Skip to main content
CVE-2026-57973 MEDIUM PATCH Exploit Unlikely This Month

Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally.

Microsoft Information Disclosure Windows Subsystem For Linux Wsl2
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2026-55145 MEDIUM PATCH This Month

Improper neutralization of special elements used in a command ('command injection') in Outlook Copilot allows an authorized attacker to perform tampering over a network.

Microsoft Command Injection Microsoft Copilot
NVD
CVSS 3.1
6.3
EPSS
0.4%
CVE-2026-50374 MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges with a physical attack.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2026-50375 MEDIUM PATCH Exploit Likely This Month

Heap-based buffer overflow in Windows DirectX allows an authorized attacker to elevate privileges locally.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1809 Windows 10 Version 21H2 +9
NVD
CVSS 3.1
6.3
EPSS
1.5%
CVE-2026-50420 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Windows 11 Version 24H2 Windows 11 Version 25H2 +3
NVD
CVSS 3.1
6.2
EPSS
0.4%
CVE-2026-49807 MEDIUM PATCH Exploit Unlikely This Month

Exposure of sensitive information to an unauthorized actor in Windows DirectX allows an unauthorized attacker to disclose information locally.

Microsoft Information Disclosure Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +8
NVD
CVSS 3.1
6.2
EPSS
0.4%
CVE-2026-50294 MEDIUM PATCH Exploit Unlikely This Month

Exposure of sensitive system information to an unauthorized control sphere in Windows Kernel allows an unauthorized attacker to disclose information locally.

Microsoft Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
6.2
EPSS
0.4%
CVE-2026-48000 MEDIUM This Month

Adobe Commerce is affected by an Improper Redirect (Open Redirect) vulnerability that could result in a Security feature bypass. An attacker could construct a malicious URL that redirects a victim to an attacker-controlled site, potentially enabling credential theft and account takeover. Exploitation of this issue requires user interaction in that a victim must click on a malicious link.

Open Redirect Adobe Adobe Commerce Adobe Commerce B2B Magento Open Source +1
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2026-48302 MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web C2Patool
NVD VulDB
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48296 MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa C2Pa Web C2Patool
NVD VulDB
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48357 MEDIUM This Month

CAI Content Credentials is affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48354 MEDIUM This Month

CAI Content Credentials is affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-48298 MEDIUM This Month

CAI Content Credentials is affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

Denial Of Service Integer Overflow C2Pa C2Pa Web C2Patool
NVD
CVSS 3.1
6.2
EPSS
0.2%
CVE-2026-24271 MEDIUM This Month

NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API, where an attacker could cause allocation of GPU resources without limits or throttling. A successful exploit of this vulnerability might lead to denial of service.

Nvidia Denial Of Service Tensorrt Llm
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2026-47475 MEDIUM This Month

NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API where an attacker could trigger a reachable assertion in the sampler thread. A successful exploit of this vulnerability might lead to denial of service.

Nvidia Denial Of Service Tensorrt Llm
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2026-47470 MEDIUM This Month

NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker could cause CWE-20 by local attack. A successful exploit of this vulnerability might lead to denial of service.

Nvidia Denial Of Service Tensorrt Llm
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2026-0515 MEDIUM This Month

Insufficient Parameter Validation in the SchedGet() system call could allow an attacker with local access to cause a crash of the QNX Neutrino kernel.

Denial Of Service Qnx Software Development Platform Qnx Os For Safety Qnx Os For Medical
NVD VulDB
CVSS 3.1
6.2
EPSS
0.1%
CVE-2026-57095 MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an unauthorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
6.2
EPSS
0.5%
CVE-2026-54988 MEDIUM PATCH This Month

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Excel 2016 +7
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2026-50661 MEDIUM POC PATCH Exploit Unlikely This Month

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Authentication Bypass Microsoft Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +11
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2026-50495 MEDIUM PATCH Exploit Unlikely This Month

Local tampering in Windows DNS via improper access control (CWE-284) allows a low-privilege authenticated local user to manipulate DNS configuration or records across a broad range of Windows 10, Windows 11, and Windows Server releases. The CVSS vector (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L) confirms exploitation requires only a valid local account with no elevated privileges, yielding high integrity impact with minimal availability disruption and no direct confidentiality exposure. No public exploit code or CISA KEV listing has been identified at time of analysis, but the 'Authentication Bypass' advisory tag suggests DNS tampering may enable downstream bypass of authentication mechanisms dependent on DNS resolution, potentially amplifying the effective impact beyond the raw CVSS score.

Authentication Bypass Microsoft Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +8
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2026-50453 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack.

