Arbitrary code execution in Adobe Media Encoder is possible through an out-of-bounds write triggered when a victim opens a maliciously crafted media file, running attacker code in the context of the current user. The flaw was reported by Adobe and is addressed in advisory APSB26-72; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation hinges on user interaction (opening the file) and yields high impact to confidentiality, integrity, and availability.
Arbitrary code execution in Adobe Bridge is possible through an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted file, running attacker code in the context of the current user. All versions covered by Adobe advisory APSB26-81 are affected, and while there is no public exploit identified at time of analysis, the local user-interaction attack pattern is consistent with weaponized document/asset lures. The CVSS 7.8 (High) rating reflects full confidentiality, integrity, and availability impact once a victim is socially engineered into opening the file.
Arbitrary code execution in Adobe Bridge results from an out-of-bounds write (CWE-787) that a victim triggers by opening a malicious file, running attacker-supplied code with the privileges of the current user. The flaw is local (AV:L) and requires user interaction, so it is a client-side, file-borne bug rather than a remotely reachable service vulnerability. No public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe patched it in advisory APSB26-81.
Arbitrary code execution in Adobe After Effects arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted project or media file, running attacker code with the privileges of the current user. Adobe self-reported the flaw in advisory APSB26-78; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 7.8 (High) rating reflects high confidentiality, integrity, and availability impact but is gated by required user interaction and local file delivery.
Arbitrary code execution in Adobe Premiere Pro via an out-of-bounds write (CWE-787) that lets an attacker run code in the context of the current user when a victim opens a maliciously crafted project or media file. The flaw is memory-corruption based and file-driven, requiring user interaction rather than network exposure; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. EPSS data was not provided, but the local, user-interaction-gated vector places this in the file-format/client-side attack category typical of Adobe desktop products.
Arbitrary code execution in Adobe Media Encoder arises from an out-of-bounds write (CWE-787) that lets a crafted media file corrupt memory and run attacker-controlled code in the context of the current user. Any user who opens a malicious file in the affected desktop application is at risk, with full loss of confidentiality, integrity, and availability on the host. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Code execution in NVIDIA TensorRT is possible when the SDK processes a maliciously crafted input that overflows a heap-based buffer (CWE-122), corrupting adjacent heap memory. The flaw affects the TensorRT deep-learning inference library and requires a local user to load attacker-supplied content, per the AV:L/UI:R CVSS vector; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Successful exploitation yields full loss of confidentiality, integrity, and availability (C:H/I:H/A:H) in the context of the process running the inference job.
Improper array index validation (CWE-129) in NVIDIA TensorRT allows an attacker to trigger out-of-bounds memory access that may lead to arbitrary code execution when a victim processes malicious input on the local host. The CVSS 3.1 vector (AV:L/UI:R) indicates the target must actively load attacker-controlled content, so exploitation hinges on tricking a user or automated pipeline into ingesting a crafted model or input file. There is no public exploit identified at time of analysis and the CVE is not in CISA KEV, but with high confidentiality, integrity, and availability impact this is a meaningful priority for AI/ML inference environments.
Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Local arbitrary code execution in Adobe Creative Cloud Desktop lets a low-privileged user run code in the context of the current user by exploiting an uncontrolled search path (CWE-427) — the class of flaw where an application loads a library or executable from an attacker-influenced directory. Adobe (CVE-2026-48272) rates it CVSS 7.8, but the vector is local with high attack complexity and requires existing low-level privileges, and exploitation depends on conditions beyond the attacker's control. No public exploit identified at time of analysis and it is not listed in CISA KEV, so this is a defense-in-depth patch rather than an emergency.
Security feature bypass in Adobe ColdFusion allows a low-privileged, network-based attacker to defeat access controls and obtain unauthorized read access to data outside their intended authorization boundary. Adobe PSIRT classifies the root cause as improper input validation and tags it an authentication bypass; the CVSS 3.1 score is 7.7 with a changed scope, reflecting impact that crosses a security boundary. No public exploit has been identified at time of analysis, and no EPSS or CISA KEV data was provided.
