Skip to main content
CVE-2026-48311 HIGH This Week

Arbitrary code execution in Adobe Bridge results from an out-of-bounds write (CWE-787) that a victim triggers by opening a malicious file, running attacker-supplied code with the privileges of the current user. The flaw is local (AV:L) and requires user interaction, so it is a client-side, file-borne bug rather than a remotely reachable service vulnerability. No public exploit identified at time of analysis and it is not listed in CISA KEV; Adobe patched it in advisory APSB26-81.

Buffer Overflow Memory Corruption RCE Adobe Bridge
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48274 HIGH This Week

Arbitrary code execution in Adobe After Effects arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted project or media file, running attacker code with the privileges of the current user. Adobe self-reported the flaw in advisory APSB26-78; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 7.8 (High) rating reflects high confidentiality, integrity, and availability impact but is gated by required user interaction and local file delivery.

Buffer Overflow Memory Corruption RCE After Effects
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48369 HIGH This Week

Arbitrary code execution in Adobe Premiere Pro via an out-of-bounds write (CWE-787) that lets an attacker run code in the context of the current user when a victim opens a maliciously crafted project or media file. The flaw is memory-corruption based and file-driven, requiring user interaction rather than network exposure; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. EPSS data was not provided, but the local, user-interaction-gated vector places this in the file-format/client-side attack category typical of Adobe desktop products.

Buffer Overflow Memory Corruption RCE Premiere
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48370 HIGH This Week

Arbitrary code execution in Adobe Media Encoder arises from an out-of-bounds write (CWE-787) that lets a crafted media file corrupt memory and run attacker-controlled code in the context of the current user. Any user who opens a malicious file in the affected desktop application is at risk, with full loss of confidentiality, integrity, and availability on the host. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Buffer Overflow Memory Corruption RCE Adobe Media Encoder
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-24272 HIGH This Week

Code execution in NVIDIA TensorRT is possible when the SDK processes a maliciously crafted input that overflows a heap-based buffer (CWE-122), corrupting adjacent heap memory. The flaw affects the TensorRT deep-learning inference library and requires a local user to load attacker-supplied content, per the AV:L/UI:R CVSS vector; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Successful exploitation yields full loss of confidentiality, integrity, and availability (C:H/I:H/A:H) in the context of the process running the inference job.

Heap Overflow Buffer Overflow Nvidia RCE Tensorrt
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-24238 HIGH This Week

Improper array index validation (CWE-129) in NVIDIA TensorRT allows an attacker to trigger out-of-bounds memory access that may lead to arbitrary code execution when a victim processes malicious input on the local host. The CVSS 3.1 vector (AV:L/UI:R) indicates the target must actively load attacker-controlled content, so exploitation hinges on tricking a user or automated pipeline into ingesting a crafted model or input file. There is no public exploit identified at time of analysis and the CVE is not in CISA KEV, but with high confidentiality, integrity, and availability impact this is a meaningful priority for AI/ML inference environments.

Nvidia RCE Tensorrt
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48337 HIGH This Week

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Buffer Overflow Memory Corruption RCE Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48336 HIGH This Week

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Buffer Overflow Memory Corruption RCE Illustrator
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48335 HIGH This Week

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Buffer Overflow Memory Corruption RCE Illustrator
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48272 HIGH This Week

Local arbitrary code execution in Adobe Creative Cloud Desktop lets a low-privileged user run code in the context of the current user by exploiting an uncontrolled search path (CWE-427) — the class of flaw where an application loads a library or executable from an attacker-influenced directory. Adobe (CVE-2026-48272) rates it CVSS 7.8, but the vector is local with high attack complexity and requires existing low-level privileges, and exploitation depends on conditions beyond the attacker's control. No public exploit identified at time of analysis and it is not listed in CISA KEV, so this is a defense-in-depth patch rather than an emergency.

RCE Creative Cloud Desktop
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-48328 HIGH This Week

Security feature bypass in Adobe ColdFusion allows a low-privileged, network-based attacker to defeat access controls and obtain unauthorized read access to data outside their intended authorization boundary. Adobe PSIRT classifies the root cause as improper input validation and tags it an authentication bypass; the CVSS 3.1 score is 7.7 with a changed scope, reflecting impact that crosses a security boundary. No public exploit has been identified at time of analysis, and no EPSS or CISA KEV data was provided.