Buffer Overflow Microsoft Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2026-50383 MEDIUM PATCH Exploit Unlikely This Month

Buffer over-read in Windows Print Spooler Components allows an authorized attacker to disclose information locally.

Buffer Overflow Microsoft Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +8
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2026-49174 MEDIUM PATCH This Month

Missing authentication for critical function in Microsoft Windows DNS allows an authorized attacker to perform tampering locally.

Authentication Bypass Microsoft Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +8
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2026-23573 MEDIUM This Month

Reflected or stored cross-site scripting in Fortinet FortiOS, FortiPAM, and FortiProxy web interfaces allows a remote unauthenticated attacker to execute JavaScript in the browser session of an authenticated administrator via crafted HTTP requests. The CVSS temporal metric E:P confirms publicly available proof-of-concept exploit code exists, and the RL:O metric confirms Fortinet has released an official fix. No active exploitation has been confirmed by CISA KEV at time of analysis, but the combination of a POC and the high-value targets (network security appliances and privileged access management systems) elevates real-world risk beyond what the base CVSS score of 6.1 suggests.

Fortinet XSS Fortios Fortiproxy Fortipam
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2026-44767 MEDIUM PATCH This Month

CSS stylesheet injection in SAP @ui5/webcomponents-base allows unauthenticated remote attackers to load arbitrary cross-origin stylesheets into victim pages by bypassing the sap-allowed-theme-origins allowlist enforcement inside setThemeRoot(). The ?sap-themeRoot URL query parameter is a direct delivery vector, making socially-engineered exploitation trivial - no authentication is required from the attacker (CVSS PR:N), only a victim page load (UI:R). Successful exploitation enables UI redressing, clickjacking, phishing overlays, visual defacement, and limited CSS attribute-selector-based data exfiltration; no public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

SAP Authentication Bypass Ui5 Webcomponents Base
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2026-44759 MEDIUM This Month

Reflected cross-site scripting in SAP NetWeaver Enterprise Portal enables unauthenticated remote attackers to inject arbitrary JavaScript into URL parameters that are echoed back unencoded in server responses. When a victim with an active portal session visits a crafted URL, the injected script executes in their browser under the portal's origin, permitting session token theft, unauthorized manipulation of portal content, or forced redirection to attacker-controlled resources. No public exploit code has been identified at time of analysis and no CISA KEV listing exists, though the unauthenticated network-accessible attack surface and low complexity make phishing-based delivery operationally straightforward.

SAP XSS Sap Netweaver Enterprise Portal
NVD VulDB
CVSS 3.1
6.1
EPSS
0.2%
CVE-2026-50324 MEDIUM PATCH Exploit Unlikely This Month

Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.

Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 Windows Server 2012 R2 Windows Server 2012 R2 Server Core Installation +7
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2026-54429 MEDIUM This Month

Denial of service in Siemens SIMATIC S7-PLCSIM Advanced (all versions) allows an unauthenticated attacker on the same local network segment to exhaust the application's memory by flooding it with high-volume multicast traffic, rendering the PLC simulation instance inaccessible until manually restarted. Exploitation is limited to instances running a specific active project configuration, and no project data is lost. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Denial Of Service Simatic S7 Plcsim Advanced
NVD
CVSS 4.0
6.0
EPSS
0.2%
CVE-2026-12588 MEDIUM This Month

Denial of Service in Trellix HX (versions 10.0.0 and earlier) allows an authenticated network attacker to exhaust appliance resources by submitting a specially crafted highly-compressed file to the HX console, triggering the product's own detection engine to perform runaway decompression. The impact is limited to availability - the EDR appliance becomes unresponsive - but disruption of an endpoint detection and response platform carries secondary operational risk by creating a monitoring blind spot. No public exploit code has been identified at time of analysis, and no CISA KEV listing exists.

Denial Of Service
NVD
CVSS 4.0
6.0
EPSS
0.2%
CVE-2026-58638 MEDIUM PATCH Exploit Likely This Month

Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

Authentication Bypass Microsoft Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +14
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2026-15712 MEDIUM This Month

Heap buffer over-read in libsoup's HTTP/2 GOAWAY frame parser allows remote unauthenticated attackers to crash applications or leak heap memory fragments by sending a malformed frame with a non-NUL-terminated Additional Debug Data payload. Affected deployments include applications built on libsoup running on Red Hat Enterprise Linux 10 that accept or initiate HTTP/2 connections. A proof-of-concept exists per SSVC data, though exploitation is rated non-automatable and this vulnerability is not listed in the CISA KEV catalog at time of analysis.