Local privilege escalation to arbitrary code execution affects the Adobe Creative Cloud Desktop application through a Time-of-check Time-of-use (TOCTOU) race condition, letting a low-privileged local attacker execute code and - because the CVSS scope is changed - impact resources beyond the initial security context. No user interaction is required, but the race is hard to win: exploitation depends on conditions beyond the attacker's control, reflected in the high attack complexity. At time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, allowing an attacker to run code in the context of the current user. The flaw is Adobe-reported (advisory APSB26-71) and carries a CVSS 7.8 (High) rating; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation is local and requires user interaction, weaponization depends on social engineering rather than remote automated attack.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, letting an attacker run code with the privileges of the current user. The CVSS 3.1 base score is 7.8 (local vector, requires user interaction), and no public exploit has been identified at time of analysis. Reported by Adobe via advisory APSB26-71.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (memory corruption) that runs in the context of the current user when a victim opens a maliciously crafted media/project file. All affected versions covered by Adobe advisory APSB26-71 are impacted, and while no public exploit has been identified at time of analysis, the local attack vector with required user interaction makes it a classic file-format weaponization risk. The CVSS 7.8 (High) reflects full confidentiality, integrity, and availability impact once the file is opened.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, letting an attacker run code in the context of the current user. The flaw was reported by Adobe and is documented in advisory APSB26-71; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation is local and requires user interaction, it is a file-format/client-side memory-corruption issue rather than a remotely-triggerable server flaw.
Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a user opens a maliciously crafted media/project file, letting an attacker run code with the privileges of the current user. Affects Adobe Audition and was reported by Adobe under advisory APSB26-71. No public exploit identified at time of analysis, and it is not listed in CISA KEV; EPSS not provided.
Local privilege escalation in the Windows Cloud Files Mini Filter Driver (cldflt.sys) allows an authenticated low-privileged user to elevate to SYSTEM by triggering a use-after-free memory corruption condition. The flaw affects a broad range of Windows client and server releases (Windows 10 1809 through Windows 11 26H1, and Windows Server 2019 through 2025) and was reported by Microsoft. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Local code execution in Microsoft Windows' Resilient File System (ReFS) driver lets an attacker run arbitrary code by inducing a victim to mount or open a maliciously crafted ReFS volume. The flaw is a heap-based buffer overflow (CWE-122) in ReFS metadata parsing affecting Windows 10, Windows 11 (through 26H1), and Windows Server 2016-2025. CVSS is 7.8 (AV:L/UI:R); there is no public exploit identified at time of analysis and it is not in CISA KEV, so exploitation would require crafting a malicious volume and social-engineering the user to attach it.
Local privilege escalation in the Windows Runtime (WinRT) affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2022/2025, where a race condition in shared-resource handling lets an already-authenticated local user win a timing window to gain higher privileges. Reported by Microsoft with a patch available; there is no public exploit identified at time of analysis and the CVSS base score is 7.8 (High). Note that Microsoft's tags label this as Information Disclosure while the description and CVSS impact metrics describe full privilege elevation - this discrepancy should be verified against the vendor advisory.
Local privilege escalation in Microsoft's Windows Subsystem for Linux (WSL2) allows a low-privileged authenticated user on the Windows host to elevate to higher privileges by triggering a buffer over-read (CWE-126). Microsoft (the reporting vendor) has released a fix via MSRC, and there is no public exploit identified at time of analysis. With a CVSS 3.1 base score of 7.8 and full high impact to confidentiality, integrity and availability, it is a meaningful local EoP but requires prior code-execution access on the machine.
Local privilege escalation in Microsoft Windows Routing and Remote Access Service (RRAS) allows an authenticated low-privileged attacker to elevate to SYSTEM by triggering a heap-based buffer overflow (CWE-122). The flaw affects a broad range of Windows client and server versions from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 R2 through Server 2025. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available.
Local privilege elevation in the Windows Extensible Storage Engine (ESENT) database library allows an already-authenticated low-privileged user on affected Windows 10 1809, Windows Server 2019, 2022, and 2025 systems to gain higher privileges, with full loss of confidentiality, integrity, and availability. The flaw stems from improper access control (CWE-284) in a core OS component that services many system databases. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Local privilege escalation in the Windows Network File System (NFS) component allows an authenticated attacker to elevate to SYSTEM by triggering a heap-based buffer overflow (CWE-122). Reported by Microsoft and affecting a broad range of Windows 10, Windows 11, and Windows Server 2012-2025 releases, with a vendor patch available via MSRC. No public exploit identified at time of analysis, and no CISA KEV listing.
Local code execution in Microsoft Windows Media Foundation (CWE-122 heap-based buffer overflow) lets an unauthorized attacker run arbitrary code when a victim opens a maliciously crafted media file or content that the platform parses. It affects a broad range of Windows client and server builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local privilege escalation in the Windows NTFS file system driver allows an authenticated low-privileged user to gain SYSTEM-level rights by triggering an integer overflow (CWE-190) during filesystem processing. It affects a broad range of supported Windows client and server releases, from Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; a vendor patch is available from Microsoft.
Local privilege escalation in the Windows NTFS driver lets an already-authenticated attacker corrupt heap memory to run code at a higher privilege level (typically SYSTEM) on affected Windows 10, Windows 11, and Windows Server builds. Microsoft reported the issue and has shipped a fix; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. With CVSS 7.8 (AV:L/PR:L) it is a valuable post-compromise pivot rather than an initial-access bug.
Local privilege escalation in the Win32k GRFX subsystem across Windows 10, Windows 11, and Windows Server 2012 through 2025 lets an authenticated low-privileged local attacker elevate to SYSTEM by triggering an out-of-bounds read (CWE-125). The flaw was reported internally by Microsoft, a vendor patch is available via MSRC, and there is no public exploit identified at time of analysis. CVSS is 7.8 (High), reflecting a local vector with low complexity and low privileges required.
Local code execution in Microsoft Office Excel (across Microsoft 365 Apps for Enterprise, Office LTSC 2021/2024, and their macOS counterparts) arises from a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted spreadsheet. An unauthorized attacker can achieve arbitrary code execution in the context of the current user, gaining high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, but a vendor patch is available from Microsoft.
Local code execution in Microsoft Office Excel (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) allows an attacker to run arbitrary code in the context of the current user when a victim opens a maliciously crafted spreadsheet. The flaw stems from use of an uninitialized resource (CWE-908) and carries a CVSS 7.8; it requires user interaction (opening the file) and no prior privileges. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but a vendor patch is available.
Local code execution in Microsoft Excel (Office 2016 through Office LTSC 2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) allows an attacker to run arbitrary code when a victim opens a maliciously crafted spreadsheet. The flaw is a heap-based buffer overflow (CWE-122) triggered during file parsing, giving full confidentiality, integrity, and availability impact in the user's context. No public exploit identified at time of analysis, and it is not listed in CISA KEV, so exploitation currently appears theoretical rather than active.
Local code execution in Microsoft Office Excel (across Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, Office for Mac, and Office Online Server) stems from a heap-based buffer overflow (CWE-122) that an attacker triggers when a victim opens a maliciously crafted spreadsheet. Rated CVSS 7.8 with no privileges required but mandatory user interaction, successful exploitation yields full confidentiality, integrity, and availability impact in the context of the victim user. There is no public exploit identified at time of analysis and it is not on the CISA KEV list, but Microsoft has released a patch.
Local code execution in Microsoft Excel (and the broader Office 2016/2019/LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server family) results from a stack-based buffer overflow triggered when a victim opens a maliciously crafted spreadsheet. An attacker who convinces a user to open a booby-trapped file can run arbitrary code in the context of that user, with full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not on CISA KEV, but the ubiquity of Excel and Microsoft's own advisory make this a routine patch-Tuesday-class priority.
Arbitrary local code execution in Microsoft Office Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the Office for Mac editions, and Office Online Server) lets an attacker run code in the current user's context when a victim opens a maliciously crafted spreadsheet. The flaw is an untrusted pointer dereference (CWE-822) triggered during file parsing; it requires user interaction but no prior privileges. No public exploit is identified at time of analysis, and a vendor patch is available from Microsoft (MSRC).
Local privilege escalation in Windows Runtime (WinRT) across Windows 10, Windows 11, and Windows Server 2019 through 2025 allows an already-authenticated attacker to win a race condition and gain SYSTEM-level privileges. The flaw stems from concurrent access to a shared resource without proper synchronization, and full C:H/I:H/A:H impact indicates complete host compromise once triggered. Reported by Microsoft with a patch available; no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Local privilege escalation in the Microsoft Windows Search Component affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a heap-based buffer overflow lets an already-authenticated local attacker corrupt memory and elevate to higher privileges (up to SYSTEM). The CVSS 3.1 score of 7.8 reflects local-only attack with low privileges required and no user interaction, yielding full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local privilege escalation in Windows Active Directory across a broad range of Windows client and server releases (Windows 10 1607 through Windows 11 26H1, and Windows Server 2012 through 2025) allows an authenticated local attacker to elevate privileges by triggering an integer overflow (CWE-190). Successful exploitation yields high confidentiality, integrity, and availability impact, effectively enabling escalation to SYSTEM-level control on the affected host. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft has issued a patch via MSRC.
Local privilege escalation in Microsoft Windows Media (a component shipping in Windows 11 versions 24H2, 25H2, and 26H1) lets an authenticated local attacker execute code at elevated privilege by triggering a use-after-free (CWE-416) memory-corruption condition. Reported by Microsoft with a vendor patch available, it carries CVSS 7.8 (High) and can yield full confidentiality, integrity, and availability compromise of the host. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Local privilege escalation in the Windows Media component of Windows 11 (versions 24H2, 25H2, and 26H1) allows an already-authenticated local attacker to win a race condition and gain SYSTEM-level privileges. Rated CVSS 7.8 (High), the flaw stems from improper synchronization of a shared resource; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Microsoft has released a patch via the MSRC update guide.
Local code execution in the GitHub Copilot plugin for JetBrains IDEs allows an unauthorized attacker to run arbitrary code on a developer's machine by leveraging improper restriction of file/resource names (CWE-641), with exploitation requiring the victim to perform an action (UI:R). Rated CVSS 7.8 (high) with full confidentiality, integrity, and availability impact, this is a local-vector flaw affecting developers running the Copilot extension; no public exploit identified at time of analysis and it is not listed in CISA KEV. Microsoft has published a fix advisory (MSRC CVE-2026-50510).
Local privilege escalation in the Windows Wireless Wide Area Network Service (WwanSvc) lets an authenticated low-privileged user elevate to SYSTEM by delivering crafted serialized data that the service deserializes unsafely (CWE-502). Reported by Microsoft, it affects a broad range of Windows 10, Windows 11, and Windows Server builds and carries CVSS 7.8 with high confidentiality, integrity, and availability impact. No public exploit is identified at time of analysis and it is not in CISA KEV, but a vendor patch is available.
Local code execution in Microsoft's Resilient File System (ReFS) driver affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a stack-based buffer overflow (CWE-121) can be triggered when a victim interacts with attacker-crafted ReFS data. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows an unauthenticated but user-interaction-dependent local attack yielding full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis and the flaw is not on CISA KEV, so it currently represents a patch-priority rather than an active-exploitation emergency.
Elevation of privilege in the Microsoft Windows Universal Disk Format File System driver (UDFS) allows a local attacker to gain higher privileges after a user mounts or opens a maliciously crafted UDF-formatted volume such as an ISO or disc image. The flaw is an out-of-bounds read (CWE-125) in the kernel-mode UDFS parser, and successful exploitation yields high impact to confidentiality, integrity, and availability (CVSS 7.8). No public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a patch.
Local privilege escalation to code execution in the Windows NTFS file-system driver stems from a heap-based buffer overflow (CWE-122) that an authenticated local attacker can trigger to run arbitrary code with elevated privileges. The flaw was reported by Microsoft and spans a broad range of currently-supported Windows client and server releases, from Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the low attack complexity and reliable memory-corruption primitive in a core kernel-mode driver make it a strong candidate for patch-Tuesday prioritization.
Local privilege escalation in the Windows Print Spooler Components affects Windows 10 (1809, 21H2, 22H2), Windows 11 (24H2, 25H2, 26H1), and Windows Server 2019/2022/2025, where a heap-based buffer overflow (CWE-122) lets an already-authenticated local user corrupt heap memory in a Spooler component and gain SYSTEM-level privileges. Exploitation requires low-privilege local access (CVSS AV:L/PR:L) with no user interaction, yielding full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Local privilege escalation in the Windows Clipboard User Service lets an already-authenticated low-privileged user run OS commands in the service's higher-privilege security context by injecting special elements into a command the service constructs (CWE-77). Affected platforms are Windows 11 24H2/25H2 and Windows Server 2025 (including Server Core). Microsoft has issued a patch; there is no public exploit identified at time of analysis and the flaw is not on the CISA KEV list.
Elevation of privilege in the Windows Runtime (WinRT) component affects Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2025, where a use-after-free memory-corruption flaw lets an already-authenticated local user run code at higher privilege. Microsoft has released a patch and reported the issue; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV. Given the CVSS 7.8 (Important) rating and full C/I/A impact, this is a standard local privilege-escalation risk suited for regular patch prioritization rather than emergency response.
Local privilege escalation in the Windows Graphics Kernel component allows an authenticated attacker to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory-corruption condition. All currently supported Windows client and server builds are affected - from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. No public exploit identified at time of analysis; Microsoft has released a patch, and the CVSS 7.8 (Important) rating reflects high impact but a local-access, low-privilege prerequisite.