Monthly
CAI Content Credentials is affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.
Arbitrary code execution in Adobe Bridge arises from an integer overflow (CWE-190) triggered when a victim opens a maliciously crafted file, allowing an attacker to run code in the context of the current user. The flaw is local and requires user interaction, carrying a CVSS 7.8 (High) score. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Remote code execution in the Microsoft Windows Remote Desktop (RDP) component allows an unauthenticated attacker to run arbitrary code by triggering an integer overflow, but only when a victim is convinced to interact (per CVSS UI:R) - most consistent with a malicious RDP server coercing a connecting client. The flaw affects a broad range of supported Windows client and server releases from Windows Server 2012/Windows 10 1607 through Windows 11 26H1 and Windows Server 2025. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; EPSS data was not provided.
Local privilege escalation in the Microsoft Windows Kernel allows an authenticated attacker to elevate to SYSTEM by triggering an integer overflow (CWE-190) in a kernel code path. The flaw affects a broad range of supported Windows client and server releases (Windows 10 1607 through Windows 11 26H1, and Windows Server 2012 through Server 2025). Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis and no EPSS or KEV data supplied.
Privilege escalation in the Windows Remote Access Service (RRAS) Infrastructure allows an authenticated attacker to elevate privileges over the network by triggering an integer overflow (CWE-190) in affected code paths. The flaw affects a broad range of Windows 10, Windows 11, and Windows Server releases (2012 R2 through 2025), and Microsoft has released a patch. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the network-reachable EoP profile with only low privileges required makes it a meaningful patch priority.
Local code execution in Microsoft Windows Terminal (shipped on Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, and Windows Server 2022/2025) arises from an integer overflow (CWE-190) that an unauthorized attacker can trigger, but only after luring a logged-on user into interacting with malicious content. There is no public exploit identified at time of analysis and the flaw is not in CISA KEV, so this is a defense-in-depth patch rather than an emergency, though the CVSS 7.8 reflects full confidentiality, integrity, and availability impact once triggered. Microsoft has released a patch via the MSRC update guide.
Local privilege escalation in the Windows NTFS file system driver allows an authenticated low-privileged user to gain SYSTEM-level rights by triggering an integer overflow (CWE-190) during filesystem processing. It affects a broad range of supported Windows client and server releases, from Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; a vendor patch is available from Microsoft.
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Word (and Office/SharePoint components that render Word content) stems from an integer overflow in the file-parsing path, letting an attacker who convinces a victim to open a crafted document run arbitrary code with the victim's privileges. It affects a broad Office footprint including Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, the macOS editions, and SharePoint Server 2016/2019/Subscription Edition. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the 7.8 CVSS and Word's ubiquity make it a routine priority patch.
Local code execution in Microsoft Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the macOS Office builds, and Office Online Server) arises from an integer overflow (CWE-190) triggered when the application parses a maliciously crafted spreadsheet. An unauthorized attacker who convinces a victim to open a booby-trapped file can run arbitrary code in the context of the current user, with full confidentiality, integrity, and availability impact per the 7.8 CVSS vector. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
CAI Content Credentials is affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.
Arbitrary code execution in Adobe Bridge arises from an integer overflow (CWE-190) triggered when a victim opens a maliciously crafted file, allowing an attacker to run code in the context of the current user. The flaw is local and requires user interaction, carrying a CVSS 7.8 (High) score. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Remote code execution in the Microsoft Windows Remote Desktop (RDP) component allows an unauthenticated attacker to run arbitrary code by triggering an integer overflow, but only when a victim is convinced to interact (per CVSS UI:R) - most consistent with a malicious RDP server coercing a connecting client. The flaw affects a broad range of supported Windows client and server releases from Windows Server 2012/Windows 10 1607 through Windows 11 26H1 and Windows Server 2025. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; EPSS data was not provided.
Local privilege escalation in the Microsoft Windows Kernel allows an authenticated attacker to elevate to SYSTEM by triggering an integer overflow (CWE-190) in a kernel code path. The flaw affects a broad range of supported Windows client and server releases (Windows 10 1607 through Windows 11 26H1, and Windows Server 2012 through Server 2025). Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis and no EPSS or KEV data supplied.
Privilege escalation in the Windows Remote Access Service (RRAS) Infrastructure allows an authenticated attacker to elevate privileges over the network by triggering an integer overflow (CWE-190) in affected code paths. The flaw affects a broad range of Windows 10, Windows 11, and Windows Server releases (2012 R2 through 2025), and Microsoft has released a patch. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the network-reachable EoP profile with only low privileges required makes it a meaningful patch priority.
Local code execution in Microsoft Windows Terminal (shipped on Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, and Windows Server 2022/2025) arises from an integer overflow (CWE-190) that an unauthorized attacker can trigger, but only after luring a logged-on user into interacting with malicious content. There is no public exploit identified at time of analysis and the flaw is not in CISA KEV, so this is a defense-in-depth patch rather than an emergency, though the CVSS 7.8 reflects full confidentiality, integrity, and availability impact once triggered. Microsoft has released a patch via the MSRC update guide.
Local privilege escalation in the Windows NTFS file system driver allows an authenticated low-privileged user to gain SYSTEM-level rights by triggering an integer overflow (CWE-190) during filesystem processing. It affects a broad range of supported Windows client and server releases, from Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; a vendor patch is available from Microsoft.
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.
Local code execution in Microsoft Word (and Office/SharePoint components that render Word content) stems from an integer overflow in the file-parsing path, letting an attacker who convinces a victim to open a crafted document run arbitrary code with the victim's privileges. It affects a broad Office footprint including Microsoft 365 Apps, Office 2019, Office LTSC 2021/2024, the macOS editions, and SharePoint Server 2016/2019/Subscription Edition. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the 7.8 CVSS and Word's ubiquity make it a routine priority patch.
Local code execution in Microsoft Excel (spanning Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, Office LTSC 2021/2024, the macOS Office builds, and Office Online Server) arises from an integer overflow (CWE-190) triggered when the application parses a maliciously crafted spreadsheet. An unauthorized attacker who convinces a victim to open a booby-trapped file can run arbitrary code in the context of the current user, with full confidentiality, integrity, and availability impact per the 7.8 CVSS vector. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.