Buffer Overflow Denial Of Service Information Disclosure Red Hat Enterprise Linux 10
NVD VulDB
CVSS 3.1
5.9
EPSS
0.5%
CVE-2026-15713 MEDIUM This Month

A vulnerability was found in libsoup's HTTP/2 protocol implementation. The library fails to correctly release memory context blocks under specific stream termination conditions, such as when an HTTP/2 connection encounters window exhaustion or explicit stream resets. A remote, unauthenticated attacker acting as a malicious network peer can trick the connection engine into allocating stream states that are subsequently leaked during cleanup. Over a sustained period, this flaw allows the remote attacker to consume the system's heap allocations incrementally, triggering a denial of service (DoS) through an ultimate Out-of-Memory (OOM) application crash.

Denial Of Service Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 +1
NVD VulDB
CVSS 3.1
5.9
EPSS
0.3%
CVE-2026-48308 MEDIUM This Month

Premiere Pro is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. Scope is changed.

Authentication Bypass Premiere
NVD
CVSS 3.1
5.9
EPSS
0.2%
CVE-2026-47997 MEDIUM This Month

Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction.

Authentication Bypass Adobe Adobe Commerce Adobe Commerce B2B Magento Open Source +1
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2026-47998 MEDIUM This Month

Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction.

Authentication Bypass Adobe Adobe Commerce Adobe Commerce B2B Magento Open Source +1
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2026-56649 MEDIUM PATCH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Network File System allows an unauthorized attacker to execute code over a network.

Authentication Bypass Microsoft Race Condition Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2026-15738 MEDIUM PATCH This Month

Incorrect behavior order in the Gateway API listener-rule generation in Amazon AWS Load Balancer Controller before 3.4.2 might allow an authenticated remote user to intercept, spoof, or deny another namespace's gRPC traffic on a shared Gateway via a crafted HTTPRoute resource. To mitigate this issue, users should upgrade to version 3.4.2.

Information Disclosure Aws Load Balancer Controller
NVD GitHub
CVSS 4.0
5.8
EPSS
0.4%
CVE-2026-62655 MEDIUM PATCH This Month

Stack-based buffer overflow in multiple NETGEAR Orbi mesh WiFi models (RBR860, RBRE950/960, RBE970/971, RBS860, RBSE950/960) enables an unauthenticated adjacent-network attacker to crash or force a restart of the affected device, causing a loss of network connectivity. The root cause is CWE-121 (stack-based buffer overflow), meaning a crafted network payload can overwrite stack memory and destabilize the device process. The CVSS 4.0 supplemental metric E:P indicates a proof-of-concept exploit exists, elevating practical risk despite the moderate base score of 5.7.

Buffer Overflow Stack Overflow Netgear Rbr860 Rbre950 +6
NVD
CVSS 4.0
5.7
EPSS
0.2%
CVE-2026-57083 MEDIUM PATCH This Month

Use of uninitialized resource in Microsoft Windows Codecs Library allows an unauthorized attacker to disclose information locally.

Microsoft Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-55027 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-55047 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-56184 MEDIUM PATCH Exploit Unlikely This Month

Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Windows 10 Version 21H2 Windows 10 Version 22H2 Windows 11 Version 24H2 +5
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-50389 MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +11
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-55046 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Excel 2016 +7
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-48580 MEDIUM PATCH Exploit Unlikely This Month

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Excel 2016 Microsoft Office 2019 +6
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-50475 MEDIUM PATCH Exploit Likely This Month

Buffer over-read in Windows Kernel allows an authorized attacker to disclose information locally.

Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-56195 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office exposes sensitive memory contents to a local, unauthenticated attacker who can induce a user to open a malicious document. Affected products span the full current Office portfolio - Office 2016 through LTSC 2024 on both Windows and macOS - making the blast radius broad despite the local attack vector. No public exploit identified at time of analysis and SSVC classifies exploitation as none and not automatable, though the high confidentiality impact (C:H) and near-universal deployment of Office keep this a meaningful patching priority.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +6
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-56192 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-55042 MEDIUM PATCH This Month

Uninitialized memory disclosure in Microsoft Office exposes sensitive data locally when a user interacts with a crafted document. The vulnerability, rooted in CWE-908 (Use of Uninitialized Resource), affects the full breadth of current Office deployments across Windows and macOS, including Office 2016 through LTSC 2024 and Microsoft 365 Apps for Enterprise. No public exploit code has been identified at time of analysis, and SSVC signals confirm no observed exploitation; however, the High confidentiality impact warrants prompt patching given Office's ubiquitous deployment footprint.

Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 Microsoft Office 2019 +5
NVD
CVSS 3.1
5.5
EPSS
0.4%
Prev Page 3 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy