Skip to main content
CVE-2025-25249 HIGH This Week

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets [CVSS 8.1 HIGH]

Fortinet Buffer Overflow Heap Overflow
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-11669 HIGH PATCH This Week

Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality. [CVSS 8.1 HIGH]

Authentication Bypass Manageengine Access Manager Plus Manageengine Password Manager Pro Manageengine Pam360
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-0404 HIGH PATCH This Week

Authenticated attackers on the same network can execute arbitrary OS commands on NETGEAR Orbi routers (RBS860, RBR850, RBSE950) through improper validation of DHCPv6 input. The vulnerability requires local or WiFi network access but no user interaction, giving attackers full system compromise capabilities on affected devices. A patch is available for this high-severity flaw.

Netgear Command Injection Rbs860 Firmware Rbr850 Firmware Rbse950 Firmware +9
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-0403 HIGH PATCH This Week

NETGEAR Orbi routers (RBS850, RBE970, RBS750) are vulnerable to OS command injection through inadequate input validation, enabling attackers on the local network to execute arbitrary commands with elevated privileges. The vulnerability requires LAN access and low privileges but provides complete system compromise through high-impact code execution capabilities. A patch is available for affected firmware versions.

Netgear Command Injection Rbs850 Firmware Rbe970 Firmware Rbs750 Firmware +7
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-0407 HIGH PATCH This Week

NETGEAR WiFi extenders (Ex3110, Ex6110, Ex5000, Ex2800) contain an authentication bypass vulnerability that allows network-adjacent attackers with WiFi access or physical Ethernet connectivity to gain unauthorized admin panel access. An attacker can exploit insufficient authentication validation to fully compromise the device's confidentiality, integrity, and availability. A patch is available for affected firmware versions.

Netgear Ex3110 Firmware Ex6110 Firmware Ex5000 Firmware Ex2800 Firmware
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-0408 HIGH PATCH This Week

NETGEAR WiFi extenders (Ex5000, Ex6110, Ex2800, Ex3110) with improper path traversal validation allow authenticated LAN users to access the webproc configuration file and extract stored router credentials. An attacker with local network access can leverage this to obtain administrative credentials for further network compromise. A patch is available.

Netgear Path Traversal Ex5000 Firmware Ex6110 Firmware Ex2800 Firmware +1
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-21221 HIGH PATCH This Week

Privilege escalation in Windows 11 and Windows Server 2025 Capability Access Management Service results from a race condition in resource synchronization, enabling authenticated local users to gain elevated system privileges. The vulnerability affects multiple recent Windows versions (24h2 and 25h2) and currently lacks a patch. No public exploit code has been disclosed, though the attack requires local access and moderate complexity to execute.

Race Condition Windows 11 24h2 Windows 11 25h2 Windows Server 2025 Microsoft
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-0406 HIGH PATCH This Week

NETGEAR XR1000v2 routers are vulnerable to OS command injection through inadequate input validation, enabling attackers with LAN access to execute arbitrary commands with elevated privileges. The vulnerability affects authenticated users on the local network and could allow complete router compromise including data interception and network manipulation. A patch is available.

Netgear Command Injection Xr1000v2 Firmware
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-20943 HIGH PATCH This Week

Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally. [CVSS 7.0 HIGH]

Microsoft Office Deployment Tool Sharepoint Server Office
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-0878 HIGH PATCH This Week

Incorrect boundary condition validation in Firefox and Thunderbird's WebGL graphics component allows attackers to escape the sandbox and potentially execute arbitrary code through a crafted web page or malicious content. The vulnerability affects Firefox versions below 147, Firefox ESR below 140.7, Thunderbird below 147, and Thunderbird ESR below 140.7, and requires user interaction to exploit. No patch is currently available.

Mozilla Information Disclosure Thunderbird
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-20869 HIGH PATCH This Week

Local privilege escalation in Windows Local Session Manager (LSM) across Windows 11 23h2, Windows Server 2012, and 2019 stems from improper synchronization in shared resource handling, enabling authenticated attackers to elevate privileges on affected systems. The vulnerability requires local access and specific timing conditions to exploit, with no patch currently available. This affects systems running the impacted Windows and Server editions where authenticated users may achieve system-level privileges.

Windows Race Condition Windows 11 23h2 Windows Server 2012 Windows Server 2019 +12
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-20830 HIGH PATCH This Week

Privilege escalation in Windows Server 2025 Capability Access Management Service stems from improper synchronization of shared resources, enabling authenticated local users to gain elevated privileges. The race condition requires specific timing conditions but no patch is currently available, leaving affected systems vulnerable to privilege escalation attacks by authorized local users.

Race Condition Windows Server 2025 Microsoft
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-20815 HIGH PATCH This Week

Privilege escalation in Windows 11 and Windows Server 2025 Capability Access Management Service stems from improper synchronization of shared resources, enabling a local authenticated attacker to gain elevated privileges. The vulnerability exploits a race condition that can be triggered without user interaction, though successful exploitation requires specific timing and system conditions. No patch is currently available for this high-severity issue.

Race Condition Windows 11 25h2 Windows 11 24h2 Windows Server 2025 Microsoft
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-20811 HIGH PATCH This Week

Local privilege escalation in Windows Win32K (ICOMP) via type confusion allows authenticated users to gain system-level access on Windows 11 and Windows Server 2025. The vulnerability affects multiple recent Windows versions with no available patch, requiring immediate mitigation strategies for at-risk environments. Exploitation requires local access but no user interaction, making it a significant risk for multi-user systems.

Windows Windows Server 2025 Windows 11 23h2 Windows Server 2022 23h2 Windows 11 24h2 +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-20860 HIGH PATCH This Week

Windows 10 1607 is affected by access of resource using incompatible type (type confusion) (CVSS 7.8).

Windows Windows 10 21h2 Windows 11 25h2 Windows Server 2019 Windows Server 2022 23h2 +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-21224 HIGH PATCH This Week

Local privilege escalation in Azure Connected Machine Agent exploits a stack-based buffer overflow, enabling authenticated users to gain elevated system privileges. The vulnerability affects Azure and Stack Overflow deployments and requires local access with valid credentials to exploit. No patch is currently available for this high-severity issue.

Azure Buffer Overflow Stack Overflow Azure Connected Machine Agent
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-71091 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in team_queue_override_port_prio_changed() There has been a syzkaller bug reported recently with the following trace: list_del corruption, ffff888058bea080->prev is LIST_POISON2 (dead000000000122) ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:59!

Linux Debian Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-71086 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device() collects sockets into a local array[] and then iterates over them to disconnect sockets bound to a device being brought down.

Linux Buffer Overflow
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-71082 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devm_kzalloc in btusb This reverts commit 98921dbd00c4e ("Bluetooth: Use devm_kzalloc in btusb.c file"). In btusb_probe(), we use devm_kzalloc() to allocate the btusb data.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-71078 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-71075 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asd_pci_remove() function fails to synchronize with pending tasklets before freeing the asd_ha structure, leading to a potential use-after-free vulnerability.

Linux Use After Free Memory Corruption Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-21274 HIGH This Week

Arbitrary code execution in Adobe Dreamweaver 21.6 and earlier stems from an incorrect authorization flaw that allows attackers to bypass security controls when a user opens a malicious file. An attacker can execute code with the privileges of the current user, potentially compromising the system. No patch is currently available for this vulnerability.

Authentication Bypass RCE Dreamweaver
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21287 HIGH This Week

Arbitrary code execution in Substance 3D Stager 3.1.5 and earlier stems from a use-after-free vulnerability that executes with the privileges of the current user. An attacker can exploit this by crafting a malicious file that triggers the vulnerability when opened by a victim, requiring user interaction to activate the attack. No patch is currently available for this vulnerability.

Use After Free Substance 3d Stager
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21299 HIGH This Week

Arbitrary code execution in Substance 3D Modeler 1.22.4 and earlier via out-of-bounds write vulnerability when processing malicious files. An attacker can execute code with the privileges of the user who opens a crafted file, requiring social engineering for successful exploitation. No patch is currently available for this vulnerability.

Buffer Overflow RCE Substance 3d Modeler
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21298 HIGH This Week

Arbitrary code execution in Substance 3D Modeler versions 1.22.4 and earlier results from an out-of-bounds write vulnerability triggered when users open malicious files. An attacker can leverage this to execute code with the privileges of the current user, with no patch currently available to remediate the issue.

Buffer Overflow RCE Substance 3d Modeler
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21307 HIGH This Week

Arbitrary code execution in Substance 3D Designer 15.0.3 and earlier results from an out-of-bounds write vulnerability triggered when users open specially crafted files. An attacker can leverage this to execute code with the privileges of the affected user, though exploitation requires social engineering to deliver the malicious file. No patch is currently available.

Buffer Overflow RCE Substance 3d Designer
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21306 HIGH This Week

Arbitrary code execution in Substance 3D Sampler 5.1.0 and earlier through an out-of-bounds write vulnerability that requires a user to open a malicious file. An attacker can execute commands with the privileges of the current user on the affected system. No patch is currently available for this vulnerability.

Buffer Overflow RCE Substance 3d Sampler
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21305 HIGH This Week

Arbitrary code execution in Adobe Substance 3D Painter versions 11.0.3 and earlier through an out-of-bounds write flaw allows attackers to execute commands with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but carries high impact potential across confidentiality, integrity, and availability. No patch is currently available for affected users.

Buffer Overflow RCE Substance 3d Painter
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20871 HIGH PATCH This Week

Local privilege escalation in Windows Desktop Window Manager (DWM) through use-after-free memory corruption affects Windows 10 22H2, Windows Server 2022, and Windows Server 2025. An authenticated local attacker can exploit this vulnerability to gain system-level privileges with no user interaction required. No patch is currently available for this high-severity vulnerability.

Windows Use After Free Windows Server 2022 Windows Server 2025 Windows 10 22h2 +6
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20941 HIGH PATCH This Week

Privilege escalation in Windows Task Host Process affects Windows 11 and Server 2025 through unsafe symbolic link handling, allowing authenticated local users to gain elevated system privileges. An attacker with standard user access can exploit improper link resolution to bypass access controls and execute arbitrary actions with SYSTEM-level permissions. Currently no patch is available for this vulnerability.

Windows Windows Server 2025 Windows 11 25h2 Windows 11 24h2 Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0405 HIGH PATCH This Week

Unauthenticated administrative access in NETGEAR Orbi routers (CBR750, NBR750, RBE370, RBE371) allows local network attackers to bypass authentication and gain full admin control of the web interface. This high-severity vulnerability (CVSS 7.8) impacts all users on networks connected to affected devices, enabling attackers to modify router settings, potentially compromising network security and connected devices. A patch is available.

Netgear Authentication Bypass Rbs750 Firmware Rbe970 Firmware Rbr850 Firmware +22
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20940 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver contains a heap-based buffer overflow that enables local privilege escalation on Windows 10 1809, Windows Server 2016, and Windows Server 2022. An authenticated attacker can exploit this vulnerability to gain elevated system privileges without user interaction. No patch is currently available.

Windows Buffer Overflow Heap Overflow Windows 10 1809 Windows Server 2022 +9
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20938 HIGH PATCH This Week

Windows Virtualization-Based Security (VBS) Enclave contains an untrusted pointer dereference vulnerability that allows authenticated local users to achieve privilege escalation. The vulnerability affects Windows 11 versions 23h2, 24h2, and 25h2, and currently has no available patch. An attacker with local access can exploit this memory safety flaw to gain elevated system privileges.

Windows Windows 11 23h2 Windows 11 25h2 Windows 11 24h2 Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20920 HIGH PATCH This Week

Windows Win32K use-after-free vulnerability in ICOMP affects Windows 11 23h2 and Windows Server 2022 23h2, enabling authenticated local attackers to achieve privilege escalation with high impact on confidentiality, integrity, and availability. Currently no patch is available, and exploitation requires local access with user-level privileges.

Windows Use After Free Windows Server 2022 23h2 Windows 11 23h2 Windows Server 2022 +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20870 HIGH PATCH This Week

Privilege escalation in Windows Win32K ICOMP component via use-after-free memory corruption affects Windows 11 (24h2, 25h2) and Windows Server 2025. An authenticated local attacker can exploit this vulnerability to gain SYSTEM-level privileges with no user interaction required. Currently no patch is available and exploitation requires local access with user-level permissions.

Windows Use After Free Windows 11 25h2 Windows 11 24h2 Windows Server 2025 +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20864 HIGH PATCH This Week

Windows Server and Windows 10/11 Connected Devices Platform Service (Cdpsvc) contains a heap buffer overflow that allows authenticated local users to escalate privileges to system level. The vulnerability requires low complexity exploitation with no user interaction, affecting multiple recent Windows versions including Server 2022, Windows 10 21h2, and Windows 11 23h2. No patch is currently available for this high-severity flaw.

Buffer Overflow Heap Overflow
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20859 HIGH PATCH This Week

Kernel-mode driver use-after-free vulnerabilities in Windows 11 24H2 and Windows Server 2025 enable authenticated local attackers to achieve privilege escalation. An attacker with standard user privileges can exploit memory corruption in kernel drivers to gain SYSTEM-level access without user interaction. No patch is currently available.

Linux Windows Use After Free Windows 11 24h2 Windows Server 2025 +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20810 HIGH PATCH This Week

The Windows Ancillary Function Driver for WinSock contains an improper memory deallocation vulnerability (CWE-590) that allows authenticated local attackers to achieve privilege escalation on affected Windows 10 and Windows Server 2019 systems. An attacker with local user privileges can exploit this flaw to gain SYSTEM-level access without user interaction. No patch is currently available for this vulnerability.

Windows Windows Server 2019 Windows 10 21h2 Windows 10 22h2 Windows 10 1809 +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21304 HIGH This Week

Arbitrary code execution in Adobe InDesign versions 21.0, 19.5.5 and earlier via a heap buffer overflow vulnerability when users open malicious files. The flaw requires user interaction but allows attackers to execute code with the privileges of the current user. No patch is currently available for this high-severity issue.

Adobe Buffer Overflow Heap Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21283 HIGH This Week

Heap buffer overflow in Bridge versions 15.1.2 and 16.0 and earlier enables arbitrary code execution when users open specially crafted files. The vulnerability requires user interaction but carries no patch availability, leaving affected systems exposed to local attack. With a CVSS score of 7.8, this poses significant risk to Bridge users until patching becomes available.

Buffer Overflow Heap Overflow Bridge
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21281 HIGH This Week

Arbitrary code execution in Adobe InCopy versions 21.0, 19.5.5 and earlier through a heap-based buffer overflow when users open malicious files. An attacker can execute commands with the privileges of the targeted user by crafting a specially designed document. No patch is currently available, requiring users to avoid opening untrusted InCopy files.

Buffer Overflow Heap Overflow Incopy
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21277 HIGH This Week

Arbitrary code execution in Adobe InDesign versions 21.0, 19.5.5 and earlier through a heap-based buffer overflow vulnerability triggered by opening a malicious file. Attackers can achieve code execution with the privileges of the affected user, requiring only social engineering to deliver the malicious document. No patch is currently available.

Adobe Buffer Overflow Heap Overflow Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21276 HIGH This Week

Arbitrary code execution in Adobe InDesign versions 21.0, 19.5.5 and earlier through an uninitialized pointer vulnerability that executes with user privileges when a victim opens a crafted file. This local attack requires user interaction but offers no patch availability and affects all current InDesign users.

Adobe Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21275 HIGH This Week

Arbitrary code execution in Adobe InDesign versions 21.0, 19.5.5 and earlier through an uninitialized pointer vulnerability that executes with user privileges when a victim opens a crafted file. The attack requires no special privileges or system access, making it a significant risk for InDesign users who may inadvertently open malicious documents. No patch is currently available.

Adobe Indesign
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0859 HIGH PATCH This Week

Arbitrary PHP code execution in TYPO3 CMS versions 10.0.0 through 14.0.1 through unsafe deserialization of mail spool files, allowing local attackers with write access to the spool directory to execute malicious code when the mailer:spool:send command is executed. Affected versions span multiple release lines including 10.x, 11.x, 12.x, 13.x, and 14.x, requiring immediate patching to prevent web server compromise.

Typo3 PHP Deserialization
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20923 HIGH PATCH This Week

Privilege escalation in Windows Management Services affects Windows Server 2019, 2022 23h2, and 2025 through a use-after-free vulnerability that allows authenticated local attackers to gain elevated system privileges. The flaw requires low privileges and manual user interaction to trigger, potentially giving attackers complete system control. No patch is currently available for this vulnerability.

Windows Use After Free Windows Server 2022 23h2 Windows Server 2025 Windows Server 2019 +8
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20843 HIGH PATCH This Week

Local privilege escalation in Windows RRAS affects Windows 10, Windows 11, and Windows Server 2022, allowing authenticated users to gain system-level access through improper access control mechanisms. An attacker with local user credentials can exploit this vulnerability to obtain elevated privileges on the affected system. No patch is currently available, leaving vulnerable systems at risk until Microsoft releases a security update.

Windows Windows 11 24h2 Windows 11 25h2 Windows Server 2022 23h2 Windows 10 21h2 +11
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20822 HIGH PATCH This Week

Privilege escalation in Microsoft Graphics Component on Windows 11 25h2 and Windows Server 2019 exploits a use-after-free condition, enabling authenticated local attackers to gain elevated system privileges. The vulnerability requires moderate complexity to exploit and affects confidentiality, integrity, and availability of affected systems. No patch is currently available.

Microsoft Industrial Use After Free Windows 11 25h2 Windows Server 2019 +10
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20809 HIGH PATCH This Week

Privilege escalation in Windows Kernel Memory affects Windows 10 21h2 and Windows Server 2022 23h2, exploitable by local authenticated users through a race condition between permission checks and memory access. An attacker with local access can leverage this window to gain elevated system privileges. No patch is currently available.

Linux Windows Race Condition Windows Server 2022 23h2 Windows 10 21h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71092 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats() Commit ef56081d1864 ("RDMA/bnxt_re: RoCE related hardware counters update") added three new counters and placed them after BNXT_RE_OUT_OF_SEQ_ERR.

Linux Buffer Overflow Memory Corruption Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy