CVE-2026-43414 scsi: qla2xxx: Completely fix fcport double free — CVE-2026-43414

CVE · Microsoft · CVE-2026-43414

ID
CVE-2026-43414

Date
2026-05-08

Updated
2026-05-23

Activity
2026-05-23

Source
CVE

Vendor
Microsoft

Threat
critical

CVSS
9.8

Summary

CVE-2026-43414 is a advisory from CVE. CVE-2026-43414 scsi: qla2xxx: Completely fix fcport double free Vendor: Microsoft. Severity/Threat: critical. Source updated on 2026-05-23.

Product

Security Update Guide

What to do

General, cautious steps (verify details in the official source):

Prioritize patching or mitigation immediately (treat as actively risky).
Identify affected product versions in your inventory and verify whether you are impacted.
Apply vendor patches/updates or recommended mitigations as soon as available.
Read the official advisory for exact affected versions and remediation steps.

Official advisory

Related advisories

Microsoft CVE 2026-W21

CVE-2026-41091 Microsoft Defender Elevation of Privilege Vulnerability

2026-05-26 CVE-2026-41091

highMicrosoft CVE 2026-W22

CVE-2026-45495 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

2026-05-26 CVE-2026-45495

highMicrosoft CVE 2026-W22

CVE-2026-45498 Microsoft Defender Denial of Service Vulnerability

2026-05-26 CVE-2026-45498

mediumMicrosoft CVE 2026-W22

CVE-2026-45584 Microsoft Defender Remote Code Execution Vulnerability

2026-05-26 CVE-2026-45584

highMicrosoft CVE 2026-W22

aiograpi: Unsafe signup challenge path handling

2026-05-23 CVE-2026-47157

mediumGitHub GitHub 2026-W21

Arcane: Missing admin authorization on global variables endpoint

2026-05-23 CVE-2026-47125

highGitHub GitHub 2026-W21