Skip to main content
CVE-2026-9743 HIGH PATCH This Week

Denial of service in MongoDB Server 8.0 allows authenticated users with aggregation pipeline privileges to crash the server process by issuing a specially crafted aggregation followed by a getMore command on the same cursor, triggering a null pointer dereference in the aggregation stage's _subPipeline field. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the low attack complexity and minimal privilege requirement make it a credible availability threat for multi-tenant or shared MongoDB deployments.

Denial Of Service Null Pointer Dereference Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-9749 HIGH PATCH This Week

Denial of service in MongoDB Server allows authenticated users to trigger an assertion failure by running aggregation pipelines that use the internal $exchange stage with key-range partitioning and order-preserving delivery. When a single key range fills its consumer buffer, the high watermark is not updated correctly, leading to a reachable assertion (CWE-617) and likely process termination. No public exploit identified at time of analysis.

Information Disclosure Microsoft Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-9747 HIGH PATCH This Week

Denial of service in MongoDB Server allows authenticated remote attackers to crash the database process by submitting aggregation pipelines that combine the internal fromRouter:true flag with runtimeConstants.userRoles. No public exploit identified at time of analysis, but the bug is tracked in MongoDB's public JIRA (SERVER-123918), which makes the trigger conditions discoverable. Impact is limited to availability (VA:H) with no data exposure or integrity compromise.

Denial Of Service Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-9746 HIGH PATCH This Week

Denial of service in MongoDB Server occurs when an authenticated user issues a $changeStreams aggregation combined with the internal $_requestReshardingResumeToken option and the exchange option, triggering a reachable invariant that crashes the mongod process. Any logged-in user with low privileges can repeatedly invoke the crash on default deployments, producing service-wide downtime. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the bug is vendor-confirmed via MongoDB Jira SERVER-124190.

Denial Of Service Microsoft Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-9754 HIGH PATCH This Week

Information disclosure in MongoDB Server allows authenticated users holding the read role to obtain small amounts of uninitialized stack memory by submitting specially-crafted filemd5 commands. The flaw stems from CWE-457 (Use of Uninitialized Variable) in the filemd5 command handler, and while no public exploit has been identified at time of analysis, the low attack complexity and network reachability make it a credible insider/credential-theft risk against MongoDB databases.

Information Disclosure MongoDB
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-49956 HIGH PATCH This Week

Cross-profile data disclosure in Hermes WebUI before 0.51.269 allows authenticated users to read session titles and transcript message content from other users' profiles by querying the sessions search endpoint, which fails to scope results to the caller's active profile. The flaw was reported by VulnCheck and a vendor patch is available; no public exploit identified at time of analysis, but the issue is trivial to trigger for any logged-in account.

Authentication Bypass Hermes Webui
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-46322 HIGH PATCH This Week

Memory leak in the Linux kernel's TUN driver (tun_xdp_one) allows a local attacker to exhaust host memory by repeatedly triggering build_skb() allocation failures, leaking one page-frag chunk per failed batch entry. The flaw affects the vhost_net XDP fast-path used by virtual machines and containers; with no public exploit identified at time of analysis and an EPSS score of 0.02% (5th percentile), real-world weaponization risk is low, but sustained leakage on busy virtualization hosts could degrade availability.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-46321 HIGH PATCH This Week

Local denial-of-service in the Linux kernel's tun/vhost-net subsystem allows an unprivileged process with access to /dev/net/tun and /dev/vhost-net to leak page-frag chunks on every short frame (length minus virtio-net header below ETH_HLEN) submitted to tun_xdp_one(), eventually exhausting host memory and triggering an OOM panic. The flaw is a missing put_page() on the -EINVAL error path that tun_sendmsg() then masks by reporting success to vhost_tx_batch(). EPSS is very low (0.02%) and no public exploit identified at time of analysis, but the bug is upstream-confirmed with patches in stable trees.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-9741 HIGH PATCH This Week

Sensitive information disclosure in MongoDB Server affects deployments using Queryable Encryption (QE) or Client-Side Field Level Encryption (CSFLE) when issuing $vectorSearch aggregation queries. Due to a flaw in client-side query analysis, literal values intended for encrypted fields inside $vectorSearch filter expressions are transmitted to the server as plaintext instead of ciphertext, defeating the confidentiality guarantee of client-side encryption. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Information Disclosure Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-49742 HIGH PATCH GHSA This Week

Information disclosure in TYPO3 CMS allows authenticated backend users with file download permissions to retrieve arbitrary files from the server's document root via the Media Module's File Abstraction Layer (FAL) fallback storage. Affected branches span versions 11.0.0-11.5.50, 12.0.0-12.4.45, 13.0.0-13.4.30, and 14.0.0-14.3.2, with no public exploit identified at time of analysis. The flaw exposes sensitive files such as logs, .htpasswd, and configuration material that would normally sit outside the managed file storage.

Path Traversal
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-44751 HIGH This Week

Privilege escalation in SAP NetWeaver Application Server ABAP allows authenticated low-privilege users to invoke a report generation command that overwrites data belonging to other users, breaking tenant-level data integrity. The flaw stems from missing authorization checks (CWE-862) and carries a CVSS 7.1 rating with high integrity impact; no public exploit identified at time of analysis.

