128
Open CVEs
0
Exploited
0
KEV
0
Unpatched
0
No Workaround
29
Internet-facing
Why this provider is risky now
This provider has 128 open CVE(s) in the last 14 days. 29 affect internet-facing services. 9 impact the management/identity plane.
9 Mgmt / Admin Plane
29 Internet-facing
Top Risky CVEs
CVE-2026-26167
This Week
Local privilege escalation in Windows Push Notifications across Windows 10/11 and Server 2016-2025 allows low-privileged authenticated users to gain SYSTEM-level access via race condition exploitation. The vulnerability affects all currently supported Windows versions with confirmed vendor patches available. Attack complexity is low with no user interaction required, enabling straightforward exploitation once local access is obtained. The scope change (S:C) indicates the attacker can impact reso
Within 24 hours: Inventory all Windows 10, 11, and Server 2016-2025 systems in your environment and confirm current patch levels. Within 7 days: Apply vendor-released security updates to all affected systems-prioritize domain controllers, privileged access workstations, and systems handling sensitive data. Within 30 days: Complete remediation across all remaining Windows systems; verify patch installation via Windows Update history or WSUS reporting.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
8.8
CVSS
0.1%
EPSS
49
Priority
CVE-2026-33824
Act Now
Remote code execution vulnerability in Windows IKE Extension affects Windows 10/11 and Windows Server 2016-2025 via double-free memory corruption (CWE-415). Unauthenticated remote attackers can exploit this over the network with low complexity to achieve complete system compromise (CVSS 9.8). Vendor-released patches are available per Microsoft's security update guide. No public exploit identified at time of analysis, but the critical CVSS score and network attack vector indicate high real-world
Within 24 hours: Verify all Windows 10, 11, and Server 2016-2025 systems in the environment and confirm patch availability status from Microsoft security updates. Within 7 days: Deploy the vendor-released patch across all affected systems, prioritizing internet-facing and critical infrastructure servers. Within 30 days: Complete patch deployment across the entire Windows estate and validate remediation through vulnerability scanning.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing technique: authentication-bypass
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Microsoft Windows (Operating Systems)
9.8
CVSS
0.1%
EPSS
49
Priority
CVE-2025-65115
This Week
Remote code execution in Hitachi's JP1/IT Desktop Management suite allows authenticated network attackers to execute arbitrary code on Windows systems running Manager, Operations Director, and Client components. Affects multiple product generations spanning versions 9.x through 13.x across nine distinct product lines. CVSS score of 8.8 reflects network-accessible attack surface with low complexity requiring only low-privilege authentication. No public exploit identified at time of analysis, though CWE-73 (external control of file name or path) indicates potential for path traversal-based exploitation. Hitachi has released patches addressing versions 13-50-02, 13-11-04, 13-10-07, 13-01-07, 13-00-05, and 12-60-12 for actively supported products.
Within 24 hours: Identify all systems running Hitachi JP1/IT Desktop Management suite versions 9.x-13.x (Manager, Operations Director, Client components) and document current installed versions. Within 7 days: Apply vendor-released patches to versions 13-50-02, 13-11-04, 13-10-07, 13-01-07, 13-00-05, and 12-60-12 per Hitachi advisory; prioritize versions 13.x first. Within 30 days: Complete patch deployment across all affected product lines, verify patching in staging environment before production rollout, and conduct post-patch validation testing.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing technique: rce
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
8.8
CVSS
0.1%
EPSS
44
Priority
CVE-2026-26163
This Week
Windows Kernel double free vulnerability enables local privilege escalation across Windows 10, 11, and Server editions when exploited by authenticated users with low-level privileges. The CWE-415 flaw affects all currently supported Windows versions from legacy Windows Server 2012 R2 through the latest Windows 11 26H1 and Windows Server 2025 builds. With CVSS 7.8 (AV:L/AC:L/PR:L), the vulnerability requires only local access and low-privilege authentication, making it valuable for second-stage a
Within 24 hours: Verify patch availability from Microsoft and prioritize inventory of affected systems (Windows 10, 11, Server 2012 R2-2025). Within 7 days: Deploy vendor-released patch to all production Windows systems, prioritizing servers and high-value endpoints; test patch in non-production environment first. Within 30 days: Achieve 100% patch coverage across the organization and validate remediation via security scanning; review and strengthen controls on local account privilege escalation and lateral movement detection.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
7.8
CVSS
0.1%
EPSS
44
Priority
CVE-2026-26179
This Week
Local privilege escalation in the Windows Kernel via double free vulnerability enables low-privileged authenticated users to gain SYSTEM-level access across Windows 11 (versions 22H3 through 26H1) and Windows Server 2022/2025. The vulnerability requires local access and low privileges (PR:L) but presents low attack complexity (AC:L) with no user interaction required. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the straightforward attack complexity and severe impact make this a priority for patching in enterprise environments.
Within 24 hours: Identify all Windows 11 and Windows Server 2022/2025 systems in your environment and confirm current patch levels. Within 7 days: Deploy vendor-released patches to all affected systems beginning with critical infrastructure and servers handling sensitive data; prioritize Windows Server systems in production environments. Within 30 days: Achieve 100% patch coverage across all Windows 11 and Windows Server 2022/2025 deployments and validate remediation through configuration management tools.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
7.8
CVSS
0.1%
EPSS
44
Priority
CVE-2026-26180
This Week
Heap-based buffer overflow in the Windows Kernel enables local privilege escalation to SYSTEM on Windows 10 (versions 1607 through 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server (2012 through 2025). Authenticated local attackers with low privileges can exploit this memory corruption vulnerability to gain complete system control. Microsoft has released patches addressing 21 affected product versions. No public exploit identified at time of analysis, though the local attack vec
Within 24 hours: Identify all affected Windows 10 (1607-22H2), Windows 11 (22H3-26H1), and Windows Server (2012-2025) systems in your environment. Within 7 days: Deploy Microsoft's released security patch to all affected devices via Windows Update or WSUS; prioritize domain controllers, administrative workstations, and servers hosting sensitive data. Within 30 days: Complete patch deployment across all remaining systems and verify remediation through vulnerability scanning.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
7.8
CVSS
0.1%
EPSS
44
Priority
CVE-2026-27914
This Week
Microsoft Management Console privilege escalation affects all supported Windows versions (10, 11, Server 2012-2025) via improper access control, allowing authenticated local users to gain SYSTEM-level privileges. CVSS 7.8 (High) reflects significant impact with low attack complexity requiring only low-level user credentials. Vendor-released patches available across all affected platforms through Microsoft's May 2025 update cycle. No public exploit identified at time of analysis, though the authe
Within 24 hours: Inventory all Windows 10, 11, and Server 2012-2025 systems and verify patch deployment status through WSUS or endpoint management tools. Within 7 days: Deploy Microsoft's May 2025 security updates to all affected systems, prioritizing domain-joined workstations and servers with administrative sensitivity. Within 30 days: Confirm 100% patch compliance through automated reporting and validate successful installation via vulnerability scanning.
Edge exposure
ICT dependency
Management plane
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing technique: authentication-bypass
- • Third-party ICT: Microsoft Windows
- • Management plane (Improper Access Control)
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
- • Authentication / access control weakness
7.8
CVSS
0.1%
EPSS
44
Priority
CVE-2026-26172
This Week
Local privilege escalation in Windows Push Notifications service affects Windows 10 21H2/22H2, Windows 11 22H3-26H1, and Windows Server 2022/2025 via race condition vulnerability. Authenticated low-privilege attackers can gain SYSTEM-level privileges through improper synchronization during concurrent operations (CWE-362). CVSS 7.8 (High) with high attack complexity (AC:H) and scope change (S:C). No public exploit identified at time of analysis. Microsoft released patches in January 2026 security
Within 24 hours: Identify all systems running Windows 10 21H2/22H2, Windows 11 22H3-26H1, and Windows Server 2022/2025 using asset management tools. Within 7 days: Deploy Microsoft's January 2026 security updates to all affected systems through your patch management system; prioritize domain-joined workstations and servers with elevated access. Within 30 days: Verify 100% patch compliance through vulnerability scanning and validate successful updates across all asset classes.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
7.8
CVSS
0.0%
EPSS
44
Priority
CVE-2026-27910
This Week
Windows Installer privilege escalation via improper permission handling enables authenticated local users to gain SYSTEM-level access across all supported Windows 10, 11, and Server platforms (2012-2025). The vulnerability (CWE-280: Improper Handling of Insufficient Privileges) requires low-privilege local access but offers complete system compromise with low attack complexity. CVSS 7.8 High severity reflects full confidentiality, integrity, and availability impact. Vendor-released patches are a
Within 24 hours: Inventory all affected Windows 10, 11, and Server 2012-2025 systems and prioritize patching for systems with multiple local user accounts or contractor access. Within 7 days: Deploy vendor-released patches across all affected platforms; verify patch application through WSUS or endpoint management tools. Within 30 days: Complete full remediation across the organization and validate patch compliance via automated scanning.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
7.8
CVSS
0.0%
EPSS
44
Priority
CVE-2026-32158
This Week
Privilege escalation in Windows Push Notifications service across Windows 10, 11, and Server versions (1809 through 26H1) allows low-privileged local attackers to gain SYSTEM-level access via race condition exploitation. The vulnerability stems from improper synchronization when multiple threads access shared resources in the notification framework, enabling scope escape from user context to elevated privileges. Vendor-released patches are available for all affected versions. No public exploit i
Within 24 hours: identify all Windows 10, 11, and Server 2019/2022 systems (versions 1809-26H1) in your environment using endpoint management tools. Within 7 days: apply vendor-released patches to all affected systems, prioritizing domain controllers, privileged access workstations, and systems with sensitive data access. Within 30 days: validate patch deployment across 100% of inventory and enable Windows Update for automatic delivery of future critical patches.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Microsoft Windows
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Microsoft Windows (Operating Systems)
7.8
CVSS
0.0%
EPSS
44
Priority
By Exposure
Internet-facing
29
Mgmt / Admin Plane
9
Identity / Auth
4
Internal only
98
By Exploitability
Known exploited
0
Public PoC
0
High EPSS (>30%)
0
Remote unauthenticated
13
Local only
105
By Remediation
Patch available
128
No patch
0
Workaround available
83
No workaround
0
Affected Services / Product Families
Windows Server 2025
121 CVE(s)
+ 111 more
Windows Server 2022
114 CVE(s)
+ 104 more
Windows Server 2019
104 CVE(s)
+ 94 more
Windows Server 2016
85 CVE(s)
+ 75 more
Windows Server 2012
56 CVE(s)
+ 46 more