Skip to main content
CVE-2026-15410 HIGH POC KEV THREAT NEWS Act Now

Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.

RCE Code Injection Sma1000
NVD VulDB
CVSS 3.1
7.2
EPSS
1.6%
Threat
5.4
CVE-2026-56155 HIGH POC KEV PATCH THREAT Exploited Act Now

Local privilege escalation in Microsoft Active Directory Federation Services (AD FS) lets an already-authenticated low-privileged user on the host gain higher privileges due to insufficient granularity of access control (CWE-1220). Affected deployments span AD FS on Windows Server 2012 through Windows Server 2025, and the flaw carries a CVSS 7.8 with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so this is a patch-priority-driven rather than exploitation-driven risk.

Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 Windows Server 2012 Windows Server 2012 Server Core Installation +9
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
Threat
4.6
CVE-2026-15701 HIGH POC This Week

Stack-based buffer overflow in the Totolink NR1800X router (firmware 9.1.0u.6279_B20210910) lets remote attackers corrupt memory by supplying an oversized HTTP Host header to the Form_Logout handler at /formLogout.htm, served by the embedded lighttpd web interface. Because the flaw is reachable over the network without authentication and publicly available exploit code exists, it is a strong candidate for opportunistic exploitation despite not yet appearing in CISA KEV. Successful exploitation can crash the device or, given the CWE-121 stack overwrite, potentially achieve code execution on the router.

Buffer Overflow Stack Overflow Nr1800X
NVD VulDB GitHub
CVSS 4.0
8.9
EPSS
0.8%
CVE-2026-50489 HIGH POC PATCH Exploit Likely This Week

Local privilege escalation in the Windows Win32K kernel subsystem (CWE-122 heap-based buffer overflow) lets an already-authenticated low-privileged attacker corrupt kernel heap memory and gain SYSTEM-level control across a broad range of Windows client and server releases. The flaw carries a CVSS 3.1 base score of 8.8 with a changed scope (S:C), reflecting that a user-mode process can compromise the kernel security boundary. It was reported by Microsoft, a vendor patch is available, and there is no public exploit identified at time of analysis.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2026-49795 HIGH POC PATCH Exploit Likely This Week

Local privilege escalation in the Windows Kernel lets an already-authenticated attacker corrupt kernel memory via a use-after-free (CWE-416) and gain full control of the host. The CVSS 3.1 vector (AV:L/PR:L, scope-changed with C:H/I:H/A:H) reflects a low-privileged local user escalating to SYSTEM-level compromise across a broad range of Windows 10, Windows 11, and Windows Server builds. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2026-58477 HIGH POC This Week

Configuration tampering in the Sustainable Irrigation Platform (SIP) through version 5.2.16 lets remote unauthenticated attackers overwrite sensitive settings - including the passphrase and listening port - by injecting arbitrary parameter names into HTTP requests. Because the application binds request parameters directly to internal configuration objects without an allow-list, the same effect can be triggered blindly through cross-site request forgery against an authenticated operator's browser. Publicly available exploit code exists (ZeroScience ZSL-2026-5997), but there is no public exploit identified as being used in active attacks and it is not listed in CISA KEV.

CSRF Sip
NVD
CVSS 4.0
8.8
EPSS
0.4%
CVE-2026-60114 HIGH POC This Week

Arbitrary file write in Sustainable Irrigation Platform (SIP) through 5.2.16 lets remote attackers plant JSON files outside the intended data directory by abusing the JSON backup-restore feature, which builds file paths from attacker-controlled keys without validation. Because the default deployment ships with no required passphrase (or the hardcoded default 'opendoor'), an attacker can reach the restore endpoint without legitimate credentials. Publicly available exploit code exists (VulnCheck / Zero Science advisory), and EPSS/KEV data were not provided, so exploitation appears proof-of-concept rather than confirmed in-the-wild.

