Monthly
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability.
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Memory corruption in Qualcomm Snapdragon allows local authenticated attackers with low privileges to achieve arbitrary code execution and full system compromise. The vulnerability triggers when malicious drivers invoke specific IOCTLs with intentionally malformed input/output buffers, bypassing buffer validation checks. EPSS and KEV status not available at time of analysis; advisory references May 2026 bulletin suggesting pre-disclosure analysis.
Memory corruption in Qualcomm Snapdragon camera subsystem allows local authenticated users to execute arbitrary code with high privileges through crafted input/output control (ioctl) calls targeting camera sensor interfaces with malformed output buffers. CVSS score of 7.8 reflects local attack vector requiring low-privilege account access. No EPSS data or KEV listing at time of analysis, suggesting exploitation has not been publicly observed. Qualcomm security bulletin scheduled for May 2026 indicates vendor-coordinated disclosure with patches expected in that timeframe.
Microsoft Office Word untrusted pointer dereference (CWE-822) enables local code execution with high impact across Microsoft 365 Apps for Enterprise and Office LTSC 2021/2024 editions (Windows and macOS). The vulnerability requires local access but no privileges or user interaction (CVSS:3.1/AV:L/AC:L/PR:N/UI:N), allowing unauthenticated local attackers to achieve full system compromise. Vendor-released patch available per Microsoft Security Response Center advisory. No public exploit identified at time of analysis. SSVC assessment indicates no confirmed exploitation, non-automatable attack, but total technical impact (full control).
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host enables authenticated local attackers to elevate privileges to SYSTEM level across all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. The vulnerability (CWE-822) requires low-privilege authenticated access and minimal attack complexity (CVSS 7.8, AV:L/AC:L/PR:L). No public exploit identified at time of analysis. Microsoft released patches for all affected versions including
Local privilege escalation in Windows Universal Plug and Play Device Host service affects all supported Windows 10, Windows 11, and Windows Server versions via untrusted pointer dereference (CWE-822). Low-complexity attack requires low-level authenticated access (PR:L) with no user interaction, enabling complete system compromise (C:H/I:H/A:H). Microsoft released patches in May 2025 for 21 affected product versions. No public exploit identified at time of analysis, though the local attack vector
Remote code execution in Microsoft SQL Server 2022 (GDR) allows authenticated network attackers to execute arbitrary code with high confidentiality, integrity, and availability impact via untrusted pointer dereference. The vulnerability affects SQL Server 2022 (GDR) versions below 16.0.1175.1, requires low-privilege authenticated access (PR:L), and has low attack complexity (AC:L), making it straightforward to exploit once network access is obtained. Vendor-released patch available (version 16.0.1175.1). No public exploit identified at time of analysis, though the network attack vector and low complexity suggest moderate near-term exploitation risk.
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability.
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Memory corruption in Qualcomm Snapdragon allows local authenticated attackers with low privileges to achieve arbitrary code execution and full system compromise. The vulnerability triggers when malicious drivers invoke specific IOCTLs with intentionally malformed input/output buffers, bypassing buffer validation checks. EPSS and KEV status not available at time of analysis; advisory references May 2026 bulletin suggesting pre-disclosure analysis.
Memory corruption in Qualcomm Snapdragon camera subsystem allows local authenticated users to execute arbitrary code with high privileges through crafted input/output control (ioctl) calls targeting camera sensor interfaces with malformed output buffers. CVSS score of 7.8 reflects local attack vector requiring low-privilege account access. No EPSS data or KEV listing at time of analysis, suggesting exploitation has not been publicly observed. Qualcomm security bulletin scheduled for May 2026 indicates vendor-coordinated disclosure with patches expected in that timeframe.
Microsoft Office Word untrusted pointer dereference (CWE-822) enables local code execution with high impact across Microsoft 365 Apps for Enterprise and Office LTSC 2021/2024 editions (Windows and macOS). The vulnerability requires local access but no privileges or user interaction (CVSS:3.1/AV:L/AC:L/PR:N/UI:N), allowing unauthenticated local attackers to achieve full system compromise. Vendor-released patch available per Microsoft Security Response Center advisory. No public exploit identified at time of analysis. SSVC assessment indicates no confirmed exploitation, non-automatable attack, but total technical impact (full control).
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host enables authenticated local attackers to elevate privileges to SYSTEM level across all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. The vulnerability (CWE-822) requires low-privilege authenticated access and minimal attack complexity (CVSS 7.8, AV:L/AC:L/PR:L). No public exploit identified at time of analysis. Microsoft released patches for all affected versions including
Local privilege escalation in Windows Universal Plug and Play Device Host service affects all supported Windows 10, Windows 11, and Windows Server versions via untrusted pointer dereference (CWE-822). Low-complexity attack requires low-level authenticated access (PR:L) with no user interaction, enabling complete system compromise (C:H/I:H/A:H). Microsoft released patches in May 2025 for 21 affected product versions. No public exploit identified at time of analysis, though the local attack vector
Remote code execution in Microsoft SQL Server 2022 (GDR) allows authenticated network attackers to execute arbitrary code with high confidentiality, integrity, and availability impact via untrusted pointer dereference. The vulnerability affects SQL Server 2022 (GDR) versions below 16.0.1175.1, requires low-privilege authenticated access (PR:L), and has low attack complexity (AC:L), making it straightforward to exploit once network access is obtained. Vendor-released patch available (version 16.0.1175.1). No public exploit identified at time of analysis, though the network attack vector and low complexity suggest moderate near-term exploitation risk.