Skip to main content
CVE-2026-50687 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Kernel lets an already-authenticated, low-privileged attacker on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 corrupt kernel memory via a use-after-free and gain SYSTEM-level control. The CVSS 3.1 score of 8.8 is elevated by a scope change (S:C), reflecting that kernel compromise crosses the boundary from user context to the OS itself. Microsoft has released a patch; no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-54121 HIGH PATCH NEWS Exploit Unlikely This Week

Privilege escalation in Microsoft Active Directory Certificate Services (AD CS) allows an authenticated network attacker to elevate privileges due to improper authorization (CWE-285) in certificate request/enrollment handling across Windows Server 2012 through 2025 and their Server Core installations. With a CVSS 3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N) and full high impact to confidentiality, integrity, and availability, a low-privileged domain user can abuse AD CS authorization checks to gain elevated rights, potentially up to domain compromise. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but AD CS abuse (ESC-class attacks) is a well-established, high-value target class.

Authentication Bypass Windows 10 Version 1607 Windows 10 Version 1809 Windows Server 2012 Windows Server 2012 Server Core Installation +9
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2026-50477 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel lets an already-authenticated attacker corrupt heap memory (CWE-122) to run code with SYSTEM-level privileges. It affects a broad range of supported Windows client and server releases (Windows 10 1607 through Windows 11 26H1, and Windows Server 2012 through Server 2025). No public exploit identified at time of analysis, but the CVSS 8.8 rating and scope change make it a strong candidate for chaining after initial access.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-50474 HIGH PATCH NEWS This Week

Remote code execution in Microsoft's Remote Desktop Client (the RDP client, mstsc.exe, shipped across Windows 10, Windows 11, and Windows Server 2012 through 2025) allows an unauthorized attacker to run arbitrary code over the network by triggering a use-after-free memory-corruption condition. Exploitation requires the victim to connect to an attacker-controlled or compromised RDP endpoint (UI:R), after which the malicious server can corrupt client-side memory to achieve full code execution. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV; a vendor patch is available from Microsoft.

Use After Free Memory Corruption Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-50438 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft PC Manager lets an already-authenticated low-privileged user abuse improper symbolic/hard link resolution (CWE-59) to gain higher privileges, likely SYSTEM given the CVSS scope change. Rated CVSS 8.8, the flaw carries high confidentiality, integrity, and availability impact. No public exploit has been identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available via MSRC.

Microsoft Information Disclosure Microsoft Pc Manager
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-50413 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Runtime (WinRT) via a use-after-free memory corruption flaw enables a locally authenticated low-privilege attacker to elevate to SYSTEM-level access on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. The CVSS scope change (S:C) confirms the exploit crosses a security boundary, yielding full confidentiality, integrity, and availability impact beyond the originating process. No public exploit identified at time of analysis; Microsoft has released a patch via MSRC.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-50385 HIGH PATCH This Week

Local privilege escalation in the Windows Runtime affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a race condition (CWE-362) in the improperly synchronized handling of a shared resource lets an already-authenticated attacker win a timing window to gain higher privileges. Microsoft reported and patched the issue; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 8.8 with scope-changed impact reflects that a low-privileged local user could reach full SYSTEM-level control of confidentiality, integrity, and availability.

Microsoft Race Condition Information Disclosure Windows 11 Version 24H2 Windows 11 Version 25H2 +3
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-50369 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Remote Desktop Services (RDS) lets an authenticated, low-privileged attacker elevate to higher privileges across a network by triggering a use-after-free (CWE-416) memory-corruption condition in the RDS component. The flaw spans a broad range of supported Windows client and server releases (Windows 10/11 and Windows Server 2012 through 2025). Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2026-50382 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in the Windows DirectX graphics component (CVE-2026-50382) lets an already-authenticated user run arbitrary code and, because the CVSS scope is Changed, break out of the calling security context to compromise the wider system. It affects a broad range of Windows client and server builds from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. Microsoft has issued a patch; there is no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Microsoft Information Disclosure Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +8
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-50398 HIGH PATCH This Week

Elevation of privilege in the Windows Media component of Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 allows an authenticated attacker to win a race condition and gain higher privileges over the network. The CVSS 3.1 score of 8.8 reflects low-privilege network exploitation with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and this CVE is not listed in CISA KEV, though Microsoft has released a patch.

Microsoft Race Condition Information Disclosure Windows 11 Version 24H2 Windows 11 Version 25H2 +3
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-50370 HIGH PATCH NEWS Exploit Likely This Week

Remote code execution in the Microsoft Windows DHCP Server role allows an unauthenticated, adjacent-network attacker to run arbitrary code by triggering a heap-based buffer overflow (CWE-122) in DHCP message parsing. Affected systems span Windows Server 2012 through Windows Server 2025 (including Server Core installations) plus the DHCP service on Windows 10 versions 1607 and 1809, with full confidentiality, integrity, and availability impact. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +11
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-50360 HIGH PATCH This Week

Privilege escalation in Microsoft Windows SMB Server allows an already-authenticated network attacker to elevate to higher privileges by abusing a flawed authentication algorithm, yielding high confidentiality, integrity, and availability impact. The flaw affects Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2022/2025 including Server Core. Reported by Microsoft with a patch available; no public exploit identified at time of analysis.

Microsoft Information Disclosure Windows 10 Version 21H2 Windows 10 Version 22H2 Windows 11 Version 24H2 +5
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-49178 HIGH PATCH This Week

Remote code execution in Microsoft Active Directory Domain Services (AD DS) allows an authenticated network attacker to run arbitrary code on domain controllers by triggering a heap-based buffer overflow (CWE-122). Affected platforms span Windows Server 2012 through 2025 (including Server Core) and Windows 10/11 clients acting in AD roles, with Microsoft-issued patches available. There is no public exploit identified at time of analysis and it is not on CISA KEV, but the CVSS 8.8 rating and the sensitivity of the domain-controller attack surface make this a high-priority patch.

Heap Overflow Buffer Overflow Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-58608 HIGH PATCH NEWS Exploit Unlikely This Week

Network code execution in the Windows Print Spooler service allows an authenticated attacker to win a synchronization race and run arbitrary code across a broad range of Windows client and server builds (Windows 10 1607 through Windows 11 26H1, and Windows Server 2012 through 2025). Microsoft rates it CVSS 8.8 with high confidentiality, integrity, and availability impact; a vendor patch is available, and there is no public exploit identified at time of analysis. Note that the CVE description and CVSS indicate remote code execution while the source tags label it 'Information Disclosure' — a discrepancy defenders should verify against the MSRC advisory.

Microsoft Race Condition Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-54999 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in the Microsoft Windows TCP/IP networking stack allows an unauthenticated attacker on the same physical or logical network segment to win a race condition and run arbitrary code on the target. The flaw spans a broad range of desktop and server builds from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through Server 2025. There is no public exploit identified at time of analysis, but Microsoft has confirmed the issue and shipped a patch, and the high CVSS (8.8) plus network-facing kernel component make it a priority to remediate.

Authentication Bypass Microsoft Race Condition Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-54982 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in the Windows Reliable Multicast Transport Driver (RMCAST) lets an unauthenticated attacker on the same network segment run arbitrary code by triggering an integer underflow (CWE-191) during multicast message processing. All supported Windows client and server builds from Windows Server 2012 through Windows Server 2025 and Windows 10 1607 through Windows 11 26H1 are affected. There is no public exploit identified at time of analysis, but the CVSS 8.8 adjacent-network unauthenticated profile and Microsoft's own reporting make this a high-priority patch.

Authentication Bypass Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2026-50663 HIGH PATCH Exploit Unlikely This Week

Remote code execution in Microsoft's Age of Empires II: Definitive Edition Game is possible via a relative path traversal flaw (CWE-23) that lets a network-based attacker execute arbitrary code once a victim loads attacker-supplied content. The vulnerability is rated CVSS 8.8 (AV:N/AC:L/PR:N/UI:R) and requires user interaction, meaning a player must open or load a malicious game asset such as a downloaded map, mod, recording, or scenario. Microsoft has released a fix; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Path Traversal Age Of Empires Ii
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2026-10714 HIGH This Week

Authentication bypass in Rockwell Automation FactoryTalk Services Platform (FTSP) lets an authenticated low-privilege user forge JWT tokens during Okta Web Authentication because the application fails to enforce the RSA signing algorithm, permitting the classic 'alg:none' attack. A successful attacker can impersonate any authorized user, reaching system configuration and granting permissions to other systems that FTSP protects. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the alg:none technique is well documented and trivially reproducible once access is obtained.

