CVE-2026-21537

Publication date 10 February 2026

Last updated 11 February 2026

Ubuntu priority

Description

Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.

Status

Show unmaintained releases

Package	Ubuntu Release	Status

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2026-21537
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21537

CVE-2026-21537

Description

Status

References

Other references

Access our resources on patching vulnerabilities