717, and CVE‑2026‑4897. Affected systems include azl3 nodejs24 version 24.13.0‑3 and earlier, azl3 opensc 0.26.1‑1 and earlier, azl3 polkit 123‑3 and earlier, and cbl2 polkit 0.119‑4 and earlier. The advisory does not specify the type of security problem. Users are advised to apply patches referenced in the Microsoft security bulletins linked in the document. The advisory urges system administrators to check the linked Microsoft update guides for each CVE and apply available fixes. Microsoft releases patches on the dates noted in the bulletin references. No impact on other Microsoft services is indicated in the notice. The advisory was issued on 9 April 2026.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.