Authentication Bypass Factorytalk Services Platform
NVD
CVSS 4.0
8.8
EPSS
0.1%
CVE-2026-9561 HIGH This Week

Log integrity spoofing in Eclipse Kura before 5.6.2 lets an unauthenticated remote attacker forge the client IP recorded in audit logs by supplying a crafted X-Forwarded-For header, because the Jetty ForwardedRequestCustomizer is installed unconditionally on every connector and getRemoteAddr() reflects the header value. This enables bypass of IP-based brute-force defenses like fail2ban (spoofing a non-routable source to evade bans) or a denial of service against a third party by injecting a victim IP so their address is banned. No public exploit is identified at time of analysis and it is not on CISA KEV; CVSS 4.0 base score is 8.8.

Denial Of Service Eclipse Kura
NVD VulDB
CVSS 4.0
8.8
EPSS
0.2%
CVE-2026-11403 HIGH PATCH This Week

Improper API key generation in Sonatype Nexus Repository Manager lets a remote attacker impersonate a targeted user and perform repository operations on their behalf. The flaw stems from insufficient entropy (CWE-331) in format-specific API key realms, so an attacker who can predict or reconstruct a victim's key gains their access without credentials. The vendor (Sonatype) reported and patched the issue in release 3.93.0; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Docker Authentication Bypass Node.js Nexus Repository Manager
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-8590 HIGH This Week

Information disclosure with integrity impact in the Spotfire Server modules of Spotfire Enterprise, Spotfire Enterprise with External Consumers, and Spotfire on Kubernetes allows a remote, unauthenticated attacker to obtain sensitive data and alter server-side state once a victim is lured into a passive interaction (UI:P), such as opening a crafted link or analysis. The CVSS 4.0 base score is 8.7 (High) with high confidentiality and integrity impact and low availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; EPSS was not provided.

Kubernetes Information Disclosure Spotfire Enterprise Spotfire Enterprise With External Consumers Spotfire On Kubernetes
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-15389 HIGH This Week

Broken object-level authorization in the Sesame Time web application and its REST v3 API lets remote attackers hijack another user's session by presenting a valid session identifier (USID), because the platform treats the USID as a bearer credential and never verifies that it belongs to the requester. Any attacker who obtains a valid USID can read a victim's confidential data - emails, user IDs, roles and corporate information - and the weakness is compounded by session sprawl, since new logins mint additional USIDs without invalidating prior ones. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Authentication Bypass Sesame Time
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-50328 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Windows Server Update Services (WSUS) lets a remote, unauthenticated attacker crash or disrupt the update service by triggering an uncaught exception over the network. The flaw affects WSUS across Windows Server 2012 through 2025 (plus Windows 10 1607/1809 servicing components), and the CVSS 3.1 availability-only vector (A:H) indicates service unavailability rather than data compromise. No public exploit identified at time of analysis, but a vendor patch is available and the flaw is network-reachable without authentication.

Authentication Bypass Microsoft Windows 10 Version 1607 Windows 10 Version 1809 Windows Server 2012 +10
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2026-50652 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Azure Active Directory (now Entra ID) allows a remote, unauthenticated attacker to disrupt service availability by sending crafted serialized data that triggers unsafe deserialization (CWE-502). The flaw carries a CVSS 7.5 (High) with a fully network-reachable, no-privilege, no-interaction vector, but impact is confined to availability - confidentiality and integrity are not affected. Microsoft has released a fix via MSRC; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Microsoft Deserialization Azure Active Directory
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2026-57108 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) allows a remote, unauthenticated attacker to crash or hang affected applications by triggering a type-confusion condition (CWE-843) over the network. The flaw was reported by Microsoft and a vendor patch is available via MSRC; there is no public exploit identified at time of analysis. The CVSS vector limits impact strictly to availability (A:H, C:N/I:N), meaning it is a service-disruption bug rather than a code-execution or data-exposure issue despite tag noise suggesting otherwise.

Authentication Bypass Memory Corruption Net 10 0 Net 8 0 Net 9 0
NVD VulDB
CVSS 3.1
7.5
EPSS
1.1%
CVE-2026-48310 HIGH This Week

Arbitrary file system read in Adobe Experience Manager (AEM as a Cloud Service, 6.5 LTS, and 6.5) lets remote unauthenticated attackers traverse outside the intended directory scope to retrieve sensitive files, per Adobe advisory APSB26-74. The CVSS 3.1 score of 8.6 is elevated by a changed scope (S:C), meaning the read reaches resources beyond the vulnerable component's security authority. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Path Traversal Adobe Adobe Experience Manager As A Cloud Service Adobe Experience Manager 6 5 Lts Adobe Experience Manager 6 5
NVD VulDB
CVSS 3.1
8.6
EPSS
0.6%
CVE-2026-15427 HIGH PATCH This Week

