ThreatCluster

CVE-2025-38264 and CVE-2024-41007 Published by Microsoft

First seen 18 Feb 2026, 12:23 UTC Api.Msrc.Microsoft 74% similarity 39

Article Content

Browse articles
ThreatCluster

Microsoft has published information on two critical vulnerabilities affecting TCP and NVMe over TCP protocols. CVE-2024-41007, published on July 15, 2024, addresses issues with excessive retransmission packets, while CVE-2025-38264, published on July 9, 2025, focuses on sanitizing request list handling in nvme-tcp. Both vulnerabilities could impact systems utilizing these protocols.

ThreatCluster AI

Timeline

2024-07-15
CVE-2024-41007 published
2025-07-09
CVE-2025-38264 published
2026-02-18
Information published about both CVEs

Community

Browse all →