Monthly
Remote code execution in the Microsoft Windows Event Logging Service allows an authenticated attacker with low privileges to execute code over a network after enticing a user into an interaction (UI:R), due to insufficient granularity of access control (CWE-1220). The flaw affects a broad range of Windows client and server builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Local privilege escalation in the Windows Filtering Platform (WFP) lets an authenticated low-privileged user gain higher privileges on affected Windows 10, Windows 11, and Windows Server systems (Server 2012 through Server 2025). Rooted in insufficient access-control granularity (CWE-1220), a local attacker with a valid session can manipulate WFP to reach SYSTEM-level access. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft rates the confidentiality, integrity, and availability impact as High.
Local privilege escalation in Microsoft Surface devices (Go, Hub, Laptop Go/Go 3, Pro/Pro 8, Laptop 4 AMD/Intel, Windows Dev Kit) allows an authenticated low-privileged user to gain higher privileges through insufficiently granular access control (CWE-1220) in the device firmware/platform layer. The flaw carries a CVSS 7.8 (High) with full confidentiality, integrity, and availability impact once exploited, but requires prior local access. No public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft has released a fix via MSRC.
Local privilege escalation in Microsoft Active Directory Federation Services (AD FS) lets an already-authenticated low-privileged user on the host gain higher privileges due to insufficient granularity of access control (CWE-1220). Affected deployments span AD FS on Windows Server 2012 through Windows Server 2025, and the flaw carries a CVSS 7.8 with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so this is a patch-priority-driven rather than exploitation-driven risk.
Local privilege escalation in Microsoft Exchange Server (2016 CU23, 2019 CU14/CU15, and Subscription Edition RTM) allows an authenticated attacker with low-level privileges on the server to elevate to higher privileges due to insufficiently granular access controls (CWE-1220). The CVSS 3.1 score of 7.8 (AV:L/AC:L/PR:L) reflects local exploitation yielding full confidentiality, integrity, and availability impact. A vendor patch is available; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Local privilege escalation in the Windows StateRepository API lets an already-authenticated low-privileged user gain higher (typically SYSTEM-level) privileges due to insufficiently granular access control (CWE-1220). It affects a broad range of currently supported Windows client and server builds (Windows 10 1809 through Windows 11 26H1, and Windows Server 2019/2022/2025). The flaw was reported by Microsoft, a vendor patch is available, and there is no public exploit identified at time of analysis (not listed in CISA KEV).
Unauthorized child group disclosure in Red Hat Build of Keycloak's Fine-Grained Admin Permissions v2 (FGAP v2) exposes group names, paths, and custom attributes to delegated administrators who lack direct authorization over those child groups. When FGAP v2 is enabled and a delegated admin queries child groups through a parent group endpoint, the system omits the required per-permission filter, returning records that should be outside the caller's scope. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, placing it in the category of a low-severity information disclosure risk that is nonetheless significant in multi-tenant IAM environments where group attribute confidentiality matters.
Information disclosure in Red Hat Build of Keycloak's group members endpoint allows a highly privileged but delegated administrator to bypass explicitly configured user profile attribute access controls. An administrator granted only delegated read access to group memberships and user data can invoke the group members API endpoint to retrieve user attributes that have been administratively denied to that role, circumventing the intended granularity of access control. No active exploitation has been confirmed (not in CISA KEV), no public exploit code has been identified, and the CVSS score of 2.7 (Low) reflects the high privilege prerequisite and limited confidentiality impact.
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures. Rated high severity (CVSS 7.1). No vendor patch available.
Broken access control in Keycloak's Account Resources user lookup endpoint exposes full PII profiles of all realm users to any authenticated user who owns at least one User-Managed Access (UMA) resource. By sending crafted requests with arbitrary usernames or email values to this endpoint, the attacker receives complete profile objects for unrelated realm members - bypassing the intended per-user data isolation. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog, but the low attack complexity and minimal privilege requirement (any UMA resource owner) make it a meaningful insider-threat and tenant-isolation risk in shared Keycloak deployments.
Remote code execution in the Microsoft Windows Event Logging Service allows an authenticated attacker with low privileges to execute code over a network after enticing a user into an interaction (UI:R), due to insufficient granularity of access control (CWE-1220). The flaw affects a broad range of Windows client and server builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Local privilege escalation in the Windows Filtering Platform (WFP) lets an authenticated low-privileged user gain higher privileges on affected Windows 10, Windows 11, and Windows Server systems (Server 2012 through Server 2025). Rooted in insufficient access-control granularity (CWE-1220), a local attacker with a valid session can manipulate WFP to reach SYSTEM-level access. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft rates the confidentiality, integrity, and availability impact as High.
Local privilege escalation in Microsoft Surface devices (Go, Hub, Laptop Go/Go 3, Pro/Pro 8, Laptop 4 AMD/Intel, Windows Dev Kit) allows an authenticated low-privileged user to gain higher privileges through insufficiently granular access control (CWE-1220) in the device firmware/platform layer. The flaw carries a CVSS 7.8 (High) with full confidentiality, integrity, and availability impact once exploited, but requires prior local access. No public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft has released a fix via MSRC.
Local privilege escalation in Microsoft Active Directory Federation Services (AD FS) lets an already-authenticated low-privileged user on the host gain higher privileges due to insufficient granularity of access control (CWE-1220). Affected deployments span AD FS on Windows Server 2012 through Windows Server 2025, and the flaw carries a CVSS 7.8 with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so this is a patch-priority-driven rather than exploitation-driven risk.
Local privilege escalation in Microsoft Exchange Server (2016 CU23, 2019 CU14/CU15, and Subscription Edition RTM) allows an authenticated attacker with low-level privileges on the server to elevate to higher privileges due to insufficiently granular access controls (CWE-1220). The CVSS 3.1 score of 7.8 (AV:L/AC:L/PR:L) reflects local exploitation yielding full confidentiality, integrity, and availability impact. A vendor patch is available; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Local privilege escalation in the Windows StateRepository API lets an already-authenticated low-privileged user gain higher (typically SYSTEM-level) privileges due to insufficiently granular access control (CWE-1220). It affects a broad range of currently supported Windows client and server builds (Windows 10 1809 through Windows 11 26H1, and Windows Server 2019/2022/2025). The flaw was reported by Microsoft, a vendor patch is available, and there is no public exploit identified at time of analysis (not listed in CISA KEV).
Unauthorized child group disclosure in Red Hat Build of Keycloak's Fine-Grained Admin Permissions v2 (FGAP v2) exposes group names, paths, and custom attributes to delegated administrators who lack direct authorization over those child groups. When FGAP v2 is enabled and a delegated admin queries child groups through a parent group endpoint, the system omits the required per-permission filter, returning records that should be outside the caller's scope. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, placing it in the category of a low-severity information disclosure risk that is nonetheless significant in multi-tenant IAM environments where group attribute confidentiality matters.
Information disclosure in Red Hat Build of Keycloak's group members endpoint allows a highly privileged but delegated administrator to bypass explicitly configured user profile attribute access controls. An administrator granted only delegated read access to group memberships and user data can invoke the group members API endpoint to retrieve user attributes that have been administratively denied to that role, circumventing the intended granularity of access control. No active exploitation has been confirmed (not in CISA KEV), no public exploit code has been identified, and the CVSS score of 2.7 (Low) reflects the high privilege prerequisite and limited confidentiality impact.
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures. Rated high severity (CVSS 7.1). No vendor patch available.
Broken access control in Keycloak's Account Resources user lookup endpoint exposes full PII profiles of all realm users to any authenticated user who owns at least one User-Managed Access (UMA) resource. By sending crafted requests with arbitrary usernames or email values to this endpoint, the attacker receives complete profile objects for unrelated realm members - bypassing the intended per-user data isolation. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog, but the low attack complexity and minimal privilege requirement (any UMA resource owner) make it a meaningful insider-threat and tenant-isolation risk in shared Keycloak deployments.