MICROSOFT today released patches for 93 vulnerabilities, including 9 vulnerabilities in Chromium affecting Microsoft Edge, with 8 of the total being rated critical. Two of the disclosed issues were known prior to today but have not yet been exploited, and the update addresses no vulnerabilities that are already being exploited.
Notable entries include CVE-2026-26127, a .NET denial of service vulnerability exploitable across the network with no authentication required, and CVE-2026-21262, a SQL Server elevation of privilege vulnerability that could allow an authenticated user to become sysadmin.
The patch bundle also covers several Excel and Office flaws (for example CVE-2026-26113, CVE-2026-26110, CVE-2026-26144) and vulnerabilities affecting other Microsoft services and components, all of which are described as important or critical with various CVSS scores. For context, this summary draws on the March 2026 Patch Tuesday overview, according to SANS[.]edu.