You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
libyang vulnerability
About this tag
The libyang vulnerability tag covers discussions about CVE-2026-44673, a high-severity integer overflow in the libyang library that can lead to a heap buffer overflow when parsing malicious LYB data. This flaw is listed in Microsoft's Security Update Guide as a supply-chain risk for Windows environments that use network automation stacks, containers, or third-party tools relying on libyang. The vulnerability affects libyang versions before SO 5.2.1 and is not a Windows kernel issue but represents the type of open-source library flaw that Windows administrators must track due to modern infrastructure dependencies.
Microsoft has listed CVE-2026-44673, a high-severity libyang flaw disclosed in 2026, in its Security Update Guide after researchers identified an integer overflow in lyb_read_string() that can become a heap buffer overflow when malicious LYB data is parsed. The bug is not a Windows kernel flaw...