Path Traversal Sip
NVD
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-54128 HIGH POC PATCH NEWS Exploit Likely This Week

Local code execution in the Windows DHCP Client service stems from a use-after-free (CWE-416) memory-corruption flaw affecting a broad range of Windows 10, Windows 11, and Windows Server releases (Server 2012 through Server 2025). Per the CVSS vector an unauthenticated attacker with local access can achieve high-impact code execution with no user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a patch through the MSRC update guide.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
8.4
EPSS
0.3%
CVE-2026-54992 HIGH POC PATCH NEWS Exploit Likely This Week

Local code execution in the Microsoft Message Queuing (MSMQ) Queue Manager affects a broad range of Windows client and server releases from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. A heap-based buffer overflow (CWE-122) lets an attacker who can reach the local MSMQ service run arbitrary code with high confidentiality, integrity, and availability impact; the CVSS 3.1 base score is 8.4 with a local attack vector but no privileges or user interaction required. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the vendor (Microsoft) has released a patch.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
8.4
EPSS
0.4%
CVE-2026-50667 HIGH POC PATCH Exploit Likely This Week

Elevation of privilege in the Windows NTFS file-system driver lets an already-authenticated local user escalate to SYSTEM by winning a race condition (CWE-362) in the way NTFS handles a shared resource without proper synchronization. All currently supported Windows client and server builds are affected, from Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025. There is no public exploit identified at time of analysis, but Microsoft has released a patch and rates the impact as full loss of confidentiality, integrity, and availability once exploited.

Microsoft Race Condition Information Disclosure Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2026-12583 HIGH POC PATCH This Week

Unauthenticated PHP object injection in the Newsletters WordPress plugin before 4.15 lets remote attackers deserialize attacker-controlled data submitted through a public-facing form, then leverage a property-oriented gadget chain bundled inside the plugin itself to write arbitrary files and achieve remote code execution on the host. Publicly available exploit code exists (published via WPScan), though there is no public exploit identified as being used in active attacks and the flaw is not listed in CISA KEV. The self-contained gadget chain removes the usual dependency on third-party gadgets, making reliable exploitation notably more achievable than typical POI bugs.

PHP WordPress Deserialization Newsletters
NVD WPScan
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-12511 HIGH POC PATCH This Week

Arbitrary file write in the AI Engine WordPress plugin before 3.5.5 lets authenticated editor-level users abuse an unsanitized, user-supplied filename during a file-download-and-save operation to plant attacker-controlled bytes anywhere the web server user can write via path traversal. Because writing a PHP payload into the webroot typically yields remote code execution, this crosses from a content-management flaw into full site compromise. Publicly available exploit code exists and a vendor patch has shipped, though the issue is not listed in CISA KEV.

Path Traversal WordPress Ai Engine
NVD WPScan
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-58633 HIGH POC PATCH Exploit Likely This Week

Local privilege escalation in the Desktop Window Manager (DWM) component of Windows 11 version 26H1 allows an authenticated local attacker to elevate to SYSTEM by triggering a use-after-free memory corruption condition. The CVSS 3.1 vector (AV:L/PR:L) confirms an already-authenticated low-privileged user is required, and full compromise of confidentiality, integrity, and availability follows successful exploitation. Microsoft has released a patch; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Windows 11 Version 26H1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50655 HIGH POC PATCH NEWS Exploit Likely This Week

Local code execution in the Windows Media component of supported Windows 10, Windows 11, and Windows Server (2016 through 2025) releases lets an unauthorized attacker run arbitrary code when a victim opens a maliciously crafted media file. The flaw is a heap-based buffer overflow (CWE-122) reported by Microsoft with a vendor patch available; there is no public exploit identified at time of analysis. CVSS is 7.8 (High), driven by full confidentiality, integrity, and availability impact but gated by local vector and required user interaction.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2026-50423 HIGH POC PATCH Exploit Likely This Week

Local privilege escalation in the Microsoft Windows Kernel allows an already-authenticated attacker to elevate to SYSTEM-level privileges across a wide range of Windows 10, Windows 11, and Windows Server builds. The flaw stems from improper access control (CWE-284) in kernel-mode code and requires local low-privileged access with no user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the trivial attack complexity and SYSTEM-level impact make it a standard patch-Tuesday priority.

Authentication Bypass Microsoft Windows 10 Version 21H2 Windows 10 Version 22H2 Windows 11 Version 24H2 +5
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2026-15695 HIGH POC This Week

Stack-based buffer overflow in the Tenda BE12 Pro Wi-Fi router (firmware 16.03.66.23) lets an attacker corrupt the stack by supplying an oversized 'page' argument to the /goform/DhcpListClient web endpoint handled by the fromDhcpListClient function. The flaw is reachable over the network and publicly available exploit code exists (disclosed via VulDB), though it is not listed in CISA KEV and no EPSS score was provided. Per the supplied CVSS 4.0 vector (PR:L) the attack requires low-level authentication to the device, and successful exploitation can crash the router or potentially achieve arbitrary code execution.

Tenda Buffer Overflow Stack Overflow Be12 Pro
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.8%
CVE-2026-15696 HIGH POC This Week

Stack-based buffer overflow in the Tenda BE12 Pro router (firmware 16.03.66.23) allows remote attackers to corrupt memory via the fromVirtualSer handler for the /goform/VirtualSer endpoint by supplying an oversized 'page' argument. The flaw carries CVSS 4.0 7.4 and, per its vector, requires low-level privileges (PR:L); publicly available exploit code exists, though there is no public exploit identified as actively used in the wild (not in CISA KEV). Successful exploitation can crash the device or potentially lead to arbitrary code execution on the embedded MIPS/ARM firmware.

Tenda Buffer Overflow Stack Overflow Be12 Pro
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.8%
CVE-2026-15694 HIGH POC This Week

Stack-based buffer overflow in the Tenda BE12 Pro router (firmware 16.03.66.23) lets attackers corrupt memory by manipulating the 'page' argument passed to the fromSetIpBind function of the /goform/SetIpBind endpoint. The flaw is remotely reachable over the network and, per the CVSS 4.0 vector, requires low-level privileges (PR:L) while yielding high confidentiality, integrity, and availability impact - typically resulting in device crash or arbitrary code execution on the router. Publicly available exploit code exists (E:P), disclosed via VulDB, though it is not listed in CISA KEV.

Tenda Buffer Overflow Stack Overflow Be12 Pro
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.8%
CVE-2026-15693 HIGH POC This Week

Stack-based buffer overflow in the Tenda BE12 Pro Wi-Fi router (firmware 16.03.66.23) lets remote attackers corrupt memory by manipulating the 'page' argument of the fromSafeMacFilter handler at /goform/SafeMacFilter. Publicly available exploit code exists, though there is no public exploit identified as being used in active campaigns and it is not listed in CISA KEV. Successful exploitation can crash the device or potentially achieve code execution on the router's embedded OS. EPSS data was not provided.

Tenda Buffer Overflow Stack Overflow Be12 Pro
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.5%
CVE-2026-15692 HIGH POC This Week

Stack-based buffer overflow in the Tenda BE12 Pro router firmware 16.03.66.23 lets an authenticated remote attacker corrupt memory via the fromSafeUrlFilter handler at /goform/SafeUrlFilter by supplying an oversized 'page' parameter. Publicly available exploit code exists (published via VulDB), though the flaw is not listed in CISA KEV and no active exploitation has been confirmed. The CVSS 4.0 vector (7.4, PR:L) indicates network reachability with low-privilege authentication and high impact to confidentiality, integrity, and availability of the device.

Tenda Buffer Overflow Stack Overflow Be12 Pro
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.8%
CVE-2026-15691 HIGH POC This Week

Stack-based buffer overflow in the Tenda BE12 Pro (firmware 16.03.66.23) web management interface lets an attacker corrupt memory by supplying an oversized 'page' argument to the fromSafeClientFilter handler at /goform/SafeClientFilter, potentially crashing the device or executing arbitrary code with router privileges. Per the CVSS 4.0 vector the flaw is network-reachable but requires low-level privileges (PR:L). Publicly available exploit code exists (disclosed via VulDB), but there is no public exploit identified as being used in active attacks and it is not listed in CISA KEV.

Tenda Buffer Overflow Stack Overflow Be12 Pro
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.8%
CVE-2026-58476 HIGH POC This Week

Cross-site request forgery in the Sustainable Irrigation Platform (SIP) through 5.2.16 lets remote attackers execute state-changing administrative actions when a logged-in administrator is lured to a malicious page, because administrative endpoints accept HTTP GET requests with no CSRF token or origin validation. An attacker can disable the passphrase, reboot the irrigation controller, delete watering programs, or install plugins; in the default configuration these endpoints are exposed to unauthenticated users because no passphrase is required and the default credential is 'opendoor'. Publicly available exploit code exists (ZeroScience ZSL-2026-5995), though there is no public exploit identified as being used in active campaigns.

CSRF Sip
NVD
CVSS 4.0
7.0
EPSS
0.2%
CVE-2026-48332 HIGH Act Now

Server-side request forgery in Adobe ColdFusion lets a low-privileged, authenticated attacker coerce the server into issuing crafted outbound requests, bypassing a security control and gaining unauthorized read access to resources the attacker should not reach. The CVSS 3.1 scope-changed vector (S:C, C:H) indicates the impact extends beyond ColdFusion itself to backend or internal systems it can reach. No public exploit identified at time of analysis, and the flaw is not listed in CISA KEV; remediation is available via Adobe security bulletin APSB26-82.

SSRF Coldfusion
NVD
CVSS 3.1
7.7
EPSS
12.0%
CVE-2026-54118 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in Microsoft SQL Server (2016 SP3 through 2025) allows an authenticated, low-privileged attacker to run arbitrary code on the database server by sending crafted data that the engine deserializes unsafely (CWE-502). Any account able to submit queries or data over the network to a vulnerable instance can achieve full compromise of confidentiality, integrity, and availability. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CVSS 8.8 rating and the RCE-with-low-privilege profile make it a high-priority patch.

Deserialization Microsoft Sql Server 2016 Service Pack 3 Gdr Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack Microsoft Sql Server 2017 Cu 31 Microsoft Sql Server 2017 Gdr +6
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2026-54117 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in Microsoft SQL Server 2025 (CU6 and the x64 GDR branch) lets an authenticated attacker run arbitrary code across the network by supplying maliciously crafted serialized data that the server deserializes without validation (CWE-502). The flaw was reported by Microsoft, carries a CVSS 3.1 base score of 8.8, and a vendor patch is available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Deserialization Microsoft Sql Server 2025 Cu 6 Microsoft Sql Server 2025 For X64 Based Systems Gdr
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2026-56196 HIGH PATCH Exploit Unlikely This Week

Remote code execution in Microsoft Windows Admin Center allows an authenticated attacker to run arbitrary code over the network by exploiting a relative path traversal (CWE-23) flaw. Any user holding valid low-privilege credentials to the WAC gateway can leverage the traversal to break out of the intended file path and achieve full compromise (confidentiality, integrity, and availability impact all High). Microsoft has published a patch via MSRC; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Microsoft Path Traversal Windows Admin Center
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2026-47295 HIGH PATCH Exploit Unlikely This Week

Privilege elevation in Microsoft SQL Server (2016 SP3 through 2025) allows an authenticated attacker to inject crafted SQL commands over the network and gain higher database privileges (CVSS 8.8). The flaw is a classic improper neutralization of special elements (CWE-89) reachable by any principal already holding low-level database access. No public exploit has been identified at time of analysis, and it is not listed in CISA KEV, though a vendor patch is available.

SQLi Microsoft Sql Server 2016 Service Pack 3 Gdr Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack Microsoft Sql Server 2017 Cu 31 Microsoft Sql Server 2017 Gdr +6
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2026-56197 HIGH PATCH Exploit Unlikely This Week

Authenticated remote code execution in Microsoft Windows Admin Center (CWE-77) lets an attacker with low-privilege access inject and run arbitrary commands over the network, yielding full confidentiality, integrity, and availability compromise (CVSS 8.8). Microsoft has released a patch; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Microsoft Command Injection Windows Admin Center
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2026-56642 HIGH PATCH This Week

Remote code execution in Microsoft Fabric Data Warehouse allows an authenticated attacker to run arbitrary code over the network by triggering a stack-based buffer overflow (CWE-121). The flaw carries a CVSS 8.8 rating with high impact to confidentiality, integrity, and availability, and requires only low-privilege access with no user interaction. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, but a vendor patch is available via MSRC.

Buffer Overflow Stack Overflow Microsoft Service Fabric
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2026-57102 HIGH PATCH This Week

Security-feature bypass in Microsoft Visual Studio Code lets a remote attacker deliver functionality from an untrusted control sphere (CWE-829) that circumvents a built-in protection, yielding high confidentiality, integrity, and availability impact once a victim opens or interacts with attacker-supplied content. Rated CVSS 8.8 (AV:N/AC:L/PR:N/UI:R), it requires user interaction but no authentication, and Microsoft has released a fix via MSRC. There is no public exploit identified at time of analysis and it is not on the CISA KEV list.

Authentication Bypass Visual Studio Code
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2026-58277 HIGH PATCH Exploit Unlikely This Week

Privilege elevation in Microsoft SharePoint Server (Enterprise Server 2016 and Server 2019) allows an authenticated network attacker to abuse an improper authorization check to gain higher privileges within the SharePoint environment. The flaw is tagged as an authentication bypass and carries a CVSS 8.8, reflecting high impact to confidentiality, integrity, and availability from a low-privileged starting point. Microsoft has released a patch; there is no public exploit identified at time of analysis and no CISA KEV listing.

Authentication Bypass Microsoft Microsoft Sharepoint Enterprise Server 2016 Microsoft Sharepoint Server 2019
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2026-55005 HIGH PATCH Exploit Unlikely This Week

Remote code execution in Microsoft Exchange Server (2016 CU23, 2019 CU14/CU15, and Subscription Edition RTM) lets an authenticated attacker corrupt heap memory to run arbitrary code across the network. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N) shows low-privilege network exploitation with full confidentiality, integrity, and availability impact, and Microsoft has released a patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Heap Overflow Buffer Overflow Microsoft Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 14 +2
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2026-50444 HIGH PATCH NEWS Exploit Unlikely This Week

Privilege elevation in Microsoft's Windows Server Update Services (WSUS) role allows a network-based, low-privileged attacker to gain higher privileges due to a missing authentication check on a critical function (CWE-306). The flaw affects WSUS as shipped on Windows Server 2012 through 2025 (and client builds Windows 10 1607/1809), with a CVSS 3.1 base score of 8.8; Microsoft has released a patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the network-reachable, low-complexity nature makes this a high-priority patch for update-management infrastructure.

Authentication Bypass Microsoft Windows 10 Version 1607 Windows 10 Version 1809 Windows Server 2012 +10
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-47303 HIGH PATCH Exploit Unlikely This Week

Privilege elevation in ASP.NET Core (bundled with .NET 8.0, 9.0, and 10.0) lets an already-authenticated, low-privileged network attacker bypass authentication controls by tampering with data the framework wrongly assumes to be immutable (CWE-302). Microsoft reported and patched the flaw; there is no public exploit identified at time of analysis and it is not on CISA KEV. At CVSS 8.8 with PR:L, an authorized user can escalate to higher privileges over the network.

Authentication Bypass Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 +2
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-47300 HIGH PATCH Exploit Unlikely This Week

Privilege elevation in ASP.NET Core (bundled with .NET 8.0, 9.0, and 10.0) lets an already-authenticated, low-privileged network attacker gain higher privileges by abusing a flawed authentication algorithm implementation (CWE-303). Microsoft reported the flaw and has released a patch; there is no public exploit identified at time of analysis and it is not on the CISA KEV. The 8.8 CVSS reflects high confidentiality, integrity, and availability impact reachable over the network with only low prior privileges.

Information Disclosure Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 +2
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-55052 HIGH PATCH This Week

Privilege escalation in Microsoft SharePoint Server (Enterprise Server 2016, Server 2019, and Subscription Edition) lets an already-authenticated network user gain higher privileges by exploiting a missing authorization check (CWE-862). Any low-privileged account with access to the SharePoint web application can abuse the flaw to perform actions reserved for higher-privileged roles, with full confidentiality, integrity, and availability impact per the CVSS 8.8 rating. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Microsoft Microsoft Sharepoint Enterprise Server 2016 Microsoft Sharepoint Server 2019 Microsoft Sharepoint Server Subscription Edition
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-57969 HIGH PATCH This Week

Privilege escalation in Microsoft Azure CycleCloud 8.9.1 allows an authorized (low-privileged) attacker to gain elevated privileges over the network by reaching a critical function that lacks an authentication check (CWE-306). Reported by Microsoft with a patch available and rated CVSS 8.8; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The flaw enables full compromise of the CycleCloud instance's confidentiality, integrity, and availability, making it a high-priority patch for HPC-orchestration environments.

Authentication Bypass Microsoft Azure Cyclecloud 8 9 1
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-47632 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Microsoft's Azure Monitor Agent (specifically the Metrics Extension) lets an unauthenticated attacker on an adjacent network gain elevated privileges by exploiting improper TLS certificate validation (CWE-295). Because the agent fails to properly verify the certificate of the endpoint it communicates with, an attacker positioned on the same broadcast/logical network segment can impersonate a trusted server and hijack the agent's privileged context, yielding high confidentiality, integrity, and availability impact. Microsoft rates it CVSS 8.8; there is currently no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Microsoft Azure Monitor Agent Metrics Extension
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-55034 HIGH PATCH Exploit Unlikely This Week

Cross-site scripting (CWE-79) in on-premises Microsoft SharePoint Server allows an authenticated, low-privileged attacker to inject script that executes in another user's browser session, enabling spoofing across a network. The scope-changed CVSS 3.1 rating of 8.7 (vector AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N) reflects the ability to break out of the vulnerable component's security context and impact victim data. Microsoft has released patches; there is no public exploit identified at time of analysis and CISA SSVC currently records exploitation as none.

Microsoft XSS Microsoft Sharepoint Enterprise Server 2016 Microsoft Sharepoint Server 2019 Microsoft Sharepoint Server Subscription Edition
NVD
CVSS 3.1
8.7
EPSS
0.6%
CVE-2026-55021 HIGH PATCH This Week

Spoofing via stored cross-site scripting in Microsoft SharePoint (Enterprise Server 2016, Server 2019, and Subscription Edition) allows an authenticated attacker to inject script that executes in another user's browser session across a network. CVSS is 8.7 with a scope change, reflecting that injected content escapes into the victim's authenticated context; there is no public exploit identified at time of analysis and CISA SSVC rates exploitation status as none. A vendor patch is available via Microsoft MSRC.

Microsoft XSS Microsoft Sharepoint Enterprise Server 2016 Microsoft Sharepoint Server 2019 Microsoft Sharepoint Server Subscription Edition
NVD
CVSS 3.1
8.7
EPSS
0.5%
CVE-2026-50520 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Visual Studio Code stems from a command injection flaw (CWE-77) that lets an attacker run arbitrary commands on the host with the privileges of the editor. Reported by Microsoft with a vendor patch available, the CVSS 3.1 score of 8.4 reflects full compromise of confidentiality, integrity, and availability via a local attack vector requiring no privileges or user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Command Injection Visual Studio Code
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2026-50343 HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Microsoft Install Service (Windows Installer) affects supported Windows 10, Windows 11, and Windows Server 2019-2025 builds, letting an already-authenticated local user with limited rights (PR:L) elevate to SYSTEM. The flaw stems from improper privilege management (CWE-269) in how the service handles operations, yielding full confidentiality, integrity, and availability impact. Microsoft has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Microsoft Privilege Escalation Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +8
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2026-50338 HIGH PATCH Exploit Unlikely This Week

Privilege elevation in Microsoft Azure Spring Apps allows an already-authenticated, low-privileged network attacker to gain higher privileges by abusing an improper authentication weakness (CWE-287) in the managed platform. Because the CVSS scope is marked as changed (S:C), a successful attack can reach resources beyond the attacker's originally authorized boundary, yielding high confidentiality and integrity impact. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; Microsoft has published an advisory and a patch is available server-side.

Java Authentication Bypass Microsoft Azure Spring Apps
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2026-50528 HIGH PATCH Exploit Unlikely This Week

Security feature bypass in Microsoft .NET (versions 8.0, 9.0, and 10.0) lets a remote, unauthenticated attacker circumvent an authorization control over the network due to incorrect authorization logic (CWE-863). Rated CVSS 8.2, the flaw carries a high integrity impact and requires no privileges or user interaction, though there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Microsoft has released a patch, and the affected surface also includes Visual Studio 2022 (17.12, 17.14) and Visual Studio 2026 (18.7) tooling that bundle the runtime.

Authentication Bypass Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 +2
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2026-56169 HIGH PATCH Exploit Unlikely This Week

Privilege elevation in Microsoft Windows Admin Center allows an already-authenticated (low-privileged) network attacker to bypass improper authentication controls and gain higher privileges, exposing high-value confidentiality and integrity impact. Rated CVSS 8.1 with low attack complexity and no user interaction, the flaw is remotely reachable but requires an existing authorized session. No public exploit identified at time of analysis; Microsoft has released a fix via the MSRC update guide.

Authentication Bypass Microsoft Windows Admin Center
NVD VulDB
CVSS 3.1
8.1
EPSS
0.5%
CVE-2026-47304 HIGH PATCH Exploit Unlikely This Week

Security feature bypass in Microsoft .NET (shipped via Visual Studio 2022 17.12/17.14 and Visual Studio 2026 18.7) lets a remote, unauthenticated attacker defeat a cryptographic-signature check over the network — most likely a JWT/token signature verification flaw per the vendor 'Jwt Attack' and 'Authentication Bypass' tags. By forging or tampering with signed data the runtime fails to validate correctly, an attacker can impersonate trusted principals and undermine an authentication or integrity control. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Jwt Attack Microsoft Visual Studio 2022 Version 17 12 Microsoft Visual Studio 2022 Version 17 14 Microsoft Visual Studio 2026 Version 18 7
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-55009 HIGH PATCH This Week

Local privilege escalation in Microsoft Exchange Server (2016 CU23, 2019 CU14/CU15, and Subscription Edition RTM) allows an already-authenticated attacker with low privileges to elevate to higher privileges by abusing unsafe deserialization of untrusted data. Microsoft reported the flaw and has released a patch; no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 3.1 base score is 7.8 (High), reflecting full confidentiality, integrity, and availability impact on the affected host.

Microsoft Deserialization Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 14 Microsoft Exchange Server 2019 Cumulative Update 15 +1
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2026-50646 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft .NET (Framework 3.5 through 4.8.1, .NET 8.0/9.0, and Visual Studio 2022/2026) arises from a protection mechanism failure (CWE-693) that lets an unauthorized attacker run arbitrary code once a victim is lured into opening a malicious file or project. The flaw requires user interaction (UI:R) and local delivery (AV:L) but no prior privileges (PR:N), yielding high confidentiality, integrity, and availability impact and a 7.8 CVSS score. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, but the ubiquity of .NET on Windows makes patching a priority.

Authentication Bypass Net 8 0 Net 9 0 Microsoft Net Framework 3 5 Microsoft Net Framework 3 5 And 4 7 2 +7
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2026-58647 HIGH PATCH This Week

Cross-site scripting (CWE-79) in Microsoft Power BI Report Server lets an authenticated, low-privileged attacker inject script that executes in another user's browser session, enabling spoofing of report content and hijacking of the victim's authenticated context over the network. Exploitation requires a victim to interact with attacker-controlled report content (UI:R). There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; a vendor patch is available per the MSRC advisory.

XSS Power Bi Report Server
NVD
CVSS 3.1
8.0
EPSS
0.5%
CVE-2026-50649 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft .NET 8.0 and 9.0 (and bundled Visual Studio 2022/2026 toolchains) arises from unsafe deserialization of untrusted data (CWE-502), letting an unprivileged local attacker run arbitrary code in the context of the targeted process once a user is lured into opening or processing a malicious serialized payload. The CVSS 3.1 base score is 7.8 with high impact to confidentiality, integrity, and availability, but the vector (AV:L/UI:R) confines it to local attacks that require user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Deserialization Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 Microsoft Visual Studio 2022 Version 17 14 +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
Page 1 of 12 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy