CRITICALZero Day
Global

Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more

·Source: The Record

Updated:

Executive Summary

Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both attackers and security professionals.

Analysis

Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both attackers and security professionals.
Source Attribution

Originally published by The Record on May 29, 2026.

Related Threats

CRITICALZero Day

Gogs Zero-Day Exposes Servers to Remote Code Execution

The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch names. The post Gogs Zero-Day Exposes Servers to Remote Code Execution appeared first on SecurityWeek .

SecurityWeek
CRITICALZero DayPOC

Microsoft Threatens Legal Action Over Zero-Day Leaks

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/microsoft-threatens-legal-action-over-zero-day-leaks-image_small-3-a-31807.jpg" align=right hspace=4><b>Security Researchers Fear Broader Legal Pressure on Bug Disclosures</b><br>Microsoft is pursuing legal action after a researcher publicly released six Windows zero-days and exploit code following a breakdown in coordinated discl

Bank Info Security
CRITICALZero Day

New Gogs zero-day flaw lets hackers get remote code execution

An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [...]

BleepingComputer