Monthly
Arbitrary physical memory read/write in the ASUS System Control Interface (v3 and legacy) and ASUS Business Manager driver allows a local administrator to issue crafted IOCTL requests that bypass OS-enforced memory protections, per an ASUS-published advisory. The flaw (CWE-822, Untrusted Pointer Dereference) turns the signed ASUS driver into a read/write primitive over physical memory, enabling privilege escalation from admin to kernel and potential defense evasion. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; EPSS was not provided.
Arbitrary code execution in Adobe Bridge allows an attacker to run code in the context of the current user by tricking a victim into opening a maliciously crafted file that triggers an untrusted pointer dereference (CWE-822). The flaw is local and file-based, requiring user interaction; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation yields full impact on confidentiality, integrity, and availability limited to the privileges of the user running Bridge.
Arbitrary local code execution in Microsoft Office Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the Office for Mac editions, and Office Online Server) lets an attacker run code in the current user's context when a victim opens a maliciously crafted spreadsheet. The flaw is an untrusted pointer dereference (CWE-822) triggered during file parsing; it requires user interaction but no prior privileges. No public exploit is identified at time of analysis, and a vendor patch is available from Microsoft (MSRC).
Untrusted pointer dereference (CWE-822) in Microsoft Excel allows a local attacker to disclose sensitive memory contents when a victim opens a specially crafted workbook. The flaw affects a broad swath of Microsoft Office product lines - from Excel 2016 through Office LTSC 2024 and their Mac counterparts - as confirmed by CPE enumeration. No public exploit code or active exploitation has been identified at time of analysis; SSVC rates exploitation as none and technical impact as partial, placing this in the moderate real-world priority tier despite the C:H CVSS rating.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local privilege escalation in the Microsoft Windows USB Hub Driver allows an authenticated low-privileged user to elevate to SYSTEM by triggering an untrusted pointer dereference (CWE-822), affecting Windows 10 (1809/21H2/22H2) and Windows Server 2019 through 2025. Successful exploitation yields full confidentiality, integrity, and availability impact on the local host. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but Microsoft has released a patch.
Denial of service in the Windows Domain Controller role on Windows Server 2025 (including Server Core) and Windows 11 24H2/25H2/26H1 lets a remote, unauthenticated attacker crash or hang authentication services by triggering an untrusted pointer dereference over the network. Because the CVSS vector is PR:N/UI:N with A:H and no confidentiality or integrity impact, a single crafted network exchange can disrupt directory and logon services domain-wide without credentials. No public exploit identified at time of analysis, and it is not on CISA KEV; Microsoft has released a patch.
Local privilege escalation in Microsoft Windows Resilient File System (ReFS) lets an authenticated local attacker gain elevated (SYSTEM-level) privileges by triggering an untrusted pointer dereference in the ReFS driver. It affects a broad range of Windows 10, Windows 11, and Windows Server 2016-2025 builds. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV, so risk is currently patch-and-move rather than emergency.
Local code execution in the Windows DirectX graphics component (CVE-2026-50382) lets an already-authenticated user run arbitrary code and, because the CVSS scope is Changed, break out of the calling security context to compromise the wider system. It affects a broad range of Windows client and server builds from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. Microsoft has issued a patch; there is no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Privilege elevation in Microsoft Edge (Chromium-based) lets a network attacker escalate privileges by luring a victim into loading crafted web content that triggers an untrusted pointer dereference (CWE-822). Microsoft rates it CVSS 8.3, driven by a scope change (sandbox/boundary crossing) and full confidentiality, integrity, and availability impact, but exploitation requires user interaction and is of high attack complexity. No public exploit identified at time of analysis (E:U), it is not on CISA KEV, and an official vendor fix is available.
Arbitrary physical memory read/write in the ASUS System Control Interface (v3 and legacy) and ASUS Business Manager driver allows a local administrator to issue crafted IOCTL requests that bypass OS-enforced memory protections, per an ASUS-published advisory. The flaw (CWE-822, Untrusted Pointer Dereference) turns the signed ASUS driver into a read/write primitive over physical memory, enabling privilege escalation from admin to kernel and potential defense evasion. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; EPSS was not provided.
Arbitrary code execution in Adobe Bridge allows an attacker to run code in the context of the current user by tricking a victim into opening a maliciously crafted file that triggers an untrusted pointer dereference (CWE-822). The flaw is local and file-based, requiring user interaction; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation yields full impact on confidentiality, integrity, and availability limited to the privileges of the user running Bridge.
Arbitrary local code execution in Microsoft Office Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the Office for Mac editions, and Office Online Server) lets an attacker run code in the current user's context when a victim opens a maliciously crafted spreadsheet. The flaw is an untrusted pointer dereference (CWE-822) triggered during file parsing; it requires user interaction but no prior privileges. No public exploit is identified at time of analysis, and a vendor patch is available from Microsoft (MSRC).
Untrusted pointer dereference (CWE-822) in Microsoft Excel allows a local attacker to disclose sensitive memory contents when a victim opens a specially crafted workbook. The flaw affects a broad swath of Microsoft Office product lines - from Excel 2016 through Office LTSC 2024 and their Mac counterparts - as confirmed by CPE enumeration. No public exploit code or active exploitation has been identified at time of analysis; SSVC rates exploitation as none and technical impact as partial, placing this in the moderate real-world priority tier despite the C:H CVSS rating.
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
Local privilege escalation in the Microsoft Windows USB Hub Driver allows an authenticated low-privileged user to elevate to SYSTEM by triggering an untrusted pointer dereference (CWE-822), affecting Windows 10 (1809/21H2/22H2) and Windows Server 2019 through 2025. Successful exploitation yields full confidentiality, integrity, and availability impact on the local host. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but Microsoft has released a patch.
Denial of service in the Windows Domain Controller role on Windows Server 2025 (including Server Core) and Windows 11 24H2/25H2/26H1 lets a remote, unauthenticated attacker crash or hang authentication services by triggering an untrusted pointer dereference over the network. Because the CVSS vector is PR:N/UI:N with A:H and no confidentiality or integrity impact, a single crafted network exchange can disrupt directory and logon services domain-wide without credentials. No public exploit identified at time of analysis, and it is not on CISA KEV; Microsoft has released a patch.
Local privilege escalation in Microsoft Windows Resilient File System (ReFS) lets an authenticated local attacker gain elevated (SYSTEM-level) privileges by triggering an untrusted pointer dereference in the ReFS driver. It affects a broad range of Windows 10, Windows 11, and Windows Server 2016-2025 builds. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV, so risk is currently patch-and-move rather than emergency.
Local code execution in the Windows DirectX graphics component (CVE-2026-50382) lets an already-authenticated user run arbitrary code and, because the CVSS scope is Changed, break out of the calling security context to compromise the wider system. It affects a broad range of Windows client and server builds from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. Microsoft has issued a patch; there is no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Privilege elevation in Microsoft Edge (Chromium-based) lets a network attacker escalate privileges by luring a victim into loading crafted web content that triggers an untrusted pointer dereference (CWE-822). Microsoft rates it CVSS 8.3, driven by a scope change (sandbox/boundary crossing) and full confidentiality, integrity, and availability impact, but exploitation requires user interaction and is of high attack complexity. No public exploit identified at time of analysis (E:U), it is not on CISA KEV, and an official vendor fix is available.