Root-level OS command injection in the TR-069/CWMP management client of the TP-Link Archer VX1800v v1 gateway lets an attacker who controls (or has compromised) the ACS provisioning server inject unsanitized parameters that the device executes as system-level commands. Because CWMP provisioning is trusted implicitly, a malicious or hijacked ACS can push crafted values that yield arbitrary command execution as root and full device takeover. No public exploit identified at time of analysis, and the flaw was reported by TP-Link itself; a firmware fix is available.

Command Injection Archer Vx1800V V1
NVD
CVSS 4.0
8.6
EPSS
0.5%
CVE-2026-59204 HIGH PATCH This Week

Denial of service in Python Pillow (versions 8.2.0 through 12.2.0) allows remote attackers to exhaust memory during JPEG2000 decoding, causing out-of-memory failures in any application that decodes untrusted images. The flaw stems from Pillow's JPEG2000 decoder summing tile widths across the whole image rather than per tile, so a small crafted tiled file forces disproportionately large transient allocations. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the upstream fix (12.3.0) and a public PR/commit make the root cause fully transparent.

Python Information Disclosure Pillow
NVD GitHub
CVSS 4.0
8.7
EPSS
0.4%
CVE-2026-12659 HIGH This Week

Remote denial-of-service in the Rockwell Automation FLEX 5000 EtherNet/IP adapter allows an unauthenticated network attacker to crash the module by sending a crafted CIP (Common Industrial Protocol) packet, halting the adapter and its associated I/O until a manual power cycle restores operation. The CVSS 4.0 score of 8.7 (High) reflects a network-reachable, no-privilege attack with high availability impact but no confidentiality or integrity loss. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV, so there is no confirmed active exploitation.

Information Disclosure The Flex 5000 Ethernet Ip Adapter
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-9653 HIGH This Week

Denial-of-service in Rockwell Automation 1756-EN2, 1756-EN3, and 1756-ENBT ControlLogix EtherNet/IP communication modules lets an unauthenticated network attacker drop active device connections by sending malformed CIP Implicit (I/O) Connection packets. Because CVSS 4.0 rates only availability impact (VC:N/VI:N/VA:H) and connections recover immediately once the traffic stops, the flaw enables repeatable disruption rather than persistent outage or code execution. No public exploit identified at time of analysis, and the module is not in CISA KEV.

Information Disclosure 1756 En2 1756 En3 1756 Enbt
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-10573 HIGH This Week

Remote denial-of-service in Rockwell Automation's 1734 POINT I/O module allows unauthenticated network attackers to force the module into a faulted state by sending specially crafted CIP (Common Industrial Protocol) messages, halting I/O processing until a manual restart is performed. The CVSS 4.0 base score of 8.7 reflects a high availability impact against a network-reachable OT device with no privileges or user interaction required. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

Denial Of Service 1734 Point I O
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-9140 HIGH This Week

Denial-of-service in the Rockwell Automation 1719-AENTR (and companion 1718-AENTR) EtherNet/IP adapter allows remote attackers to overload the device with a UDP unicast network storm, causing loss of communication that requires a manual power cycle to recover. The CVSS 4.0 score of 8.7 reflects a high availability impact reachable over the network with no privileges or user interaction. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but the low attack complexity makes it a real operational-technology availability concern.

Denial Of Service 1718 Aentr 1719 Aentr
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-48252 HIGH This Week

Missing authentication in Adobe Experience Manager (AEM as a Cloud Service, 6.5, and 6.5 LTS) lets a remote unauthenticated attacker reach a critical function directly, bypassing a security control to gain unauthorized write access. The CVSS 8.6 rating and scope-change flag indicate impact can extend beyond the initially vulnerable component, though only integrity is affected (no confidentiality or availability loss). No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Authentication Bypass Adobe Adobe Experience Manager As A Cloud Service Adobe Experience Manager 6 5 Lts Adobe Experience Manager 6 5
NVD VulDB
CVSS 3.1
8.6
EPSS
0.4%
CVE-2026-15428 HIGH PATCH This Week

OS command injection in the TP-Link Archer VX1800v (v1) router lets an adjacent, high-privileged attacker inject shell metacharacters through the domain name parameter of an HTTP management interface, yielding arbitrary command execution as root and full device takeover. The flaw scores CVSS 4.0 8.5 (High) and a vendor firmware patch is available; no public exploit identified at time of analysis. Note a naming discrepancy in the source data - the free-text description says 'VX800v' while the CPE and tags reference 'VX1800V' - so verify the exact affected model against the TP-Link advisory before acting.

RCE Command Injection Archer Vx1800V V1
NVD
CVSS 4.0
8.5
EPSS
0.9%
CVE-2026-15720 HIGH This Week

Denial of service in Open5GS (open-source 5G/EPC core) through version 2.7.7 lets remote unauthenticated attackers crash the AMF by sending a malformed NAS 5GS mobile-identity information element, triggering a heap out-of-bounds read before authentication completes. Because the AMF handles mobility management for the entire network, a single crafted pre-authentication message can produce a subscriber-wide outage rather than affecting only the sender. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV, but the pre-auth network-reachable nature makes it a high-priority availability issue for anyone running Open5GS in production.

Buffer Overflow Denial Of Service Information Disclosure Open5gs
NVD GitHub
CVSS 3.1
8.6
EPSS
0.4%
CVE-2026-47302 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) and the legacy .NET Framework (3.5 through 4.8.1) allows a remote unauthenticated attacker to exhaust server resources over the network, causing availability loss. The flaw stems from missing limits or throttling on resource allocation (CWE-770), and Microsoft has released a patch via MSRC. There is no public exploit identified at time of analysis, and EPSS/KEV data were not supplied, so this appears to be a proactively patched issue rather than one under active exploitation.

Denial Of Service Net 10 0 Net 8 0 Net 9 0 Microsoft Net Framework 3 5 +8
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-56170 HIGH PATCH Exploit Unlikely This Week

Denial of service in ASP.NET Core (the web framework shipped with .NET 8.0, 9.0, and 10.0) lets a remote, unauthenticated attacker exhaust server resources by triggering unbounded allocations over the network. Because affected requests are not throttled or capped, a single crafted request stream can degrade availability of the hosting process without any authentication or user interaction. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis and no CISA KEV listing.

Denial Of Service Net 10 0 Net 8 0 Net 9 0
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-45646 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft's OData libraries for ASP.NET/ASP.NET Core (Microsoft.AspNet.OData and Microsoft.AspNetCore.OData) allows a remote, unauthenticated attacker to exhaust server resources over the network, degrading or crashing the hosting web application (CVSS 7.5, availability-only impact). The flaw stems from resource allocation without limits or throttling (CWE-770), so a crafted request stream forces excessive consumption of CPU, memory, or connections. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Aspnet Odata Aspnetcore Odata
NVD VulDB
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-50653 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Azure Active Directory (Entra ID) allows a remote unauthenticated attacker to send network traffic that drives affected processing into an infinite loop (CWE-835), exhausting resources and disrupting availability of the identity service. The flaw carries CVSS 7.5 with a high-availability impact, no confidentiality or integrity effect, and no public exploit identified at time of analysis. Microsoft has released a fix, which for this cloud-hosted service is applied server-side by the vendor.

Microsoft Denial Of Service Azure Active Directory
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-50506 HIGH PATCH Exploit Unlikely This Week

Uncontrolled resource allocation in Microsoft's ASP.NET Core OData libraries (Microsoft.AspNetCore.OData and Microsoft.AspNet.OData) lets a remote, unauthenticated attacker exhaust server resources and cause a denial of service over the network. Any web application or API exposing OData query endpoints built on the affected packages is at risk, and the CVSS 7.5 rating reflects a high-availability impact with no confidentiality or integrity compromise. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

Denial Of Service Aspnet Odata Aspnetcore Odata
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-48350 HIGH This Week

Arbitrary code execution in Adobe Animate 2023 and 2024 stems from a path traversal weakness triggered when a victim opens a maliciously crafted file, letting an attacker run code in the context of the current user and reach files or directories outside intended restrictions. The flaw carries a CVSS 3.1 base score of 8.6 with a changed scope, reflecting impact beyond the initially vulnerable component. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation risk hinges on social-engineering a user into opening a rogue project file.

Path Traversal RCE Adobe Animate 2023 Adobe Animate 2024
NVD
CVSS 3.1
8.6
EPSS
0.2%
CVE-2026-48275 HIGH This Week

Illustrator is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.