Authentication Bypass Coldfusion
NVD
CVSS 3.1
7.7
EPSS
0.6%
CVE-2026-48344 HIGH This Week

Local privilege escalation to arbitrary code execution affects the Adobe Creative Cloud Desktop application through a Time-of-check Time-of-use (TOCTOU) race condition, letting a low-privileged local attacker execute code and - because the CVSS scope is changed - impact resources beyond the initial security context. No user interaction is required, but the race is hard to win: exploitation depends on conditions beyond the attacker's control, reflected in the high attack complexity. At time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.

RCE Creative Cloud Desktop
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-47967 HIGH This Week

Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, allowing an attacker to run code in the context of the current user. The flaw is Adobe-reported (advisory APSB26-71) and carries a CVSS 7.8 (High) rating; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation is local and requires user interaction, weaponization depends on social engineering rather than remote automated attack.

Buffer Overflow Memory Corruption RCE Audition
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-48309 HIGH This Week

Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, letting an attacker run code with the privileges of the current user. The CVSS 3.1 base score is 7.8 (local vector, requires user interaction), and no public exploit has been identified at time of analysis. Reported by Adobe via advisory APSB26-71.

Buffer Overflow Memory Corruption RCE Audition
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-48365 HIGH This Week

Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (memory corruption) that runs in the context of the current user when a victim opens a maliciously crafted media/project file. All affected versions covered by Adobe advisory APSB26-71 are impacted, and while no public exploit has been identified at time of analysis, the local attack vector with required user interaction makes it a classic file-format weaponization risk. The CVSS 7.8 (High) reflects full confidentiality, integrity, and availability impact once the file is opened.

Buffer Overflow Memory Corruption RCE Audition
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-47968 HIGH This Week

Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a victim opens a maliciously crafted media/project file, letting an attacker run code in the context of the current user. The flaw was reported by Adobe and is documented in advisory APSB26-71; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because exploitation is local and requires user interaction, it is a file-format/client-side memory-corruption issue rather than a remotely-triggerable server flaw.

Buffer Overflow Memory Corruption RCE Audition
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-48368 HIGH This Week

Arbitrary code execution in Adobe Audition arises from an out-of-bounds write (CWE-787) triggered when a user opens a maliciously crafted media/project file, letting an attacker run code with the privileges of the current user. Affects Adobe Audition and was reported by Adobe under advisory APSB26-71. No public exploit identified at time of analysis, and it is not listed in CISA KEV; EPSS not provided.

Buffer Overflow Memory Corruption RCE Audition
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-58536 HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Windows Cloud Files Mini Filter Driver (cldflt.sys) allows an authenticated low-privileged user to elevate to SYSTEM by triggering a use-after-free memory corruption condition. The flaw affects a broad range of Windows client and server releases (Windows 10 1809 through Windows 11 26H1, and Windows Server 2019 through 2025) and was reported by Microsoft. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2026-58530 HIGH PATCH This Week

Local code execution in Microsoft Windows' Resilient File System (ReFS) driver lets an attacker run arbitrary code by inducing a victim to mount or open a maliciously crafted ReFS volume. The flaw is a heap-based buffer overflow (CWE-122) in ReFS metadata parsing affecting Windows 10, Windows 11 (through 26H1), and Windows Server 2016-2025. CVSS is 7.8 (AV:L/UI:R); there is no public exploit identified at time of analysis and it is not in CISA KEV, so exploitation would require crafting a malicious volume and social-engineering the user to attach it.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-58527 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Runtime (WinRT) affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2022/2025, where a race condition in shared-resource handling lets an already-authenticated local user win a timing window to gain higher privileges. Reported by Microsoft with a patch available; there is no public exploit identified at time of analysis and the CVSS base score is 7.8 (High). Note that Microsoft's tags label this as Information Disclosure while the description and CVSS impact metrics describe full privilege elevation - this discrepancy should be verified against the vendor advisory.

Microsoft Race Condition Information Disclosure Windows 11 Version 24H2 Windows 11 Version 25H2 +4
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-57968 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft's Windows Subsystem for Linux (WSL2) allows a low-privileged authenticated user on the Windows host to elevate to higher privileges by triggering a buffer over-read (CWE-126). Microsoft (the reporting vendor) has released a fix via MSRC, and there is no public exploit identified at time of analysis. With a CVSS 3.1 base score of 7.8 and full high impact to confidentiality, integrity and availability, it is a meaningful local EoP but requires prior code-execution access on the machine.

Buffer Overflow Microsoft Windows Subsystem For Linux Wsl2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-57096 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Routing and Remote Access Service (RRAS) allows an authenticated low-privileged attacker to elevate to SYSTEM by triggering a heap-based buffer overflow (CWE-122). The flaw affects a broad range of Windows client and server versions from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 R2 through Server 2025. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; a vendor patch is available.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +14
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-57088 HIGH PATCH Exploit Unlikely This Week

Local privilege elevation in the Windows Extensible Storage Engine (ESENT) database library allows an already-authenticated low-privileged user on affected Windows 10 1809, Windows Server 2019, 2022, and 2025 systems to gain higher privileges, with full loss of confidentiality, integrity, and availability. The flaw stems from improper access control (CWE-284) in a core OS component that services many system databases. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Authentication Bypass Windows 10 Version 1809 Windows Server 2019 Windows Server 2019 Server Core Installation Windows Server 2022 +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-56189 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Windows Media Foundation (CWE-122 heap-based buffer overflow) lets an unauthorized attacker run arbitrary code when a victim opens a maliciously crafted media file or content that the platform parses. It affects a broad range of Windows client and server builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2026-56182 HIGH PATCH This Week

Local privilege escalation in the Windows NTFS file system driver allows an authenticated low-privileged user to gain SYSTEM-level rights by triggering an integer overflow (CWE-190) during filesystem processing. It affects a broad range of supported Windows client and server releases, from Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; a vendor patch is available from Microsoft.

Buffer Overflow Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-56175 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows NTFS driver lets an already-authenticated attacker corrupt heap memory to run code at a higher privilege level (typically SYSTEM) on affected Windows 10, Windows 11, and Windows Server builds. Microsoft reported the issue and has shipped a fix; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. With CVSS 7.8 (AV:L/PR:L) it is a valuable post-compromise pivot rather than an initial-access bug.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-56176 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Win32k GRFX subsystem across Windows 10, Windows 11, and Windows Server 2012 through 2025 lets an authenticated low-privileged local attacker elevate to SYSTEM by triggering an out-of-bounds read (CWE-125). The flaw was reported internally by Microsoft, a vendor patch is available via MSRC, and there is no public exploit identified at time of analysis. CVSS is 7.8 (High), reflecting a local vector with low complexity and low privileges required.

Buffer Overflow Microsoft Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-56156 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Excel (across Microsoft 365 Apps for Enterprise, Office LTSC 2021/2024, and their macOS counterparts) arises from a heap-based buffer overflow (CWE-122) triggered when a victim opens a maliciously crafted spreadsheet. An unauthorized attacker can achieve arbitrary code execution in the context of the current user, gaining high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, but a vendor patch is available from Microsoft.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Office 365 For Mac +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55949 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Excel (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) allows an attacker to run arbitrary code in the context of the current user when a victim opens a maliciously crafted spreadsheet. The flaw stems from use of an uninitialized resource (CWE-908) and carries a CVSS 7.8; it requires user interaction (opening the file) and no prior privileges. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but a vendor patch is available.

Authentication Bypass Microsoft Microsoft 365 Apps For Enterprise Microsoft Excel 2016 Microsoft Office 2019 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55947 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Excel (Office 2016 through Office LTSC 2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) allows an attacker to run arbitrary code when a victim opens a maliciously crafted spreadsheet. The flaw is a heap-based buffer overflow (CWE-122) triggered during file parsing, giving full confidentiality, integrity, and availability impact in the user's context. No public exploit identified at time of analysis, and it is not listed in CISA KEV, so exploitation currently appears theoretical rather than active.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Excel 2016 +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55137 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Excel (across Microsoft 365 Apps, Office 2016/2019, LTSC 2021/2024, Office for Mac, and Office Online Server) stems from a heap-based buffer overflow (CWE-122) that an attacker triggers when a victim opens a maliciously crafted spreadsheet. Rated CVSS 7.8 with no privileges required but mandatory user interaction, successful exploitation yields full confidentiality, integrity, and availability impact in the context of the victim user. There is no public exploit identified at time of analysis and it is not on the CISA KEV list, but Microsoft has released a patch.

Heap Overflow Buffer Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Excel 2016 +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55141 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Excel (and the broader Office 2016/2019/LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server family) results from a stack-based buffer overflow triggered when a victim opens a maliciously crafted spreadsheet. An attacker who convinces a user to open a booby-trapped file can run arbitrary code in the context of that user, with full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not on CISA KEV, but the ubiquity of Excel and Microsoft's own advisory make this a routine patch-Tuesday-class priority.

Buffer Overflow Stack Overflow Microsoft Microsoft 365 Apps For Enterprise Microsoft Excel 2016 +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55136 HIGH PATCH This Week

Arbitrary local code execution in Microsoft Office Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the Office for Mac editions, and Office Online Server) lets an attacker run code in the current user's context when a victim opens a maliciously crafted spreadsheet. The flaw is an untrusted pointer dereference (CWE-822) triggered during file parsing; it requires user interaction but no prior privileges. No public exploit is identified at time of analysis, and a vendor patch is available from Microsoft (MSRC).

Authentication Bypass Microsoft Microsoft 365 Apps For Enterprise Microsoft Excel 2016 Microsoft Office 2019 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-54125 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Runtime (WinRT) across Windows 10, Windows 11, and Windows Server 2019 through 2025 allows an already-authenticated attacker to win a race condition and gain SYSTEM-level privileges. The flaw stems from concurrent access to a shared resource without proper synchronization, and full C:H/I:H/A:H impact indicates complete host compromise once triggered. Reported by Microsoft with a patch available; no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Microsoft Race Condition Information Disclosure Windows 10 Version 1809 Windows 10 Version 21H2 +9
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50679 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Search Component affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a heap-based buffer overflow lets an already-authenticated local attacker corrupt memory and elevate to higher privileges (up to SYSTEM). The CVSS 3.1 score of 7.8 reflects local-only attack with low privileges required and no user interaction, yielding full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Heap Overflow Buffer Overflow Microsoft Windows 11 Version 24H2 Windows 11 Version 25H2 +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-54115 HIGH PATCH This Week

Local privilege escalation in Windows Active Directory across a broad range of Windows client and server releases (Windows 10 1607 through Windows 11 26H1, and Windows Server 2012 through 2025) allows an authenticated local attacker to elevate privileges by triggering an integer overflow (CWE-190). Successful exploitation yields high confidentiality, integrity, and availability impact, effectively enabling escalation to SYSTEM-level control on the affected host. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft has issued a patch via MSRC.

Buffer Overflow Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50677 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Media (a component shipping in Windows 11 versions 24H2, 25H2, and 26H1) lets an authenticated local attacker execute code at elevated privilege by triggering a use-after-free (CWE-416) memory-corruption condition. Reported by Microsoft with a vendor patch available, it carries CVSS 7.8 (High) and can yield full confidentiality, integrity, and availability compromise of the host. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50676 HIGH PATCH This Week

Local privilege escalation in the Windows Media component of Windows 11 (versions 24H2, 25H2, and 26H1) allows an already-authenticated local attacker to win a race condition and gain SYSTEM-level privileges. Rated CVSS 7.8 (High), the flaw stems from improper synchronization of a shared resource; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Microsoft has released a patch via the MSRC update guide.

Microsoft Race Condition Information Disclosure Windows 11 Version 24H2 Windows 11 Version 25H2 +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50510 HIGH PATCH This Week

Local code execution in the GitHub Copilot plugin for JetBrains IDEs allows an unauthorized attacker to run arbitrary code on a developer's machine by leveraging improper restriction of file/resource names (CWE-641), with exploitation requiring the victim to perform an action (UI:R). Rated CVSS 7.8 (high) with full confidentiality, integrity, and availability impact, this is a local-vector flaw affecting developers running the Copilot extension; no public exploit identified at time of analysis and it is not listed in CISA KEV. Microsoft has published a fix advisory (MSRC CVE-2026-50510).

Authentication Bypass Github Copilot Plugin For Jetbrains Ides
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50509 HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Windows Wireless Wide Area Network Service (WwanSvc) lets an authenticated low-privileged user elevate to SYSTEM by delivering crafted serialized data that the service deserializes unsafely (CWE-502). Reported by Microsoft, it affects a broad range of Windows 10, Windows 11, and Windows Server builds and carries CVSS 7.8 with high confidentiality, integrity, and availability impact. No public exploit is identified at time of analysis and it is not in CISA KEV, but a vendor patch is available.

Microsoft Deserialization Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +10
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2026-50501 HIGH PATCH This Week

Local code execution in Microsoft's Resilient File System (ReFS) driver affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a stack-based buffer overflow (CWE-121) can be triggered when a victim interacts with attacker-crafted ReFS data. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows an unauthenticated but user-interaction-dependent local attack yielding full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis and the flaw is not on CISA KEV, so it currently represents a patch-priority rather than an active-exploitation emergency.

Buffer Overflow Stack Overflow Microsoft Windows 11 Version 24H2 Windows 11 Version 25H2 +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-50498 HIGH PATCH Exploit Unlikely This Week

Elevation of privilege in the Microsoft Windows Universal Disk Format File System driver (UDFS) allows a local attacker to gain higher privileges after a user mounts or opens a maliciously crafted UDF-formatted volume such as an ISO or disc image. The flaw is an out-of-bounds read (CWE-125) in the kernel-mode UDFS parser, and successful exploitation yields high impact to confidentiality, integrity, and availability (CVSS 7.8). No public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a patch.

Buffer Overflow Microsoft Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50494 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation to code execution in the Windows NTFS file-system driver stems from a heap-based buffer overflow (CWE-122) that an authenticated local attacker can trigger to run arbitrary code with elevated privileges. The flaw was reported by Microsoft and spans a broad range of currently-supported Windows client and server releases, from Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the low attack complexity and reliable memory-corruption primitive in a core kernel-mode driver make it a strong candidate for patch-Tuesday prioritization.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50499 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Print Spooler Components affects Windows 10 (1809, 21H2, 22H2), Windows 11 (24H2, 25H2, 26H1), and Windows Server 2019/2022/2025, where a heap-based buffer overflow (CWE-122) lets an already-authenticated local user corrupt heap memory in a Spooler component and gain SYSTEM-level privileges. Exploitation requires low-privilege local access (CVSS AV:L/PR:L) with no user interaction, yielding full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1809 Windows 10 Version 21H2 +9
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50488 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Clipboard User Service lets an already-authenticated low-privileged user run OS commands in the service's higher-privilege security context by injecting special elements into a command the service constructs (CWE-77). Affected platforms are Windows 11 24H2/25H2 and Windows Server 2025 (including Server Core). Microsoft has issued a patch; there is no public exploit identified at time of analysis and the flaw is not on the CISA KEV list.

Microsoft Command Injection Windows 11 Version 24H2 Windows 11 Version 25H2 Windows Server 2025 +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2026-50486 HIGH PATCH This Week

Elevation of privilege in the Windows Runtime (WinRT) component affects Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2025, where a use-after-free memory-corruption flaw lets an already-authenticated local user run code at higher privilege. Microsoft has released a patch and reported the issue; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV. Given the CVSS 7.8 (Important) rating and full C/I/A impact, this is a standard local privilege-escalation risk suited for regular patch prioritization rather than emergency response.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 21H2 +6
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50493 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Graphics Kernel component allows an authenticated attacker to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory-corruption condition. All currently supported Windows client and server builds are affected - from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. No public exploit identified at time of analysis; Microsoft has released a patch, and the CVSS 7.8 (Important) rating reflects high impact but a local-access, low-privilege prerequisite.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50484 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel lets an already-authenticated attacker corrupt heap memory to gain SYSTEM-level control across Windows 10 (1809/21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2019/2022/2025. The CVSS 7.8 (AV:L/PR:L) rating reflects that low-privileged code execution is a prerequisite; there is no public exploit identified at time of analysis, but Microsoft has released a patch. This is a classic post-exploitation escalation primitive rather than an initial-access vector.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1809 Windows 10 Version 21H2 +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50450 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Wireless Wide Area Network (WWAN) Service allows a low-privileged authenticated user to win a race condition and gain SYSTEM-level privileges across Windows 10, Windows 11, and Windows Server 2019 through 2025. The flaw stems from improper synchronization of a shared resource (CWE-362), and the scope-changed CVSS impact (S:C) reflects that successful exploitation crosses from the attacker's low-privilege context into a higher-privileged service. No public exploit identified at time of analysis, and it is not listed in CISA KEV, though Microsoft credits itself as the reporter, indicating internal discovery.

Microsoft Race Condition Information Disclosure Windows 10 Version 1809 Windows 10 Version 21H2 +9
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50476 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows (Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through 2025) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an already-authenticated local user run code at elevated privilege. The CVSS 3.1 base score is 7.8 with a scope-changed vector, and Microsoft has shipped a fix via MSRC. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, so exploitation is currently theoretical rather than observed.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.8
EPSS
1.4%
Prev Page 9 of 20 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy