ThreatCluster

New CVEs Address IPv6 Vulnerabilities in Microsoft Products

First seen 18 Feb 2026, 12:23 UTC Api.Msrc.Microsoft 76% similarity 39

Article Content

Browse articles
ThreatCluster

Two new Common Vulnerabilities and Exposures (CVEs) have been published regarding IPv6 vulnerabilities in Microsoft products. CVE-2024-45341, published on January 28, 2025, involves the usage of IPv6 zone IDs that can bypass URI name constraints in crypto/x509. CVE-2025-47912, published on October 29, 2025, pertains to insufficient validation of bracketed IPv6 hostnames in net/url.

ThreatCluster AI

Timeline

2025-01-28
CVE-2024-45341 published
2025-10-29
CVE-2025-47912 published
2026-02-18
Articles published detailing both CVEs

Community

Browse all →