RCE Illustrator
NVD
CVSS 3.1
8.6
EPSS
0.2%
CVE-2026-50524 HIGH PATCH Exploit Unlikely This Week

Remote denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) allows an unauthenticated network attacker to crash or hang the runtime by sending crafted input that fails proper type validation (CWE-1287). The flaw carries a CVSS 7.5 rating driven entirely by availability impact (A:H) with no confidentiality or integrity loss, and no public exploit has been identified at time of analysis. Microsoft has released a patch; there is no indication of active exploitation.

Authentication Bypass Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2026-50651 HIGH PATCH Exploit Unlikely This Week

Network denial of service in Microsoft .NET 8.0, 9.0, and 10.0 (and the corresponding Visual Studio 2022/2026 tooling) allows an unauthorized remote attacker to exhaust system resources and render affected applications unavailable. The flaw stems from allocation of resources without limits or throttling, meaning a single crafted network interaction can trigger disproportionate resource consumption. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 +2
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2026-50648 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft .NET (including .NET 8.0/9.0/10.0 and .NET Framework 3.5 through 4.8.1) lets a remote unauthenticated attacker exhaust server resources by sending crafted network traffic that triggers unbounded resource allocation. Rated CVSS 7.5 with availability-only impact, it affects default configurations of network-facing .NET applications; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Net 10 0 Net 8 0 Net 9 0 Microsoft Net Framework 3 5 +8
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2026-50527 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) and .NET Framework (3.5 through 4.8.1) allows a remote, unauthenticated attacker to crash affected applications by triggering a stack-based buffer overflow (CWE-121) over the network. The flaw impacts availability only - there is no confidentiality or integrity loss and no code execution per the CVSS vector (A:H, C:N, I:N). Microsoft has published an advisory with fixes; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Buffer Overflow Stack Overflow Net 10 0 Net 8 0 Net 9 0 +9
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2026-50525 HIGH PATCH Exploit Unlikely This Week

Network-based denial of service in Microsoft .NET 8.0, 9.0, and 10.0 allows an unauthenticated remote attacker to exhaust server resources and render applications unresponsive by exploiting uncontrolled resource allocation (CWE-770) in the runtime. The flaw carries CVSS 7.5 (availability-only impact) and affects the shared .NET runtime that underpins ASP.NET Core web services, so any internet-facing .NET workload is exposed. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a fix.

Denial Of Service Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2026-54628 HIGH POC GHSA This Week

Server-Side Request Forgery in Anyquery's server mode (versions < 0.4.5) lets remote attackers who reach the MySQL-compatible listener force the server to fetch arbitrary URLs through its built-in SQLite virtual table modules (json_reader, log_reader), which internally use go-getter. Because the server accepts MySQL connections without authentication and applies no allow/deny list on fetch targets, an attacker can CREATE VIRTUAL TABLE against internal endpoints or the cloud metadata IP (169.254.169.254) and read the response as a table, bypassing external firewalls to scan internal services and exfiltrate cloud IAM credentials. Publicly available exploit code exists (a working PoC is embedded in the vendor advisory); there is no CISA KEV listing or EPSS score in the provided data.

Authentication Bypass SSRF
NVD GitHub
CVSS 3.1
8.6
CVE-2026-59835 HIGH This Week

Exposure of a scanning VM's VNC service in Fortinet FortiSandbox 5.0.0-5.0.2 and 4.4.3-4.4.8 lets an unauthenticated remote attacker reach the VNC server of the sandbox virtual machines used for malware detonation via ordinary network requests. Because these VMs run and observe live malware samples, unauthorized VNC access can expose sensitive analysis sessions and potentially allow interaction with the detonation environment. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Fortinet Information Disclosure Fortisandbox
NVD
CVSS 3.1
8.6
EPSS
0.4%
CVE-2026-59841 HIGH This Week

Privilege escalation in Fortinet FortiSIEM Windows Agent 7.4.0 through 7.4.1 stems from an improper restriction of the agent's communication channel (CWE-923), letting an adjacent-network attacker interact with an endpoint that should be limited to trusted parties and thereby gain elevated privileges with full confidentiality, integrity, and availability impact. The flaw was disclosed by Fortinet PSIRT (FG-IR-26-155) and carries a CVSS 7.5 rating; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation is gated by high attack complexity, which materially reduces real-world likelihood despite the unauthenticated vector.

Fortinet Privilege Escalation Fortisiemwindowsagent
NVD
CVSS 3.1
7.5
EPSS
0.1%
Prev Page 3 of 12 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy