Skip to main content
CVE-2026-35032 HIGH PATCH This Week

Jellyfin media server versions before 10.11.7 allow authenticated users to escalate privileges to administrator through a chained exploit involving M3U tuner SSRF, local file read, and database exfiltration. Any authenticated user can exploit this because the EnableLiveTvManagement permission defaults to enabled. The attack chain enables reading the Jellyfin database to extract admin session tokens, achieving full administrative control. CVSS 8.6 (High) reflects network-accessible attack requiring only low-privilege authentication. No active exploitation (CISA KEV) confirmed, but public disclosure via GitHub Security Advisory indicates exploit details are known.

SSRF Jellyfin
NVD GitHub
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-27290 HIGH This Week

Arbitrary code execution in Adobe FrameMaker 2022.8 and earlier via DLL hijacking/search path manipulation allows local attackers to run malicious code in user context without interaction. CVSS 8.6 severity stems from changed scope and high confidentiality/integrity/availability impact despite local attack vector. No public exploit identified at time of analysis. EPSS data not available for this recent CVE. Vendor patch released per Adobe Security Bulletin APSB26-36.

RCE Adobe
NVD
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-32203 HIGH PATCH Exploit Unlikely This Week

Denial of service via stack buffer overflow in .NET (versions 8.0, 9.0, 10.0) and Visual Studio 2022 (versions 17.12, 17.14) allows unauthenticated remote attackers to crash affected applications over the network. The vulnerability has a CVSS score of 7.5 (High) with low attack complexity and no privileges required. Vendor-released patches are available from Microsoft (MSRC). No public exploit identified at time of analysis, and the issue is not confirmed actively exploited.

Stack Overflow Buffer Overflow Net 10 0 Net 8 0 Net 9 0 +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-23666 HIGH PATCH NEWS Exploit Unlikely This Week

Denial of service in Microsoft .NET Framework 3.5 through 4.8.1 allows unauthenticated remote attackers to crash applications via race condition exploitation over a network. The vulnerability stems from improper synchronization when multiple threads access shared resources concurrently (CWE-755). Affected versions span .NET Framework 3.5, 4.6.2, 4.7.x, 4.8, and 4.8.1 across multiple component combinations. Microsoft has released patches addressing the flaw. No public exploit code or active explo

Authentication Bypass Microsoft Net Framework 3 5 Microsoft Net Framework 3 5 And 4 7 2 Microsoft Net Framework 3 5 And 4 8 Microsoft Net Framework 3 5 And 4 8 1 +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-32178 HIGH PATCH GHSA Exploit Unlikely This Week

Information disclosure in Microsoft .NET 8.0, 9.0, 10.0, and Visual Studio 2022 allows unauthenticated remote attackers to access sensitive data through improper neutralization of special elements. This spoofing vulnerability (CWE-138) enables attackers to bypass authentication mechanisms and extract high-confidentiality information over the network with low attack complexity. No active exploitation confirmed (not in CISA KEV), but the network-accessible, no-authentication-required attack profile presents immediate risk for internet-facing .NET applications. Vendor patches available for all affected versions.

Authentication Bypass Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 +1
NVD VulDB HeroDevs
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-38527 HIGH GHSA This Week

Server-Side Request Forgery in Webkul Krayin CRM 2.2.x enables authenticated users to scan internal network resources and access sensitive information through the webhook creation endpoint. Attackers with low-privilege accounts can send crafted POST requests to /settings/webhooks/create, forcing the server to make requests to arbitrary internal URLs. With CVSS 8.5 (High) and scope change to other components, this allows reconnaissance of internal infrastructure, access to cloud metadata endpoints, and potential lateral movement. EPSS data not available; no public exploit identified at time of analysis, though technical details are published in security advisory.

SSRF
NVD GitHub
CVSS 3.1
8.5
EPSS
0.0%
CVE-2026-0207 HIGH This Week

Information disclosure in Pure Storage FlashBlade allows high-privileged network attackers to access sensitive data through log files. Affects FlashBlade versions 4.0.0-4.4.8, 4.5.0-4.5.13, and 4.6.0-4.6.3. The vulnerability (CWE-532: insertion of sensitive information into log file) has a CVSS 4.0 score of 8.5, indicating high confidentiality impact with scope change, but requires high privileges. No public exploit or active exploitation confirmed at time of analysis. EPSS data not yet available for this recently disclosed CVE.

Information Disclosure
NVD VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-32221 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Graphics Component across Windows 11 24H2/25H2/26H1 and Server 2025 enables unauthenticated local attackers to execute arbitrary code with high integrity via heap-based buffer overflow exploitation. CVSS 8.4 (High) reflects low attack complexity and no user interaction requirement, though local access is necessary. EPSS data unavailable; no CISA KEV listing or public exploit identified at time of analysis, but the low complexity (AC:L) and no-auth requirement (PR:N) make this highly attractive for post-compromise escalation.

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-27306 HIGH This Week

Arbitrary code execution in Adobe ColdFusion 2023.18, 2025.6 and earlier allows authenticated attackers with high privileges to execute malicious code through improper input validation. Exploitation requires user interaction (victim opening a malicious file). EPSS data not available; no confirmed active exploitation (not in CISA KEV). CVSS 8.4 reflects high impact across confidentiality, integrity, and availability with scope change, though real-world risk is constrained by requiring both elevated privileges and user interaction.

RCE Coldfusion
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-32091 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Brokering File System allows unprivileged attackers with physical or local access to gain SYSTEM-level privileges through a race condition vulnerability. The flaw affects all supported Windows 10, Windows 11, and Windows Server versions from 2016 through 2025. Despite an 8.4 CVSS score indicating high severity, real-world risk is moderate: EPSS score of 0.04% (12th percentile) suggests low exploitation likelihood, SSVC framework confirms no active exploitation, and the local attack vector limits exposure to scenarios where attackers already have local access. Vendor-released patches are available for all affected versions.

Authentication Bypass Race Condition Microsoft
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-32162 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Windows COM across Windows 10 (1809, 21H2, 22H2), Windows 11 (22H3-26H1), and Windows Server (2019-2025) allows unauthenticated attackers with local access to achieve full system compromise (high confidentiality, integrity, and availability impact) by exploiting acceptance of untrusted data alongside trusted data. CVSS 8.4 reflects the severe impact of complete privilege escalation despite requiring local access. Vendor-released patch available with specific build n

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-40287 HIGH PATCH GHSA This Week

Arbitrary Python code execution in PraisonAI ≤4.5.138 occurs when malicious tools.py files are automatically imported from the current working directory without validation. Attackers placing a crafted tools.py in shared projects, cloned repositories, or writable workspaces achieve immediate code execution with full process privileges upon PraisonAI startup. EPSS data not available, but the local attack vector (AV:L) requiring no privileges (PR:N) or user interaction (UI:N) enables exploitation through supply chain and workspace poisoning attacks. No public exploit identified at time of analysis, though the vulnerability is trivial to exploit given the straightforward code injection mechanism.

Code Injection RCE Python
NVD GitHub
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-39884 HIGH PATCH GHSA This Week

Command injection in mcp-server-kubernetes port_forward function allows authenticated network attackers to expose internal Kubernetes services to external networks or bypass namespace restrictions. The vulnerability (CVSS 8.3) stems from unsafe string concatenation and space-splitting of kubectl arguments, enabling arbitrary flag injection via fields like resourceName or namespace. Attackers can inject '--address=0.0.0.0' to bind port-forwards on all network interfaces, exposing databases and internal APIs beyond localhost. Affects mcp-server-kubernetes <= 3.4.0. No public exploit identified at time of analysis, though exploitation requires only low complexity (AC:L) with authenticated access (PR:L).

RCE Kubernetes
NVD GitHub
CVSS 3.1
8.3
EPSS
0.0%
CVE-2025-7389 HIGH This Week

Progress OpenEdge AdminServer exposes authenticated RMI methods allowing arbitrary file reads with escalated OS privileges across versions 12.2.0-12.2.18. Authenticated administrators can abuse setFile() and openFile() RMI methods to read sensitive files beyond their intended access level, leveraging the AdminServer process's elevated system permissions. EPSS data not available; no CISA KEV listing indicates no confirmed active exploitation, though SSVC marks exploitation status as 'none' with partial technical impact. The vulnerable methods have been removed in patched versions.

Information Disclosure Path Traversal Openedge
NVD
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-22828 HIGH This Week

Remote code execution in Fortinet FortiAnalyzer Cloud and FortiManager Cloud versions 7.6.2 through 7.6.4 allows unauthenticated remote attackers to execute arbitrary code via crafted network requests exploiting a heap-based buffer overflow (CWE-122). Attack complexity is rated high due to ASLR and network segmentation defenses requiring significant exploitation preparation. CVSS score of 8.1 reflects the critical impact despite defensive barriers. No public exploit identified at time of analysis, though the vulnerability's disclosure by Fortinet suggests patch availability through their security advisory FG-IR-26-121.

Buffer Overflow Fortinet RCE Heap Overflow
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-33827 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in Windows TCP/IP networking stack across Windows 10, 11, and Server versions allows unauthenticated network attackers to execute arbitrary code by exploiting a race condition in shared resource synchronization. The vulnerability affects all supported Windows versions from Server 2012 through Windows 11 26H1 and Server 2025. Microsoft has released patches addressing this high-severity flaw (CVSS 8.1). No public exploit identified at time of analysis, though SSVC assessment

Authentication Bypass Race Condition Microsoft
NVD VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-32188 HIGH PATCH Exploit Unlikely This Week

Out-of-bounds read vulnerability (CWE-125) in Microsoft Excel allows local attackers to disclose sensitive memory contents and cause denial of service through maliciously crafted spreadsheet files with user interaction. Affects Microsoft Office 2016/2019, Office LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office Online Server across Windows and macOS platforms. CVSS 7.1 reflects high confidentiality and availability impact with low attack complexity but requires local access and user interaction. No public exploit identified at time of analysis. Vendor-released patches available through Microsoft Security Response Center covering all affected Office product lines.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2026-40868 HIGH PATCH GHSA This Week

Kyverno's apiCall service helper automatically injects the controller's ServiceAccount token into HTTP requests when ClusterPolicy or GlobalContextEntry authors omit an Authorization header, enabling token exfiltration to attacker-controlled endpoints via confused deputy vulnerability. Affects deployments where policy YAML repositories are compromised (GitOps threat model) or ClusterPolicy creation is possible. CVSS 8.1 (High) reflects network attack vector with low complexity and low privileges required. No CISA KEV listing or public exploit identified at time of analysis, but GitHub advisory includes working proof-of-concept demonstrating token injection and exfiltration.

Code Injection Kubernetes Canonical
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-38530 HIGH GHSA This Week

Broken Object-Level Authorization in Webkul Krayin CRM 2.2.x allows authenticated attackers to read, modify, and permanently delete leads belonging to other users via crafted GET requests to the LeadController endpoint. This multi-tenant access control failure enables horizontal privilege escalation across customer boundaries. Authentication requirements are minimal (PR:L in CVSS vector), and the attack complexity is low with no user interaction required. No public exploit identified at time of analysis, though the vulnerability appears straightforward to exploit given its BOLA nature.

PHP Authentication Bypass
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-38532 HIGH GHSA This Week

Broken Object-Level Authorization in Webkul Krayin CRM v2.2.x allows authenticated attackers to access, modify, and delete contact records belonging to other users without authorization. The vulnerability exists in the PersonController.php endpoint where insufficient access controls permit low-privileged authenticated users to manipulate arbitrary contact objects via crafted GET requests. No public exploit identified at time of analysis, though the attack vector is network-accessible with low complexity (CVSS:3.1 AV:N/AC:L/PR:L).

PHP Authentication Bypass
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-33826 HIGH PATCH NEWS Exploit Likely This Week

Remote code execution in Windows Active Directory Domain Services affects all supported Windows Server versions (2012 R2 through 2025) when an authenticated attacker with low privileges on an adjacent network sends specially crafted requests to domain controllers. The vulnerability stems from improper input validation (CWE-20) and enables complete system compromise with high impact to confidentiality, integrity, and availability. Patch available per vendor advisory; no public exploit identified at time of analysis. CVSS 8.0 severity reflects adjacent network attack vector requiring low-privilege authentication but trivial attack complexity with no user interaction.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
8.0
EPSS
0.4%
CVE-2026-27912 HIGH PATCH Exploit Unlikely This Week

Windows Kerberos authorization bypass enables authenticated attackers on adjacent networks to escalate privileges to high integrity levels across Windows Server 2012 through 2025. The flaw affects both desktop experience and Server Core installations. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and lack of user interaction (UI:N) suggest straightforward exploitation once adjacent network access is achieved.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
8.0
EPSS
0.2%
CVE-2026-32093 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows Function Discovery Service (fdwsd.dll) allows authenticated low-privilege attackers to gain SYSTEM-level access via race condition exploitation across all supported Windows 10, Windows 11, and Windows Server versions (2012-2025). The vulnerability requires local access and low privileges (CVSS PR:L) with high attack complexity (AC:H), yielding complete system compromise (C:H/I:H/A:H). Microsoft released patches addressing build versions up to 10.0.26100.32690 (Server 2025) and 10.0.28000.1836 (Windows 11 26H1). EPSS data not available; no public exploit identified at time of analysis.

Information Disclosure Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-25184 HIGH PATCH Exploit Unlikely This Week

Race condition in Microsoft AppLocker Filter Driver (applockerfltr.sys) allows local authenticated users with low privileges to elevate to SYSTEM through improper synchronization of shared resources. Affects Windows 11 (22H2 through 26H1) and Windows Server 2022/2025 editions. Vendor-released patch available as of April 2025 security updates. CVSS 7.0 reflects high attack complexity but complete system compromise if successful. No public exploit identified at time of analysis, though the local privilege escalation vector makes this valuable for post-compromise lateral movement in enterprise environments.

Information Disclosure Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32070 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Windows Common Log File System (CLFS) Driver affects Windows 10, 11, and Server 2012-2025 through a use-after-free memory corruption flaw. Authenticated local attackers with low privileges can exploit this vulnerability to gain SYSTEM-level access, achieving full control over confidentiality, integrity, and availability. While no public exploit identified at time of analysis, the Windows CLFS driver has been a frequent target for privilege escalation exploits histor

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32195 HIGH PATCH Exploit Unlikely This Week

Stack-based buffer overflow in the Windows Kernel enables low-privileged local attackers to escalate to SYSTEM privileges on Windows 11 version 26H1 (build 10.0.28000.0 through 10.0.28000.1835). Despite CVSS 7.0 (High), the attack complexity is high (AC:H) and requires local access with low-level privileges (PR:L). Vendor-released patch available via Microsoft Security Response Center (build 10.0.28000.1836). No public exploit identified at time of analysis, though CWE-121 stack overflows are well-understood vulnerability classes with established exploitation techniques.

Stack Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32087 HIGH PATCH Exploit Unlikely This Week

Heap-based buffer overflow in Microsoft Windows Function Discovery Service (fdwsd.dll) enables low-privileged authenticated local attackers to escalate privileges to SYSTEM across Windows 10, Windows 11, and Windows Server 2012-2025. Vendor-released patch available per Microsoft Security Response Center advisory. No public exploit identified at time of analysis, though the CVSS vector indicates local access with high attack complexity (AC:H), requiring authenticated low-privilege users (PR:L). A

Heap Overflow Buffer Overflow
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32150 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Function Discovery Service (fdwsd.dll) allows low-privileged authenticated users to gain SYSTEM-level access via a race condition. Affects all supported Windows 10, 11, and Server versions from 2012 through 2025. Vendor-released patches available from Microsoft. CVSS 7.0 (high complexity local attack). No public exploit identified at time of analysis, though the race condition class (CWE-362) is well-understood and commonly weaponized once details emerge.

Information Disclosure Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32086 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Function Discovery Service (fdwsd.dll) allows authenticated local attackers to gain SYSTEM-level access by exploiting a race condition during shared resource handling. Affects all supported Windows 10/11 client versions and Windows Server 2012 through 2025. Vendor-released patches are available per Microsoft's May 2026 Patch Tuesday. No public exploit identified at time of analysis, but CVSS 7.0 reflects high complexity local attack requiring low privileges.

Information Disclosure Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-35589 HIGH This Week

Cross-Site WebSocket Hijacking in nanobot personal AI assistant (versions before 0.1.5) allows remote websites to establish unauthorized WebSocket connections to the local bridge server (ws://127.0.0.1:3001/), enabling WhatsApp session hijacking, message interception, QR code theft, and unauthorized message transmission. This vulnerability stems from incomplete remediation of CVE-2026-2577, where the added BRIDGE_TOKEN authentication is disabled by default and the server fails to validate the Origin header during WebSocket handshakes. Attack complexity is high (AC:H) but requires no authentication (PR:N), only user interaction (UI:R) such as visiting a malicious website while the bridge is running. No public exploit identified at time of analysis, though the technical details are fully disclosed in GitHub security advisory GHSA-v5j3-4q66-58cf.

Information Disclosure Nanobot
NVD GitHub
CVSS 3.1
8.0
EPSS
0.0%
CVE-2026-26162 HIGH PATCH Exploit Unlikely This Week

Type confusion in Windows OLE (Object Linking and Embedding) enables authenticated local attackers to escalate privileges across all supported Windows 10, 11, and Server versions (2012-2025). The memory corruption flaw allows low-privileged users to execute code with elevated permissions through incompatible type handling. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and lack of user interaction (UI:N) make this accessible to attackers with basic local access.

Information Disclosure Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26156 HIGH PATCH Exploit Unlikely This Week

Heap-based buffer overflow in Windows Hyper-V enables local code execution with high impact across Windows 10, Windows 11, and Windows Server environments. An unauthenticated attacker with local access can trigger the vulnerability through user interaction (CVSS:3.1 AV:L/AC:L/PR:N/UI:R), achieving full system compromise (C:H/I:H/A:H). Microsoft has released patches addressing 17 affected Windows versions ranging from legacy Windows 10 1607 through Windows 11 26H1 and Windows Server 2025. No publ

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26170 HIGH PATCH Exploit Unlikely This Week

Microsoft PowerShell privilege escalation affecting Windows 10/11 and Server 2016-2025 allows authenticated local attackers with low privileges to gain SYSTEM-level access through improper input validation (CWE-20). The vulnerability has a CVSS score of 7.8 with low attack complexity and requires no user interaction, enabling straightforward exploitation by any standard user account. No public exploit identified at time of analysis, though the attack vector's simplicity (AV:L/AC:L/PR:L/UI:N) sug

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26161 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Sensor Data Service affects all supported Windows 10, Windows 11, and Windows Server versions through untrusted pointer dereference (CWE-822). Authenticated local attackers with low-privilege accounts can exploit this vulnerability with low complexity to gain SYSTEM-level privileges, achieving full compromise of confidentiality, integrity, and availability. Vendor-released patches are available across all affected product lines. No public exploit identified

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-27907 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Storage Spaces Controller across Windows 11 (versions 22H3 through 26H1) and Windows Server 2022/2025 allows low-privileged authenticated users to achieve SYSTEM-level access via an integer underflow vulnerability. The flaw enables complete compromise of confidentiality, integrity, and availability on affected systems. EPSS risk data not available; no public exploit identified at time of analysis. Vendor-released patches are available for all affected versions.

Information Disclosure Integer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-27909 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows Search Component affects Windows 10 (1607-22H2), Windows 11 (22H3-26H1), and Windows Server (2012-2025) via use-after-free memory corruption (CWE-416). Authenticated local attackers with low privileges can exploit this vulnerability to gain SYSTEM-level access with low attack complexity and no user interaction required (CVSS 7.8). Vendor-released patches available for all affected versions; no public exploit identified at time of analysis.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26184 HIGH PATCH Exploit Unlikely This Week

Windows Projected File System buffer over-read allows authenticated local attackers with low privileges to escalate to high integrity, potentially achieving SYSTEM-level access across Windows 10, Windows 11, and Windows Server platforms. This CWE-126 memory disclosure vulnerability scores 7.8 CVSS with straightforward exploitation (low complexity, no user interaction), affecting extensive Windows infrastructure from legacy 1809 through current 26H1 builds. No public exploit identified at time of

Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26176 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Client Side Caching driver (csc.sys) allows authenticated users with low privileges to gain SYSTEM-level access via heap-based buffer overflow exploitation. Affects all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025). Vendor-released patches are available from Microsoft as of early 2026. No public exploit identified at time of analysis, though the straightforward attack complexity (AC:L) and no user interaction requirement (

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26153 HIGH PATCH Exploit Unlikely This Week

Out-of-bounds read in Windows Encrypting File System (EFS) enables low-privileged local attackers to escalate to SYSTEM privileges on Windows 10 (versions 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2019/2022/2025. The vulnerability (CWE-125) requires local access and low-level privileges but no user interaction, yielding complete system compromise with high impact to confidentiality, integrity, and availability (CVSS 7.8). Vendor-released patches are available

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26159 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Remote Desktop Licensing Service (affecting Windows 10 1607 through Windows Server 2025) allows low-privileged authenticated users to gain SYSTEM-level access by exploiting missing authentication on critical service functions. The vulnerability (CWE-306) requires local access and low-privilege credentials but enables complete system compromise with low attack complexity. Vendor-released patches are available across all affected Windows versions. No public ex

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26183 HIGH PATCH Exploit Unlikely This Week

Windows RPC API privilege escalation affects all supported Windows Server versions (2012 through 2025) due to improper access control (CWE-284). Low-privileged local attackers can achieve complete system compromise (high confidentiality, integrity, and availability impact) with low attack complexity and no user interaction required. Vendor-released patches are available across all affected Server Core and standard installations. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and clear attack path increase weaponization risk.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26160 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Remote Desktop Licensing Service affects all supported Windows 10, Windows 11, and Windows Server versions (2012-2025) via missing authentication on a critical function. Authenticated local attackers with low privileges can exploit this CWE-306 authentication bypass to gain SYSTEM-level access with high impact to confidentiality, integrity, and availability (CVSS 7.8). Patch available per vendor; no public exploit identified at time of analysis. The wide foo

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26181 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Brokering File System on Windows 11 and Windows Server 2022/2025 allows authenticated users with low privileges to gain SYSTEM-level access via use-after-free memory corruption. The vulnerability affects all actively supported Windows 11 versions (22H3 through 26H1) and recent Windows Server editions. Exploitation requires local access and low-level user privileges (PR:L) but has low attack complexity (AC:L), enabling reliable exploitation once local access is obtained. No public exploit identified at time of analysis, though the use-after-free weakness class is well-understood by attackers.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-32183 HIGH PATCH Exploit Unlikely This Week

Command injection in Windows Snipping Tool allows local code execution when an unauthorized attacker convinces a user to open a specially crafted file. This vulnerability affects all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025), requiring user interaction but no authentication (PR:N). No public exploit identified at time of analysis, though the local attack vector and user interaction requirement limit immediate remote threat. CVSS 7.8 reflects high impact ac

Command Injection Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26168 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock (AFD.sys) allows authenticated attackers with low privileges to gain SYSTEM-level access through a race condition vulnerability. Affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. Vendor-released patches available across all affected product lines. Attack complexity rated high (AC:H) but enables full system compromise with changed scope (S:C), indicating container/hypervisor escape potential. No public exploit identified at time of analysis, though the race condition class (CWE-362) is well-understood by exploit developers.

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20930 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Management Services (all supported Windows 10/11 and Server versions) allows authenticated local attackers with low privileges to gain high-level system access via race condition exploitation. Vendor-released patches are available for all affected versions. CVSS score of 7.8 reflects high complexity attack requiring precise timing but enabling full system compromise with changed scope. No public exploit identified at time of analysis, though the race condition cla

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-33101 HIGH PATCH This Week

Local privilege escalation in Windows Print Spooler Components allows authenticated attackers with low privileges to achieve complete system compromise (high confidentiality, integrity, and availability impact) by exploiting a use-after-free memory corruption vulnerability. Affects Windows 11 versions 24H2, 25H2, 26H1, Windows Server 2022 23H2 Edition, and Windows Server 2025. CVSS score 7.8 reflects local attack vector with low complexity and no user interaction required. No public exploit or CISA KEV status identified at time of analysis, though use-after-free vulnerabilities in Print Spooler have historically been attractive exploitation targets.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32155 HIGH PATCH Exploit Unlikely This Week

Desktop Window Manager (DWM) privilege escalation via use-after-free memory corruption affects Windows 10 21H2/22H2, Windows 11 22H3 through 25H2, and Windows Server 2022/2025. Local authenticated attackers with low privileges can exploit this memory corruption flaw to gain SYSTEM-level access, achieving full compromise of confidentiality, integrity, and availability. Vendor-released patches are available across all affected platforms. No public exploit identified at time of analysis, though the

Denial Of Service Use After Free Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32078 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Projected File System (ProjFS) across Windows 10, Windows 11, and Windows Server 2019-2025 allows authenticated low-privileged users to gain SYSTEM-level control via use-after-free memory corruption. Attack requires local access and low-privileged credentials (CVSS PR:L) but no user interaction, enabling complete compromise of confidentiality, integrity, and availability. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the vulnerability class (use-after-free) is well-understood and commonly targeted once details emerge.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32077 HIGH PATCH Exploit Unlikely This Week

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host enables authenticated local attackers to elevate privileges to SYSTEM level across all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. The vulnerability (CWE-822) requires low-privilege authenticated access and minimal attack complexity (CVSS 7.8, AV:L/AC:L/PR:L). No public exploit identified at time of analysis. Microsoft released patches for all affected versions including

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy