VDB
MSRC_CVE-2026-22693
MSRC_CVE-2026-22693
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| azl3 qtbase 6.6.3-4 | ||
| cbl2 harfbuzz 3.4.0-3 | ||
| CBL Mariner 2.0 | ||
| cbl2 qt5-qtbase 5.12.11-19 | ||
| <azl3 harfbuzz 8.3.0-3 | ||
| azl3 harfbuzz 8.3.0 | ||
| <azl3 harfbuzz 8.3.0-4 | ||
| Azure Linux 3.0 |
Exploit Intelligence
- https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-22693.json (circl)
- https://support.microsoft.com/lifecycle (circl)
- https://www.first.org/cvss (circl)
- https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade (circl)
- CPANSA-HarfBuzz-Shaper.yml (github-poc)
- harfbuzz.yml (github-poc)
Timeline
- Jan 2, 2026 CVE Published
- Jan 20, 2026 CVE Updated
- Apr 30, 2026 Security Advisory