Authentication Bypass
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-47648 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Storage allows an authorized low-privilege user to gain higher privileges through an untrusted search path weakness (CWE-426). The flaw requires existing local access and a successful race or environmental manipulation, reflected in the high attack complexity. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-47293 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Office Click-To-Run stems from a use-after-free condition (CWE-416) that lets an authorized low-privilege user elevate to higher privileges on the host. The flaw, reported by Microsoft's MSRC, carries a CVSS 7.0 (AV:L/AC:H/PR:L) reflecting that exploitation requires local access, low privileges, and a successful race-window or memory-state condition. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Microsoft Use After Free Memory Corruption Denial Of Service 365 Apps +3
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-45653 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Kernel allows an authenticated low-privilege attacker to elevate to SYSTEM by triggering a use-after-free condition in kernel memory. The flaw carries a CVSS 7.0 rating with high attack complexity, and no public exploit identified at time of analysis. Exploitation requires a race condition or specific timing to be won, which constrains reliable weaponization but does not eliminate the risk on multi-user or shared Windows hosts.

Denial Of Service Heap Overflow Microsoft Buffer Overflow Windows 10 1607 +12
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-42984 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Kernel allows an authorized low-privileged attacker to gain elevated (SYSTEM-level) privileges by triggering a use-after-free condition in kernel memory. The flaw carries a CVSS 7.0 (High) rating with high attack complexity, and Microsoft has released a patch via MSRC; no public exploit identified at time of analysis. Successful exploitation breaks the local Windows security boundary, enabling full host compromise from any authenticated session.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-42911 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to elevate to SYSTEM via a use-after-free condition. The flaw affects Microsoft Windows installations using the standard WinSock kernel driver and has a vendor-released patch available through Microsoft's security update guide. No public exploit has been identified at time of analysis, though afd.sys has historically been a frequent target for elevation-of-privilege exploitation.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-45487 HIGH PATCH This Week

Local privilege escalation in the Windows Program Compatibility Assistant (PCA) Service affects supported Windows 10, Windows 11, and Windows Server 2022/2025 builds through a TOCTOU race condition (CWE-367). An authenticated local attacker who wins the race window can elevate from a standard user context to higher privileges with full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and EPSS is very low (0.05%), but Microsoft has released patches across all affected branches.

Information Disclosure
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-45647 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Defender for Endpoint for Mac (versions 101.0.0 through 101.26042.0010) allows an authenticated local attacker to win a time-of-check/time-of-use race and gain elevated privileges on the host. No public exploit identified at time of analysis, and EPSS is very low (0.05%), but SSVC rates technical impact as 'total' because successful exploitation yields full compromise of the endpoint security agent.

Information Disclosure Microsoft Defender For Endpoint
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-45603 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to elevate to SYSTEM by winning a race condition that triggers a use-after-free. The flaw is reported by Microsoft (MSRC) and carries CVSS 7.0 with high attack complexity, but no public exploit is identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Microsoft Race Condition Windows 10 1607 Windows 10 1809 +11
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-45601 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (AFD.sys) allows an authenticated low-privileged attacker to win a race condition and gain SYSTEM-level execution. The flaw is a use-after-free triggered through concurrent WinSock operations, and at time of analysis no public exploit has been identified and the CVE is not on the CISA KEV list.

Denial Of Service Microsoft Race Condition Windows 10 1607 Windows 10 1809 +11
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-45598 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to win a race condition and trigger a use-after-free, enabling code execution at kernel level. No public exploit identified at time of analysis, but AFD.sys has a long history of being a preferred LPE target and Microsoft has marked the issue as important. EPSS data was not provided in the source feed.

Denial Of Service Microsoft Race Condition Windows 10 1607 Windows 10 1809 +11
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-45597 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows UI Automation Manager (uiamanager.dll) enables authenticated low-privileged users to gain higher privileges by exploiting a race condition in concurrent resource access. The flaw was reported by Microsoft's own security team (secure@microsoft.com) and has no public exploit identified at time of analysis, though the CVSS 7.0 score reflects high impact on confidentiality, integrity, and availability once successfully triggered.

Information Disclosure Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-45596 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated local user to gain SYSTEM-level rights by winning a race condition that leads to a use-after-free in kernel memory. The flaw affects Windows installations where afd.sys is loaded (effectively all desktop and server SKUs) and was reported by Microsoft Security Response Center; no public exploit identified at time of analysis and the vulnerability is not listed on the CISA KEV catalog.

Denial Of Service Microsoft Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-44818 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Excel can be achieved by an unauthenticated attacker who tricks a user into opening a malicious spreadsheet that triggers an integer underflow condition. The flaw carries a CVSS 7.0 rating reflecting high attack complexity and required user interaction, and no public exploit identified at time of analysis. There is a notable mismatch between the description (integer underflow) and the assigned CWE-362 (race condition), which warrants verification with Microsoft's advisory.

Authentication Bypass Microsoft Race Condition 365 Apps Excel +5
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-42912 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Telephony Service allows an authenticated low-privileged attacker to elevate to higher privileges by exploiting a race condition in concurrent access to a shared resource. The flaw carries a CVSS 7.0 (High) rating with high attack complexity, and no public exploit identified at time of analysis. Successful exploitation grants full confidentiality, integrity, and availability impact on the affected host.

Information Disclosure Microsoft Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-42836 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Function Discovery Service (fdwsd.dll) allows an authorized low-privileged attacker on the host to win a race condition and obtain elevated privileges. Reported by Microsoft (secure@microsoft.com) and tracked under MSRC's update guide, the issue carries a CVSS 7.0 score driven by high impact across confidentiality, integrity, and availability, though the high attack complexity reflects the timing window required. No public exploit identified at time of analysis and the flaw is not currently listed in CISA KEV.

Information Disclosure Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
Prev Page 8 of 8

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy