Skip to main content

Denial Of Service

36438 CVEs technique

Monthly

CVE-2026-50359 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft XML Core Services (MSXML) lets a low-privileged, authorized attacker on a Windows host reclaim a freed object (use-after-free, CWE-416) to run code at elevated privilege. It affects a broad Windows footprint spanning Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025, including Server Core installations. Microsoft reported the flaw, a patch is available, and there is no public exploit identified at time of analysis; CISA SSVC currently rates exploitation as none.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2026-54131 HIGH PATCH Exploit Unlikely This Week

Arbitrary code execution in Microsoft Office Excel arises from a use-after-free (CWE-416) memory-corruption flaw affecting Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server. The CVSS 3.1 vector (AV:L/UI:R) makes this a user-interaction-dependent, locally-scoped issue: a victim must open a maliciously crafted Excel workbook, after which the attacker gains code execution in the user's security context. No public exploit is identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55128 HIGH PATCH This Week

Local code execution in Microsoft Office Word (CWE-416 use-after-free) allows an unauthorized attacker to run arbitrary code in the context of the current user when a victim opens a maliciously crafted document. The flaw affects a broad Office footprint including Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024 (Windows and Mac), and related SharePoint Server products that process Word documents. Microsoft has released a patch; no public exploit has been identified at time of analysis, and neither KEV nor EPSS/POC signals were provided in the input.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +10
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55032 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Word (across Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Office for Mac, and Word 2016) allows an attacker to run arbitrary code by exploiting a use-after-free memory corruption flaw when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 with a local attack vector requiring user interaction; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. Microsoft, which reported the issue itself, has released a patch.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +10
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-55018 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) stems from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted document. Rated CVSS 7.8 with high confidentiality, integrity, and availability impact, exploitation requires user interaction but no prior authentication, letting an attacker run arbitrary code in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix, so patching should be prioritized during the normal Patch Tuesday cycle.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50467 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and Office for Mac 2021/2024) arises from a use-after-free memory corruption flaw that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation runs arbitrary code in the context of the current user, yielding full confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; Microsoft has published a patch via MSRC.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +7
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50314 HIGH PATCH NEWS Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and the macOS editions) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an attacker run arbitrary code in the context of the current user after the victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, and requires user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-47642 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Excel (across Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, and their macOS equivalents) arises from a use-after-free (CWE-416) memory-corruption flaw triggered when a user opens a maliciously crafted spreadsheet. The CVSS vector (AV:L/AC:L/PR:N/UI:R) indicates an unauthenticated attacker can achieve full confidentiality, integrity, and availability impact but requires the victim to open a file, making it a classic phishing-delivered client-side bug. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, though Excel memory-corruption bugs are historically attractive targets.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-47290 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (including Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) stems from a use-after-free memory-corruption flaw (CWE-416). An attacker who convinces a user to open a specially crafted Office document can execute arbitrary code in the context of the current user, gaining full confidentiality, integrity, and availability impact. Exploitation requires user interaction (opening a malicious file) and there is no public exploit identified at time of analysis.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +4
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-54128 HIGH POC PATCH NEWS Exploit Likely This Week

Local code execution in the Windows DHCP Client service stems from a use-after-free (CWE-416) memory-corruption flaw affecting a broad range of Windows 10, Windows 11, and Windows Server releases (Server 2012 through Server 2025). Per the CVSS vector an unauthenticated attacker with local access can achieve high-impact code execution with no user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a patch through the MSRC update guide.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
8.4
EPSS
0.3%
CVE-2026-50689 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Clipboard Server (Cliprdr/RDP clipboard virtual channel service) affects a broad range of Windows 10, Windows 11, and Windows Server builds (from 1809 through 11 26H1 and Server 2025). An authenticated local attacker who can trigger a use-after-free (CWE-416) in the service can corrupt memory to run code at elevated (SYSTEM-level) privilege. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50687 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Kernel lets an already-authenticated, low-privileged attacker on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 corrupt kernel memory via a use-after-free and gain SYSTEM-level control. The CVSS 3.1 score of 8.8 is elevated by a scope change (S:C), reflecting that kernel compromise crosses the boundary from user context to the OS itself. Microsoft has released a patch; no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-50688 HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Microsoft Windows Kernel allows an authenticated attacker to gain SYSTEM-level control by exploiting a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of Windows client and server builds - from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through Server 2025 - and was reported by Microsoft with a patch available. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; the CVSS 3.1 base score is 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2026-50677 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Media (a component shipping in Windows 11 versions 24H2, 25H2, and 26H1) lets an authenticated local attacker execute code at elevated privilege by triggering a use-after-free (CWE-416) memory-corruption condition. Reported by Microsoft with a vendor patch available, it carries CVSS 7.8 (High) and can yield full confidentiality, integrity, and availability compromise of the host. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50674 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft's Windows USB Print Driver stems from a use-after-free (CWE-416) memory corruption flaw affecting Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. A low-privileged authenticated attacker who can execute code on the host and win a memory-timing race can corrupt kernel memory to gain higher (SYSTEM-level) privileges. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation is not currently observed in the wild.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2026-50673 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel lets an authenticated attacker gain elevated (SYSTEM-level) privileges by triggering a NULL pointer dereference (CWE-476) in kernel-mode code. The flaw affects a broad range of client and server builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Reported by Microsoft with a patch available; no public exploit identified at time of analysis.

Microsoft Denial Of Service Null Pointer Dereference Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50672 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows NTFS (New Technology File System) driver lets an already-authenticated low-privileged user corrupt kernel memory via a use-after-free (CWE-416) and elevate to SYSTEM. The flaw affects a broad Windows client and server matrix (Windows 10 1809 through Windows 11 26H1, Windows Server 2019/2022/2025). It has no public exploit identified at time of analysis and is not on CISA KEV, but as a Microsoft-reported, patched NTFS kernel bug it is a routine patch-priority item on standard Patch Tuesday cycles.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50666 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in the Windows Remote Access Connection Manager (RasMan) service lets an authenticated, low-privileged attacker corrupt memory over the network to gain higher privileges on affected Windows 10, 11, and Server systems. The flaw is a CWE-416 use-after-free carrying a CVSS 8.8 with high impact to confidentiality, integrity, and availability. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +15
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-50647 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Active Directory Federation Services (AD FS) allows an unauthenticated, remote attacker to send crafted network requests that drive a request-handling routine into an infinite loop (CWE-835), exhausting CPU and rendering the federation service unavailable. All supported Windows Server releases hosting the AD FS role are impacted, and because the flaw requires no authentication and no user interaction (CVSS 7.5, AV:N/AC:L/PR:N/UI:N), it can knock out single sign-on for every relying-party application. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so this is a patch-priority availability issue rather than a confirmed active-exploitation event.

Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +14
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2026-50505 HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Microsoft Windows Message Queuing (MSMQ) service arises from a use-after-free (CWE-416) memory-corruption flaw that an authenticated attacker can trigger across a network to run arbitrary code in the service context. It affects a broad range of supported Windows client and server releases from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025 wherever the MSMQ component is enabled. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft rates it CVSS 7.5 and has released a fix.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2026-50490 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Installer (msiexec) service across Windows 10, Windows 11, and Windows Server 2012 through 2025 allows an already-authenticated local user to gain higher privileges by triggering a use-after-free memory-corruption condition. No public exploit has been identified at time of analysis, and it is not listed in CISA KEV, but Microsoft has published a patch. The high CVSS complexity (AC:H) indicates exploitation requires winning a race or meeting specific timing/heap conditions rather than being trivially reliable.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2026-50500 HIGH PATCH This Week

Privilege escalation in the Windows Netlogon service allows an already-authenticated, low-privileged network attacker to elevate to higher privileges by exploiting a use-after-free (CWE-416) memory-corruption condition. The flaw affects a broad range of Windows client and server releases from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025, including Server Core installations. Reported by Microsoft with a vendor patch available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2026-50487 HIGH PATCH Exploit Unlikely This Week

Network-based privilege elevation in Microsoft Windows DNS (Windows 11 24H2/25H2/26H1 and Windows Server 2025) stems from a use-after-free memory corruption condition that an unauthenticated remote attacker can exploit to gain elevated privileges with full confidentiality, integrity, and availability impact. The flaw requires no prior authentication or user interaction (PR:N/UI:N) but carries high attack complexity (AC:H), meaning reliable exploitation depends on winning a race or satisfying a specific memory-state timing window. Microsoft self-reported the issue and has shipped a patch; no public exploit identified at time of analysis and it is not currently listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2026-50486 HIGH PATCH This Week

Elevation of privilege in the Windows Runtime (WinRT) component affects Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2025, where a use-after-free memory-corruption flaw lets an already-authenticated local user run code at higher privilege. Microsoft has released a patch and reported the issue; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV. Given the CVSS 7.8 (Important) rating and full C/I/A impact, this is a standard local privilege-escalation risk suited for regular patch prioritization rather than emergency response.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 21H2 +6
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50493 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Graphics Kernel component allows an authenticated attacker to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory-corruption condition. All currently supported Windows client and server builds are affected - from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. No public exploit identified at time of analysis; Microsoft has released a patch, and the CVSS 7.8 (Important) rating reflects high impact but a local-access, low-privilege prerequisite.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50478 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel lets an authenticated attacker who already has low-privileged code execution on a host elevate to SYSTEM by exploiting a use-after-free (CWE-416) memory corruption. It affects a broad range of supported Windows client and server builds - Windows 10 (1809/21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2019/2022/2025 - and Microsoft has released a patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation appears unproven publicly despite the reliably-exploitable nature of kernel UAF flaws.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50459 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel arises from a use-after-free (CWE-416) memory-corruption flaw that lets an attacker running code on the machine gain higher privileges, potentially SYSTEM. It affects a broad range of current Windows client and server builds (Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, Windows Server 2022/2025). No public exploit identified at time of analysis, but the local attack surface and full CIA impact make it a standard Patch-Tuesday-class kernel EoP worth prompt patching.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 21H2 +7
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2026-50406 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Backup Engine affects Windows 10 (21H2, 22H2) and Windows 11 (24H2, 25H2, 26H1), where a use-after-free (CWE-416) memory-corruption flaw lets an already-authorized local user with low privileges elevate to higher rights. No public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft rates it 7.0 (High), reflecting meaningful impact tempered by high attack complexity. Successful exploitation grants full confidentiality, integrity, and availability impact on the affected host.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 21H2 +4
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2026-50476 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows (Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through 2025) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an already-authenticated local user run code at elevated privilege. The CVSS 3.1 base score is 7.8 with a scope-changed vector, and Microsoft has shipped a fix via MSRC. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, so exploitation is currently theoretical rather than observed.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2026-50458 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Brokering File System affects Windows 11 24H2/25H2/26H1 and Windows Server 2025, where a use-after-free (CWE-416) lets an already-authenticated local user corrupt memory to elevate to higher privileges (typically SYSTEM). Microsoft has released a patch and rates it 7.8 (High). There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50474 HIGH PATCH NEWS This Week

Remote code execution in Microsoft's Remote Desktop Client (the RDP client, mstsc.exe, shipped across Windows 10, Windows 11, and Windows Server 2012 through 2025) allows an unauthorized attacker to run arbitrary code over the network by triggering a use-after-free memory-corruption condition. Exploitation requires the victim to connect to an attacker-controlled or compromised RDP endpoint (UI:R), after which the malicious server can corrupt client-side memory to achieve full code execution. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV; a vendor patch is available from Microsoft.

Use After Free Memory Corruption Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-50432 MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Virtual Filtering Platform (VFP) allows an authorized attacker to deny service over a network.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +13
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2026-50457 HIGH PATCH This Week

Local privilege escalation in the Windows Runtime (WinRT) component of Windows 10, Windows 11, and Windows Server allows an authenticated attacker to run arbitrary code with elevated (SYSTEM-level) privileges by triggering a use-after-free memory-corruption condition (CWE-416). Microsoft has released a patch, but there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. The CVSS 3.1 score of 7.8 (High) with a fully local vector reflects meaningful post-compromise impact but requires the attacker to already have a foothold on the host.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +9
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50439 HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Microsoft Message Queuing (MSMQ) Queue Manager affects a broad range of Windows client and server releases, from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. An unauthenticated network attacker who can reach the MSMQ service (TCP 1801) can trigger a use-after-free (CWE-416) in the Queue Manager to execute arbitrary code in the service context. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but the high CVSS (8.1), network attack vector, and lack of any authentication requirement make patched deployment urgent; exploitation is tempered by the High attack complexity (AC:H).

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2026-50466 HIGH PATCH This Week

Local privilege escalation in the Windows Brokering File System component affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a use-after-free memory corruption (CWE-416) lets an already-authenticated local user elevate to higher privileges. Microsoft rates it CVSS 7.8 with full confidentiality, integrity, and availability impact, and has released a patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50374 MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges with a physical attack.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2026-50427 HIGH PATCH This Week

Local privilege escalation in the Microsoft Windows Content Delivery Manager component lets an authenticated low-privileged user elevate to SYSTEM by triggering a use-after-free (CWE-416) memory-corruption condition. The flaw affects a broad range of client and server builds (Windows 10 1809 through Windows 11 26H1, plus Server 2019 and Server 2025), and Microsoft has released a patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Windows 10 Version 1809 Windows 10 Version 21H2 +8
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50413 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Runtime (WinRT) via a use-after-free memory corruption flaw enables a locally authenticated low-privilege attacker to elevate to SYSTEM-level access on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. The CVSS scope change (S:C) confirms the exploit crosses a security boundary, yielding full confidentiality, integrity, and availability impact beyond the originating process. No public exploit identified at time of analysis; Microsoft has released a patch via MSRC.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-50369 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Remote Desktop Services (RDS) lets an authenticated, low-privileged attacker elevate to higher privileges across a network by triggering a use-after-free (CWE-416) memory-corruption condition in the RDS component. The flaw spans a broad range of supported Windows client and server releases (Windows 10/11 and Windows Server 2012 through 2025). Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2026-50436 HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Windows Kernel affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 (including Server Core), where an authorized attacker can exploit a use-after-free (CWE-416) memory-corruption condition to elevate privileges to SYSTEM. The flaw was reported by Microsoft, which has released a patch, and carries a CVSS 7.8 rating driven entirely by high confidentiality, integrity, and availability impact once local access is obtained. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2026-50397 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel lets an already-authenticated attacker win a use-after-free race (CWE-416) to gain SYSTEM-level control, affecting a broad range of client and server builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch and there is no public exploit identified at time of analysis. The moderate 7.0 score reflects high attack complexity (a timing-dependent race) offset by full confidentiality, integrity and availability impact once triggered.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50433 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows Media (the Windows Media component/codec subsystem) allows an already-authenticated local attacker to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of currently-supported Windows client and server releases, from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2026-50449 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Runtime (WinRT) affects a broad range of supported Windows client and server releases, from Windows 10 1809 and Windows Server 2019 through Windows 11 26H1 and Windows Server 2025. An authorized local attacker who can execute low-privilege code can trigger a use-after-free (CWE-416) memory-corruption condition to elevate privileges, yielding full confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50410 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Runtime (WinRT) affects a broad range of Windows client and server builds, from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. An authorized local attacker who can run low-privileged code can trigger a use-after-free memory-corruption condition to elevate to higher privileges, with high confidentiality, integrity, and availability impact implying a path to SYSTEM. No public exploit identified at time of analysis, and the flaw is not on CISA KEV; a vendor patch is available.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50353 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows DirectX graphics kernel subsystem allows an authenticated attacker to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory-corruption condition across Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. The CVSS 3.1 vector (7.8, AV:L/PR:L) confirms local access and low existing privileges are required with no user interaction, yielding full confidentiality, integrity, and availability impact. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50358 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Media component affects a broad range of Microsoft Windows client and server editions (Windows 10 1607 through Windows 11 26H1, and Windows Server 2016 through 2025). A low-privileged authenticated attacker can abuse a use-after-free (CWE-416) memory corruption flaw to elevate to higher privileges, achieving full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the flaw is not on CISA KEV, but the high attack complexity (a likely race condition) is the main barrier to reliable exploitation.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +13
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2026-50366 MEDIUM PATCH This Month

Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network.

Denial Of Service Null Pointer Dereference Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2026-50340 HIGH PATCH This Week

Elevation of privilege in the Windows Runtime (WinRT) component of Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 allows an authenticated attacker to gain higher privileges by exploiting a use-after-free memory-corruption flaw over the network. Microsoft, who reported the issue, has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The high CVSS (8.5) is driven by a scope change and full confidentiality/integrity/availability impact, though high attack complexity tempers real-world exploitability.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
8.5
EPSS
0.5%
CVE-2026-50312 MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2026-50324 MEDIUM PATCH Exploit Unlikely This Month

Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.

Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 Windows Server 2012 R2 Windows Server 2012 R2 Server Core Installation +7
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2026-50315 HIGH PATCH This Week

Local privilege escalation in Windows Image Acquisition (WIA) affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a NULL pointer dereference can be leveraged by an already-authenticated local user to elevate privileges. Microsoft rates it 7.8 (High) with full confidentiality, integrity, and availability impact despite the flaw class typically causing denial of service. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Microsoft Denial Of Service Null Pointer Dereference Windows 11 Version 24H2 Windows 11 Version 25H2 +3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50425 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Internal System User Profile component allows an already-authenticated attacker to gain elevated (SYSTEM-level) privileges by triggering a use-after-free memory corruption condition (CWE-416). The flaw affects Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2025 including Server Core. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CVSS 7.8 rating and full high impact on confidentiality, integrity, and availability make it a meaningful patch-cycle priority.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 21H2 +6
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50396 HIGH PATCH This Week

Local privilege escalation in Windows Kernel-Mode Drivers on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 lets an authenticated local attacker corrupt kernel memory via a use-after-free and gain SYSTEM-level control. Rated CVSS 7.0 (Important) and reported by Microsoft itself; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The high attack complexity (AC:H) reflects the race-condition nature typical of kernel UAF bugs, which tempers real-world exploitability despite full C/I/A impact.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50331 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Application Model (the subsystem underlying UWP/packaged app lifecycle and activation) lets an authorized attacker with an existing low-privileged foothold gain SYSTEM-level control by triggering a use-after-free memory-corruption condition. All supported Windows client and server builds from Windows 10 1607 through Windows 11 26H1 and Windows Server 2016 through Server 2025 are affected. This is a Microsoft-reported flaw with a vendor patch available; there is no public exploit identified at time of analysis and it is not on CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +13
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50326 HIGH PATCH This Week

Local privilege escalation in the Windows Unified Consent System (UCS) lets an already-authenticated attacker exploit a use-after-free memory-corruption flaw (CWE-416) to gain higher privileges, potentially up to SYSTEM. It affects a broad range of current Windows client and server builds including Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, and Windows Server 2025. Reported by Microsoft with a CVSS 3.1 base score of 7.8; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 21H2 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50307 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows TCP/IP stack allows an authenticated attacker to elevate to SYSTEM by exploiting a use-after-free (CWE-416) memory corruption flaw. Affected builds span Windows 10 (1809, 21H2, 22H2), Windows 11 (24H2, 25H2, 26H1), and Windows Server 2019/2022/2025 including Server Core. No public exploit identified at time of analysis; Microsoft has released a patch, and the CVSS 7.0 score reflects high attack complexity (likely a race condition) that raises the exploitation bar.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50393 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Kernel-Mode Drivers lets an already-authenticated, low-privileged user corrupt kernel memory to gain SYSTEM-level control. Affected builds include Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, including Server Core. Microsoft has shipped a patch; there is no public exploit identified at time of analysis, and it is not on the CISA KEV list.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50306 HIGH PATCH Exploit Unlikely This Week

Local privilege elevation in the Microsoft Windows TCP/IP networking stack lets an already-authenticated, low-privileged user corrupt kernel memory via a use-after-free (CWE-416) and gain SYSTEM-level control. The flaw affects a broad range of client and server SKUs from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through Server 2025, including Server Core installations. Microsoft reported the issue and has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50392 HIGH PATCH NEWS Exploit Unlikely This Week

Local privilege escalation in Windows Secure Kernel Mode (VBS/Isolated User Mode trust boundary) affects Windows 11 24H2/25H2/26H1 and Windows Server 2025, where a use-after-free (CWE-416) lets an already-authenticated local attacker gain elevated privileges. Microsoft rates it 7.0 (High) with a local, high-complexity vector requiring low privileges and no user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation would require winning a memory-corruption race after already having a foothold.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50329 HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Microsoft Windows Kernel allows an already-authenticated attacker to gain SYSTEM-level control by exploiting a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of supported Windows client and server releases (Windows 10 1809 through Windows 11 26H1, and Windows Server 2019 through 2025) and, per the CVSS 7.8 vector, yields full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2026-50305 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Brokering File System affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a use-after-free (CWE-416) memory-corruption flaw lets an already-authenticated local user execute code with elevated (typically SYSTEM) privileges. Microsoft has released a patch and reported the issue itself; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting a locally-exploitable but high-impact elevation path.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-50296 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Graphics Kernel component allows a low-privileged local user to elevate to SYSTEM by exploiting a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of Windows 10, Windows 11, and Windows Server releases, was reported by Microsoft, and has a vendor-released patch available. No public exploit is identified at time of analysis and it is not listed in CISA KEV; the high attack complexity (AC:H) makes reliable exploitation non-trivial.

Use After Free Memory Corruption Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 +12
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50354 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Kernel lets an already-authenticated, low-privileged user corrupt kernel memory via a use-after-free (CWE-416) and gain higher privileges on the host. The flaw affects a broad range of currently-supported Windows client and server releases (Windows 10 1607 through Windows 11 26H1, and Windows Server 2016 through 2025); Microsoft has shipped a fix. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +13
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2026-50293 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows taskbar (Internal Task Bar component) allows an authenticated attacker to elevate to higher privileges by exploiting a use-after-free memory corruption flaw. The issue affects a broad range of current Windows client and server builds (Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, and Windows Server 2025), was reported by Microsoft itself, and is fixed via a vendor patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 21H2 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-50323 HIGH PATCH This Week

Local privilege escalation in Windows Runtime (WinRT) on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 allows an authenticated local user to gain higher privileges by exploiting a use-after-free memory-corruption flaw (CWE-416). Successful exploitation yields high confidentiality, integrity, and availability impact, effectively enabling escalation to SYSTEM-level control on the host. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV; the elevated attack complexity (AC:H) indicates exploitation requires winning a race or meeting specific timing/heap conditions.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-49799 MEDIUM PATCH Exploit Unlikely This Month

Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.

Microsoft Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2026-49798 CRITICAL POC PATCH Exploit Likely Act Now

Local privilege escalation in the Microsoft Windows Kernel allows an unauthorized attacker to gain elevated (SYSTEM-level) privileges by triggering a use-after-free condition (CWE-416) in kernel memory. The flaw affects a broad range of supported Windows client and server releases, from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
9.3
EPSS
2.2%
CVE-2026-49795 HIGH POC PATCH Exploit Likely This Week

Local privilege escalation in the Windows Kernel lets an already-authenticated attacker corrupt kernel memory via a use-after-free (CWE-416) and gain full control of the host. The CVSS 3.1 vector (AV:L/PR:L, scope-changed with C:H/I:H/A:H) reflects a low-privileged local user escalating to SYSTEM-level compromise across a broad range of Windows 10, Windows 11, and Windows Server builds. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2026-49788 HIGH PATCH Exploit Unlikely This Week

Denial of service in the Windows HTTP/2 network stack allows a remote, unauthenticated attacker to exhaust server resources and render affected services unavailable across a broad range of Windows client and server releases (Windows 10/11 and Windows Server 2016 through 2025). Reported by Microsoft with a vendor patch available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The 7.5 CVSS reflects high availability impact with no confidentiality or integrity loss.

Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +10
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-49787 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Windows HTTP.sys allows remote unauthenticated attackers to exhaust system resources and make affected hosts unresponsive over the network. The flaw stems from missing resource limits/throttling (CWE-770) in the kernel-mode HTTP protocol stack, affecting a broad range of Windows client and server releases from Windows 10 1607 through Windows 11 26H1 and Windows Server 2016 through 2025. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; a vendor patch is available via MSRC.

Microsoft Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +11
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-45646 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft's OData libraries for ASP.NET/ASP.NET Core (Microsoft.AspNet.OData and Microsoft.AspNetCore.OData) allows a remote, unauthenticated attacker to exhaust server resources over the network, degrading or crashing the hosting web application (CVSS 7.5, availability-only impact). The flaw stems from resource allocation without limits or throttling (CWE-770), so a crafted request stream forces excessive consumption of CPU, memory, or connections. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Aspnet Odata Aspnetcore Odata
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-50653 HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Azure Active Directory (Entra ID) allows a remote unauthenticated attacker to send network traffic that drives affected processing into an infinite loop (CWE-835), exhausting resources and disrupting availability of the identity service. The flaw carries CVSS 7.5 with a high-availability impact, no confidentiality or integrity effect, and no public exploit identified at time of analysis. Microsoft has released a fix, which for this cloud-hosted service is applied server-side by the vendor.

Microsoft Denial Of Service Azure Active Directory
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-58602 HIGH PATCH This Week

Local privilege escalation in the Windows Kernel Mode Driver affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a use-after-free (CWE-416) lets an already-authenticated local attacker corrupt kernel memory and elevate to SYSTEM. Reported by Microsoft with a patch already available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 7.8 (AV:L/PR:L) reflects a high-impact but locally-scoped flaw requiring an existing foothold on the host.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-58526 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows arises from a use-after-free flaw (CWE-416) in the Windows Storage component, affecting Windows 10 (1809, 21H2, 22H2), Windows 11 (24H2, 25H2, 26H1), and Windows Server 2019/2022/2025. An authorized attacker who already has low-level access to a machine can trigger the freed-memory reuse to elevate to higher privileges (CVSS 7.0, high attack complexity). Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-57976 MEDIUM PATCH Exploit Unlikely This Month

Null pointer dereference in Windows Active Directory Domain Services (AD DS) enables a low-privileged authenticated attacker to crash the service remotely, causing denial of service across the affected domain. The flaw spans a wide range of Windows client and server releases, from Windows 10 version 1607 through Windows 11 version 26H1 and Windows Server 2012 through 2025. No public exploit code has been identified and this vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog at time of analysis, though the network-accessible attack surface and low privilege requirement lower the bar for abuse in environments with broad domain user access.

Denial Of Service Null Pointer Dereference Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2026-54127 HIGH PATCH NEWS Exploit Unlikely This Week

Local privilege escalation in the Windows Hyper-V virtualization stack lets an attacker running code on an affected host trigger a use-after-free to gain higher privileges. The flaw affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2022/2025, was reported by Microsoft, and has a vendor patch available. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the modeled full compromise of confidentiality, integrity, and availability (C:H/I:H/A:H) makes it a meaningful patch-cycle priority.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +5
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2026-50694 HIGH PATCH NEWS This Week

Remote code execution in the Windows Secure Socket Tunneling Protocol (SSTP) component lets an unauthenticated network attacker run arbitrary code by triggering a use-after-free (CWE-416) memory-corruption condition. The flaw spans a broad range of Windows client and server builds, from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. No public exploit is identified at time of analysis and it is not listed in CISA KEV, but the network attack vector combined with full high impact to confidentiality, integrity and availability makes it a meaningful patch priority.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2026-56170 HIGH PATCH Exploit Unlikely This Week

Denial of service in ASP.NET Core (the web framework shipped with .NET 8.0, 9.0, and 10.0) lets a remote, unauthenticated attacker exhaust server resources by triggering unbounded allocations over the network. Because affected requests are not throttled or capped, a single crafted request stream can degrade availability of the hosting process without any authentication or user interaction. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis and no CISA KEV listing.

Denial Of Service Net 10 0 Net 8 0 Net 9 0
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-55948 HIGH PATCH This Week

Local code execution in Microsoft Excel (2016, Office 2019, Office LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) arises from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted spreadsheet. Exploitation runs code in the context of the current user and requires user interaction (opening the file), with no public exploit identified at time of analysis. This is a locally-exploited, phishing-delivered class of bug typical of Office file-format handlers, patched by Microsoft via MSRC.

Use After Free Memory Corruption Denial Of Service Microsoft Microsoft 365 Apps For Enterprise +8
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2026-54995 HIGH PATCH NEWS This Week

Remote code execution in the Windows Reliable Multicast Transport Driver (RMCAST) lets an unauthenticated network attacker trigger a use-after-free (CWE-416) and run arbitrary code on a broad range of Windows 10, Windows 11, and Windows Server systems (Server 2012 through Server 2025). Rated CVSS 8.1, the flaw carries high impact to confidentiality, integrity, and availability but requires winning a race condition (AC:H), and no public exploit identified at time of analysis. Reported by Microsoft with a vendor patch available.

Use After Free Memory Corruption Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2026-54119 HIGH PATCH This Week

Denial of service in Windows Active Directory (spanning Windows 10, Windows 11, and Windows Server 2012 through 2025) lets a remote, unauthenticated attacker send crafted network traffic that drives an AD service into an infinite loop, exhausting CPU and rendering domain services unavailable. Because the CVSS vector is AV:N/AC:L/PR:N/UI:N with high availability impact and no confidentiality or integrity loss, this is a pure availability threat against domain controllers. Microsoft has released a patch; there is no public exploit identified at time of analysis and no CISA KEV listing.

Microsoft Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 Windows 10 Version 21H2 +15
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-54114 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows Win32K (the kernel-mode GUI subsystem) allows an authenticated local user to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of supported builds spanning Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025, including Server Core installations. Microsoft has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2026-55000 MEDIUM PATCH Exploit Unlikely This Month

Privilege escalation via use-after-free in the Windows USB Print Driver affects Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025, requiring physical access to exploit. An attacker with hands-on access to a target machine can trigger a memory corruption condition through the USB print subsystem to achieve full local privilege escalation - High confidentiality, integrity, and availability impact per CVSS. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 24H2 +4
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2026-54989 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Quality Windows Audio/Video Experience (QWAVE) service lets an already-authenticated, low-privileged user elevate to higher privileges by exploiting a use-after-free (CWE-416) memory-corruption condition. The flaw spans a broad range of builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis, and the CVSS 3.1 base score is 7.0 (AV:L/AC:H/PR:L).

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +17
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-54129 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Hyper-V (CWE-416 use-after-free) allows an authenticated attacker already running low-privileged code on an affected host to elevate to higher privileges, with full confidentiality, integrity, and availability impact. Reported by Microsoft and affecting a broad range of Windows 10, Windows 11, and Windows Server builds including Server 2019/2022/2025. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2026-50506 HIGH PATCH Exploit Unlikely This Week

Uncontrolled resource allocation in Microsoft's ASP.NET Core OData libraries (Microsoft.AspNetCore.OData and Microsoft.AspNet.OData) lets a remote, unauthenticated attacker exhaust server resources and cause a denial of service over the network. Any web application or API exposing OData query endpoints built on the affected packages is at risk, and the CVSS 7.5 rating reflects a high-availability impact with no confidentiality or integrity compromise. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

Denial Of Service Aspnet Odata Aspnetcore Odata
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2026-49173 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel (Windows 11 version 26H1) lets an already-authenticated low-privileged user corrupt kernel memory through a use-after-free condition and gain SYSTEM-level control. Microsoft self-reported the flaw and has shipped a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 7.8 (High) score reflects full confidentiality, integrity, and availability compromise achievable entirely from a local, low-privilege foothold with no user interaction.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 11 Version 26H1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-49171 HIGH PATCH Exploit Unlikely This Week

Local privilege elevation in the Windows Speech component (Text-to-Speech / speech runtime) affects a broad range of Windows 10, Windows 11, and Windows Server releases, where a use-after-free (CWE-416) lets an already-authenticated local user corrupt memory to run code at higher privilege. Exploitation is non-trivial - it requires local access, low-level authentication, user interaction, and winning a memory-timing condition - and the CVSS 7.5 rating reflects a scope-changed, high-impact outcome. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, so this is a patch-on-cycle EoP rather than an emergency.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1607 +13
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-49169 HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Windows Server 2025 DNS Server role allows a privileged, authenticated attacker to run arbitrary code over the network by triggering a use-after-free (CWE-416) memory-corruption condition. The flaw carries a CVSS 8.0 rating with a changed scope, meaning successful exploitation can affect resources beyond the vulnerable component. Microsoft has issued a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service Windows Server 2025 Windows Server 2025 Server Core Installation
NVD
CVSS 3.1
8.0
EPSS
0.5%
CVE-2026-49167 MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Use After Free Memory Corruption Denial Of Service Microsoft Windows 10 Version 1809 +10
NVD
CVSS 3.1
4.7
EPSS
0.3%
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft XML Core Services (MSXML) lets a low-privileged, authorized attacker on a Windows host reclaim a freed object (use-after-free, CWE-416) to run code at elevated privilege. It affects a broad Windows footprint spanning Windows 10 1607 and Server 2012 through Windows 11 26H1 and Server 2025, including Server Core installations. Microsoft reported the flaw, a patch is available, and there is no public exploit identified at time of analysis; CISA SSVC currently rates exploitation as none.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Arbitrary code execution in Microsoft Office Excel arises from a use-after-free (CWE-416) memory-corruption flaw affecting Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, Office for Mac, and Office Online Server. The CVSS 3.1 vector (AV:L/UI:R) makes this a user-interaction-dependent, locally-scoped issue: a victim must open a maliciously crafted Excel workbook, after which the attacker gains code execution in the user's security context. No public exploit is identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local code execution in Microsoft Office Word (CWE-416 use-after-free) allows an unauthorized attacker to run arbitrary code in the context of the current user when a victim opens a maliciously crafted document. The flaw affects a broad Office footprint including Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024 (Windows and Mac), and related SharePoint Server products that process Word documents. Microsoft has released a patch; no public exploit has been identified at time of analysis, and neither KEV nor EPSS/POC signals were provided in the input.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Word (across Microsoft 365 Apps, Office 2019/LTSC 2021/2024, Office for Mac, and Word 2016) allows an attacker to run arbitrary code by exploiting a use-after-free memory corruption flaw when a victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 with a local attack vector requiring user interaction; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. Microsoft, which reported the issue itself, has released a patch.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office for Mac) stems from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted document. Rated CVSS 7.8 with high confidentiality, integrity, and availability impact, exploitation requires user interaction but no prior authentication, letting an attacker run arbitrary code in the context of the current user. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix, so patching should be prioritized during the normal Patch Tuesday cycle.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and Office for Mac 2021/2024) arises from a use-after-free memory corruption flaw that an attacker triggers by convincing a user to open a maliciously crafted Office document. Successful exploitation runs arbitrary code in the context of the current user, yielding full confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV; Microsoft has published a patch via MSRC.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (2016, 2019, LTSC 2021/2024, Microsoft 365 Apps, and the macOS editions) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an attacker run arbitrary code in the context of the current user after the victim opens a maliciously crafted document. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:N/UI:R) with high impact to confidentiality, integrity, and availability, and requires user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch is available via MSRC.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Excel (across Microsoft 365 Apps for Enterprise, Office 2019, Office LTSC 2021/2024, and their macOS equivalents) arises from a use-after-free (CWE-416) memory-corruption flaw triggered when a user opens a maliciously crafted spreadsheet. The CVSS vector (AV:L/AC:L/PR:N/UI:R) indicates an unauthenticated attacker can achieve full confidentiality, integrity, and availability impact but requires the victim to open a file, making it a classic phishing-delivered client-side bug. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, though Excel memory-corruption bugs are historically attractive targets.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office (including Microsoft 365 Apps for Enterprise, Office 2016/2019, and Office LTSC 2021/2024) stems from a use-after-free memory-corruption flaw (CWE-416). An attacker who convinces a user to open a specially crafted Office document can execute arbitrary code in the context of the current user, gaining full confidentiality, integrity, and availability impact. Exploitation requires user interaction (opening a malicious file) and there is no public exploit identified at time of analysis.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 8.4
HIGH POC PATCH Exploit Likely This Week

Local code execution in the Windows DHCP Client service stems from a use-after-free (CWE-416) memory-corruption flaw affecting a broad range of Windows 10, Windows 11, and Windows Server releases (Server 2012 through Server 2025). Per the CVSS vector an unauthenticated attacker with local access can achieve high-impact code execution with no user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a patch through the MSRC update guide.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Clipboard Server (Cliprdr/RDP clipboard virtual channel service) affects a broad range of Windows 10, Windows 11, and Windows Server builds (from 1809 through 11 26H1 and Server 2025). An authenticated local attacker who can trigger a use-after-free (CWE-416) in the service can corrupt memory to run code at elevated (SYSTEM-level) privilege. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 8.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Kernel lets an already-authenticated, low-privileged attacker on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 corrupt kernel memory via a use-after-free and gain SYSTEM-level control. The CVSS 3.1 score of 8.8 is elevated by a scope change (S:C), reflecting that kernel compromise crosses the boundary from user context to the OS itself. Microsoft has released a patch; no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 1% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Microsoft Windows Kernel allows an authenticated attacker to gain SYSTEM-level control by exploiting a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of Windows client and server builds - from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through Server 2025 - and was reported by Microsoft with a patch available. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; the CVSS 3.1 base score is 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Media (a component shipping in Windows 11 versions 24H2, 25H2, and 26H1) lets an authenticated local attacker execute code at elevated privilege by triggering a use-after-free (CWE-416) memory-corruption condition. Reported by Microsoft with a vendor patch available, it carries CVSS 7.8 (High) and can yield full confidentiality, integrity, and availability compromise of the host. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +4
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft's Windows USB Print Driver stems from a use-after-free (CWE-416) memory corruption flaw affecting Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. A low-privileged authenticated attacker who can execute code on the host and win a memory-timing race can corrupt kernel memory to gain higher (SYSTEM-level) privileges. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation is not currently observed in the wild.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel lets an authenticated attacker gain elevated (SYSTEM-level) privileges by triggering a NULL pointer dereference (CWE-476) in kernel-mode code. The flaw affects a broad range of client and server builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Reported by Microsoft with a patch available; no public exploit identified at time of analysis.

Microsoft Denial Of Service Null Pointer Dereference +18
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows NTFS (New Technology File System) driver lets an already-authenticated low-privileged user corrupt kernel memory via a use-after-free (CWE-416) and elevate to SYSTEM. The flaw affects a broad Windows client and server matrix (Windows 10 1809 through Windows 11 26H1, Windows Server 2019/2022/2025). It has no public exploit identified at time of analysis and is not on CISA KEV, but as a Microsoft-reported, patched NTFS kernel bug it is a routine patch-priority item on standard Patch Tuesday cycles.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 1% CVSS 8.8
HIGH PATCH Exploit Unlikely This Week

Privilege escalation in the Windows Remote Access Connection Manager (RasMan) service lets an authenticated, low-privileged attacker corrupt memory over the network to gain higher privileges on affected Windows 10, 11, and Server systems. The flaw is a CWE-416 use-after-free carrying a CVSS 8.8 with high impact to confidentiality, integrity, and availability. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +17
NVD
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Active Directory Federation Services (AD FS) allows an unauthenticated, remote attacker to send crafted network requests that drive a request-handling routine into an infinite loop (CWE-835), exhausting CPU and rendering the federation service unavailable. All supported Windows Server releases hosting the AD FS role are impacted, and because the flaw requires no authentication and no user interaction (CVSS 7.5, AV:N/AC:L/PR:N/UI:N), it can knock out single sign-on for every relying-party application. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so this is a patch-priority availability issue rather than a confirmed active-exploitation event.

Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
EPSS 0% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Microsoft Windows Message Queuing (MSMQ) service arises from a use-after-free (CWE-416) memory-corruption flaw that an authenticated attacker can trigger across a network to run arbitrary code in the service context. It affects a broad range of supported Windows client and server releases from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025 wherever the MSMQ component is enabled. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft rates it CVSS 7.5 and has released a fix.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Installer (msiexec) service across Windows 10, Windows 11, and Windows Server 2012 through 2025 allows an already-authenticated local user to gain higher privileges by triggering a use-after-free memory-corruption condition. No public exploit has been identified at time of analysis, and it is not listed in CISA KEV, but Microsoft has published a patch. The high CVSS complexity (AC:H) indicates exploitation requires winning a race or meeting specific timing/heap conditions rather than being trivially reliable.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Privilege escalation in the Windows Netlogon service allows an already-authenticated, low-privileged network attacker to elevate to higher privileges by exploiting a use-after-free (CWE-416) memory-corruption condition. The flaw affects a broad range of Windows client and server releases from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025, including Server Core installations. Reported by Microsoft with a vendor patch available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 1% CVSS 8.1
HIGH PATCH Exploit Unlikely This Week

Network-based privilege elevation in Microsoft Windows DNS (Windows 11 24H2/25H2/26H1 and Windows Server 2025) stems from a use-after-free memory corruption condition that an unauthenticated remote attacker can exploit to gain elevated privileges with full confidentiality, integrity, and availability impact. The flaw requires no prior authentication or user interaction (PR:N/UI:N) but carries high attack complexity (AC:H), meaning reliable exploitation depends on winning a race or satisfying a specific memory-state timing window. Microsoft self-reported the issue and has shipped a patch; no public exploit identified at time of analysis and it is not currently listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Elevation of privilege in the Windows Runtime (WinRT) component affects Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2025, where a use-after-free memory-corruption flaw lets an already-authenticated local user run code at higher privilege. Microsoft has released a patch and reported the issue; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV. Given the CVSS 7.8 (Important) rating and full C/I/A impact, this is a standard local privilege-escalation risk suited for regular patch prioritization rather than emergency response.

Use After Free Memory Corruption Denial Of Service +8
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Graphics Kernel component allows an authenticated attacker to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory-corruption condition. All currently supported Windows client and server builds are affected - from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. No public exploit identified at time of analysis; Microsoft has released a patch, and the CVSS 7.8 (Important) rating reflects high impact but a local-access, low-privilege prerequisite.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel lets an authenticated attacker who already has low-privileged code execution on a host elevate to SYSTEM by exploiting a use-after-free (CWE-416) memory corruption. It affects a broad range of supported Windows client and server builds - Windows 10 (1809/21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2019/2022/2025 - and Microsoft has released a patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation appears unproven publicly despite the reliably-exploitable nature of kernel UAF flaws.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel arises from a use-after-free (CWE-416) memory-corruption flaw that lets an attacker running code on the machine gain higher privileges, potentially SYSTEM. It affects a broad range of current Windows client and server builds (Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, Windows Server 2022/2025). No public exploit identified at time of analysis, but the local attack surface and full CIA impact make it a standard Patch-Tuesday-class kernel EoP worth prompt patching.

Use After Free Memory Corruption Denial Of Service +9
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Backup Engine affects Windows 10 (21H2, 22H2) and Windows 11 (24H2, 25H2, 26H1), where a use-after-free (CWE-416) memory-corruption flaw lets an already-authorized local user with low privileges elevate to higher rights. No public exploit identified at time of analysis, and it is not listed in CISA KEV; Microsoft rates it 7.0 (High), reflecting meaningful impact tempered by high attack complexity. Successful exploitation grants full confidentiality, integrity, and availability impact on the affected host.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 1% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows (Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through 2025) arises from a use-after-free memory-corruption flaw (CWE-416) that lets an already-authenticated local user run code at elevated privilege. The CVSS 3.1 base score is 7.8 with a scope-changed vector, and Microsoft has shipped a fix via MSRC. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, so exploitation is currently theoretical rather than observed.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Brokering File System affects Windows 11 24H2/25H2/26H1 and Windows Server 2025, where a use-after-free (CWE-416) lets an already-authenticated local user corrupt memory to elevate to higher privileges (typically SYSTEM). Microsoft has released a patch and rates it 7.8 (High). There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Microsoft's Remote Desktop Client (the RDP client, mstsc.exe, shipped across Windows 10, Windows 11, and Windows Server 2012 through 2025) allows an unauthorized attacker to run arbitrary code over the network by triggering a use-after-free memory-corruption condition. Exploitation requires the victim to connect to an attacker-controlled or compromised RDP endpoint (UI:R), after which the malicious server can corrupt client-side memory to achieve full code execution. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV; a vendor patch is available from Microsoft.

Use After Free Memory Corruption Denial Of Service +18
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Virtual Filtering Platform (VFP) allows an authorized attacker to deny service over a network.

Use After Free Memory Corruption Denial Of Service +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in the Windows Runtime (WinRT) component of Windows 10, Windows 11, and Windows Server allows an authenticated attacker to run arbitrary code with elevated (SYSTEM-level) privileges by triggering a use-after-free memory-corruption condition (CWE-416). Microsoft has released a patch, but there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. The CVSS 3.1 score of 7.8 (High) with a fully local vector reflects meaningful post-compromise impact but requires the attacker to already have a foothold on the host.

Use After Free Memory Corruption Denial Of Service +11
NVD
EPSS 1% CVSS 8.1
HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Microsoft Message Queuing (MSMQ) Queue Manager affects a broad range of Windows client and server releases, from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. An unauthenticated network attacker who can reach the MSMQ service (TCP 1801) can trigger a use-after-free (CWE-416) in the Queue Manager to execute arbitrary code in the service context. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but the high CVSS (8.1), network attack vector, and lack of any authentication requirement make patched deployment urgent; exploitation is tempered by the High attack complexity (AC:H).

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in the Windows Brokering File System component affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a use-after-free memory corruption (CWE-416) lets an already-authenticated local user elevate to higher privileges. Microsoft rates it CVSS 7.8 with full confidentiality, integrity, and availability impact, and has released a patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges with a physical attack.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in the Microsoft Windows Content Delivery Manager component lets an authenticated low-privileged user elevate to SYSTEM by triggering a use-after-free (CWE-416) memory-corruption condition. The flaw affects a broad range of client and server builds (Windows 10 1809 through Windows 11 26H1, plus Server 2019 and Server 2025), and Microsoft has released a patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +10
NVD
EPSS 0% CVSS 8.8
HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Runtime (WinRT) via a use-after-free memory corruption flaw enables a locally authenticated low-privilege attacker to elevate to SYSTEM-level access on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. The CVSS scope change (S:C) confirms the exploit crosses a security boundary, yielding full confidentiality, integrity, and availability impact beyond the originating process. No public exploit identified at time of analysis; Microsoft has released a patch via MSRC.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 1% CVSS 8.8
HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Remote Desktop Services (RDS) lets an authenticated, low-privileged attacker elevate to higher privileges across a network by triggering a use-after-free (CWE-416) memory-corruption condition in the RDS component. The flaw spans a broad range of supported Windows client and server releases (Windows 10/11 and Windows Server 2012 through 2025). Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 2% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Windows Kernel affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 (including Server Core), where an authorized attacker can exploit a use-after-free (CWE-416) memory-corruption condition to elevate privileges to SYSTEM. The flaw was reported by Microsoft, which has released a patch, and carries a CVSS 7.8 rating driven entirely by high confidentiality, integrity, and availability impact once local access is obtained. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel lets an already-authenticated attacker win a use-after-free race (CWE-416) to gain SYSTEM-level control, affecting a broad range of client and server builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch and there is no public exploit identified at time of analysis. The moderate 7.0 score reflects high attack complexity (a timing-dependent race) offset by full confidentiality, integrity and availability impact once triggered.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 2% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows Media (the Windows Media component/codec subsystem) allows an already-authenticated local attacker to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of currently-supported Windows client and server releases, from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Runtime (WinRT) affects a broad range of supported Windows client and server releases, from Windows 10 1809 and Windows Server 2019 through Windows 11 26H1 and Windows Server 2025. An authorized local attacker who can execute low-privilege code can trigger a use-after-free (CWE-416) memory-corruption condition to elevate privileges, yielding full confidentiality, integrity, and availability impact on the host. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Runtime (WinRT) affects a broad range of Windows client and server builds, from Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025. An authorized local attacker who can run low-privileged code can trigger a use-after-free memory-corruption condition to elevate to higher privileges, with high confidentiality, integrity, and availability impact implying a path to SYSTEM. No public exploit identified at time of analysis, and the flaw is not on CISA KEV; a vendor patch is available.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows DirectX graphics kernel subsystem allows an authenticated attacker to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory-corruption condition across Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. The CVSS 3.1 vector (7.8, AV:L/PR:L) confirms local access and low existing privileges are required with no user interaction, yielding full confidentiality, integrity, and availability impact. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Media component affects a broad range of Microsoft Windows client and server editions (Windows 10 1607 through Windows 11 26H1, and Windows Server 2016 through 2025). A low-privileged authenticated attacker can abuse a use-after-free (CWE-416) memory corruption flaw to elevate to higher privileges, achieving full confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the flaw is not on CISA KEV, but the high attack complexity (a likely race condition) is the main barrier to reliable exploitation.

Use After Free Memory Corruption Denial Of Service +15
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network.

Denial Of Service Null Pointer Dereference Windows 10 Version 1607 +17
NVD
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Elevation of privilege in the Windows Runtime (WinRT) component of Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 allows an authenticated attacker to gain higher privileges by exploiting a use-after-free memory-corruption flaw over the network. Microsoft, who reported the issue, has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The high CVSS (8.5) is driven by a scope change and full confidentiality/integrity/availability impact, though high attack complexity tempers real-world exploitability.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH Exploit Unlikely This Month

Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.

Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in Windows Image Acquisition (WIA) affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a NULL pointer dereference can be leveraged by an already-authenticated local user to elevate privileges. Microsoft rates it 7.8 (High) with full confidentiality, integrity, and availability impact despite the flaw class typically causing denial of service. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Microsoft Denial Of Service Null Pointer Dereference +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Internal System User Profile component allows an already-authenticated attacker to gain elevated (SYSTEM-level) privileges by triggering a use-after-free memory corruption condition (CWE-416). The flaw affects Windows 10 (21H2/22H2), Windows 11 (24H2/25H2/26H1), and Windows Server 2025 including Server Core. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CVSS 7.8 rating and full high impact on confidentiality, integrity, and availability make it a meaningful patch-cycle priority.

Use After Free Memory Corruption Denial Of Service +8
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Windows Kernel-Mode Drivers on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 lets an authenticated local attacker corrupt kernel memory via a use-after-free and gain SYSTEM-level control. Rated CVSS 7.0 (Important) and reported by Microsoft itself; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The high attack complexity (AC:H) reflects the race-condition nature typical of kernel UAF bugs, which tempers real-world exploitability despite full C/I/A impact.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Application Model (the subsystem underlying UWP/packaged app lifecycle and activation) lets an authorized attacker with an existing low-privileged foothold gain SYSTEM-level control by triggering a use-after-free memory-corruption condition. All supported Windows client and server builds from Windows 10 1607 through Windows 11 26H1 and Windows Server 2016 through Server 2025 are affected. This is a Microsoft-reported flaw with a vendor patch available; there is no public exploit identified at time of analysis and it is not on CISA KEV.

Use After Free Memory Corruption Denial Of Service +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in the Windows Unified Consent System (UCS) lets an already-authenticated attacker exploit a use-after-free memory-corruption flaw (CWE-416) to gain higher privileges, potentially up to SYSTEM. It affects a broad range of current Windows client and server builds including Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, and Windows Server 2025. Reported by Microsoft with a CVSS 3.1 base score of 7.8; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +8
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Microsoft Windows TCP/IP stack allows an authenticated attacker to elevate to SYSTEM by exploiting a use-after-free (CWE-416) memory corruption flaw. Affected builds span Windows 10 (1809, 21H2, 22H2), Windows 11 (24H2, 25H2, 26H1), and Windows Server 2019/2022/2025 including Server Core. No public exploit identified at time of analysis; Microsoft has released a patch, and the CVSS 7.0 score reflects high attack complexity (likely a race condition) that raises the exploitation bar.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Kernel-Mode Drivers lets an already-authenticated, low-privileged user corrupt kernel memory to gain SYSTEM-level control. Affected builds include Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, including Server Core. Microsoft has shipped a patch; there is no public exploit identified at time of analysis, and it is not on the CISA KEV list.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege elevation in the Microsoft Windows TCP/IP networking stack lets an already-authenticated, low-privileged user corrupt kernel memory via a use-after-free (CWE-416) and gain SYSTEM-level control. The flaw affects a broad range of client and server SKUs from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through Server 2025, including Server Core installations. Microsoft reported the issue and has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Secure Kernel Mode (VBS/Isolated User Mode trust boundary) affects Windows 11 24H2/25H2/26H1 and Windows Server 2025, where a use-after-free (CWE-416) lets an already-authenticated local attacker gain elevated privileges. Microsoft rates it 7.0 (High) with a local, high-complexity vector requiring low privileges and no user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, so exploitation would require winning a memory-corruption race after already having a foothold.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 2% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Microsoft Windows Kernel allows an already-authenticated attacker to gain SYSTEM-level control by exploiting a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of supported Windows client and server releases (Windows 10 1809 through Windows 11 26H1, and Windows Server 2019 through 2025) and, per the CVSS 7.8 vector, yields full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Brokering File System affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a use-after-free (CWE-416) memory-corruption flaw lets an already-authenticated local user execute code with elevated (typically SYSTEM) privileges. Microsoft has released a patch and reported the issue itself; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 3.1 base score is 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting a locally-exploitable but high-impact elevation path.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Graphics Kernel component allows a low-privileged local user to elevate to SYSTEM by exploiting a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of Windows 10, Windows 11, and Windows Server releases, was reported by Microsoft, and has a vendor-released patch available. No public exploit is identified at time of analysis and it is not listed in CISA KEV; the high attack complexity (AC:H) makes reliable exploitation non-trivial.

Use After Free Memory Corruption Denial Of Service +14
NVD
EPSS 0% CVSS 7.1
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Kernel lets an already-authenticated, low-privileged user corrupt kernel memory via a use-after-free (CWE-416) and gain higher privileges on the host. The flaw affects a broad range of currently-supported Windows client and server releases (Windows 10 1607 through Windows 11 26H1, and Windows Server 2016 through 2025); Microsoft has shipped a fix. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows taskbar (Internal Task Bar component) allows an authenticated attacker to elevate to higher privileges by exploiting a use-after-free memory corruption flaw. The issue affects a broad range of current Windows client and server builds (Windows 10 21H2/22H2, Windows 11 24H2/25H2/26H1, and Windows Server 2025), was reported by Microsoft itself, and is fixed via a vendor patch. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +8
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Windows Runtime (WinRT) on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025 allows an authenticated local user to gain higher privileges by exploiting a use-after-free memory-corruption flaw (CWE-416). Successful exploitation yields high confidentiality, integrity, and availability impact, effectively enabling escalation to SYSTEM-level control on the host. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV; the elevated attack complexity (AC:H) indicates exploitation requires winning a race or meeting specific timing/heap conditions.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH Exploit Unlikely This Month

Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.

Microsoft Denial Of Service Windows 10 Version 1607 +17
NVD
EPSS 2% CVSS 9.3
CRITICAL POC PATCH Exploit Likely Act Now

Local privilege escalation in the Microsoft Windows Kernel allows an unauthorized attacker to gain elevated (SYSTEM-level) privileges by triggering a use-after-free condition (CWE-416) in kernel memory. The flaw affects a broad range of supported Windows client and server releases, from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 2% CVSS 8.8
HIGH POC PATCH Exploit Likely This Week

Local privilege escalation in the Windows Kernel lets an already-authenticated attacker corrupt kernel memory via a use-after-free (CWE-416) and gain full control of the host. The CVSS 3.1 vector (AV:L/PR:L, scope-changed with C:H/I:H/A:H) reflects a low-privileged local user escalating to SYSTEM-level compromise across a broad range of Windows 10, Windows 11, and Windows Server builds. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a patch.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Denial of service in the Windows HTTP/2 network stack allows a remote, unauthenticated attacker to exhaust server resources and render affected services unavailable across a broad range of Windows client and server releases (Windows 10/11 and Windows Server 2016 through 2025). Reported by Microsoft with a vendor patch available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The 7.5 CVSS reflects high availability impact with no confidentiality or integrity loss.

Denial Of Service Windows 10 Version 1607 Windows 10 Version 1809 +12
NVD
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Windows HTTP.sys allows remote unauthenticated attackers to exhaust system resources and make affected hosts unresponsive over the network. The flaw stems from missing resource limits/throttling (CWE-770) in the kernel-mode HTTP protocol stack, affecting a broad range of Windows client and server releases from Windows 10 1607 through Windows 11 26H1 and Windows Server 2016 through 2025. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; a vendor patch is available via MSRC.

Microsoft Denial Of Service Windows 10 Version 1607 +13
NVD
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft's OData libraries for ASP.NET/ASP.NET Core (Microsoft.AspNet.OData and Microsoft.AspNetCore.OData) allows a remote, unauthenticated attacker to exhaust server resources over the network, degrading or crashing the hosting web application (CVSS 7.5, availability-only impact). The flaw stems from resource allocation without limits or throttling (CWE-770), so a crafted request stream forces excessive consumption of CPU, memory, or connections. Microsoft has released a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Aspnet Odata Aspnetcore Odata
NVD
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Denial of service in Microsoft Azure Active Directory (Entra ID) allows a remote unauthenticated attacker to send network traffic that drives affected processing into an infinite loop (CWE-835), exhausting resources and disrupting availability of the identity service. The flaw carries CVSS 7.5 with a high-availability impact, no confidentiality or integrity effect, and no public exploit identified at time of analysis. Microsoft has released a fix, which for this cloud-hosted service is applied server-side by the vendor.

Microsoft Denial Of Service Azure Active Directory
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in the Windows Kernel Mode Driver affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, where a use-after-free (CWE-416) lets an already-authenticated local attacker corrupt kernel memory and elevate to SYSTEM. Reported by Microsoft with a patch already available; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 7.8 (AV:L/PR:L) reflects a high-impact but locally-scoped flaw requiring an existing foothold on the host.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows arises from a use-after-free flaw (CWE-416) in the Windows Storage component, affecting Windows 10 (1809, 21H2, 22H2), Windows 11 (24H2, 25H2, 26H1), and Windows Server 2019/2022/2025. An authorized attacker who already has low-level access to a machine can trigger the freed-memory reuse to elevate to higher privileges (CVSS 7.0, high attack complexity). Microsoft has released a patch; there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH Exploit Unlikely This Month

Null pointer dereference in Windows Active Directory Domain Services (AD DS) enables a low-privileged authenticated attacker to crash the service remotely, causing denial of service across the affected domain. The flaw spans a wide range of Windows client and server releases, from Windows 10 version 1607 through Windows 11 version 26H1 and Windows Server 2012 through 2025. No public exploit code has been identified and this vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog at time of analysis, though the network-accessible attack surface and low privilege requirement lower the bar for abuse in environments with broad domain user access.

Denial Of Service Null Pointer Dereference Windows 10 Version 1607 +17
NVD
EPSS 0% CVSS 7.4
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Hyper-V virtualization stack lets an attacker running code on an affected host trigger a use-after-free to gain higher privileges. The flaw affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2022/2025, was reported by Microsoft, and has a vendor patch available. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the modeled full compromise of confidentiality, integrity, and availability (C:H/I:H/A:H) makes it a meaningful patch-cycle priority.

Use After Free Memory Corruption Denial Of Service +7
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Remote code execution in the Windows Secure Socket Tunneling Protocol (SSTP) component lets an unauthenticated network attacker run arbitrary code by triggering a use-after-free (CWE-416) memory-corruption condition. The flaw spans a broad range of Windows client and server builds, from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. No public exploit is identified at time of analysis and it is not listed in CISA KEV, but the network attack vector combined with full high impact to confidentiality, integrity and availability makes it a meaningful patch priority.

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Denial of service in ASP.NET Core (the web framework shipped with .NET 8.0, 9.0, and 10.0) lets a remote, unauthenticated attacker exhaust server resources by triggering unbounded allocations over the network. Because affected requests are not throttled or capped, a single crafted request stream can degrade availability of the hosting process without any authentication or user interaction. Reported by Microsoft with a vendor patch available; no public exploit identified at time of analysis and no CISA KEV listing.

Denial Of Service Net 10 0 Net 8 0 +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local code execution in Microsoft Excel (2016, Office 2019, Office LTSC 2021/2024, Microsoft 365 Apps, Office for Mac, and Office Online Server) arises from a use-after-free memory corruption (CWE-416) that an attacker triggers when a victim opens a maliciously crafted spreadsheet. Exploitation runs code in the context of the current user and requires user interaction (opening the file), with no public exploit identified at time of analysis. This is a locally-exploited, phishing-delivered class of bug typical of Office file-format handlers, patched by Microsoft via MSRC.

Use After Free Memory Corruption Denial Of Service +10
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Remote code execution in the Windows Reliable Multicast Transport Driver (RMCAST) lets an unauthenticated network attacker trigger a use-after-free (CWE-416) and run arbitrary code on a broad range of Windows 10, Windows 11, and Windows Server systems (Server 2012 through Server 2025). Rated CVSS 8.1, the flaw carries high impact to confidentiality, integrity, and availability but requires winning a race condition (AC:H), and no public exploit identified at time of analysis. Reported by Microsoft with a vendor patch available.

Use After Free Memory Corruption Denial Of Service +18
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Denial of service in Windows Active Directory (spanning Windows 10, Windows 11, and Windows Server 2012 through 2025) lets a remote, unauthenticated attacker send crafted network traffic that drives an AD service into an infinite loop, exhausting CPU and rendering domain services unavailable. Because the CVSS vector is AV:N/AC:L/PR:N/UI:N with high availability impact and no confidentiality or integrity loss, this is a pure availability threat against domain controllers. Microsoft has released a patch; there is no public exploit identified at time of analysis and no CISA KEV listing.

Microsoft Denial Of Service Windows 10 Version 1607 +17
NVD
EPSS 2% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows Win32K (the kernel-mode GUI subsystem) allows an authenticated local user to elevate to SYSTEM by triggering a use-after-free (CWE-416) memory corruption condition. The flaw affects a broad range of supported builds spanning Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 through 2025, including Server Core installations. Microsoft has released a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH Exploit Unlikely This Month

Privilege escalation via use-after-free in the Windows USB Print Driver affects Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025, requiring physical access to exploit. An attacker with hands-on access to a target machine can trigger a memory corruption condition through the USB print subsystem to achieve full local privilege escalation - High confidentiality, integrity, and availability impact per CVSS. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Use After Free Memory Corruption Denial Of Service +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Quality Windows Audio/Video Experience (QWAVE) service lets an already-authenticated, low-privileged user elevate to higher privileges by exploiting a use-after-free (CWE-416) memory-corruption condition. The flaw spans a broad range of builds from Windows 10 1607 and Windows Server 2012 through Windows 11 26H1 and Windows Server 2025. Microsoft has released a patch; there is no public exploit identified at time of analysis, and the CVSS 3.1 base score is 7.0 (AV:L/AC:H/PR:L).

Use After Free Memory Corruption Denial Of Service +19
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Hyper-V (CWE-416 use-after-free) allows an authenticated attacker already running low-privileged code on an affected host to elevate to higher privileges, with full confidentiality, integrity, and availability impact. Reported by Microsoft and affecting a broad range of Windows 10, Windows 11, and Windows Server builds including Server 2019/2022/2025. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +12
NVD
EPSS 1% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Uncontrolled resource allocation in Microsoft's ASP.NET Core OData libraries (Microsoft.AspNetCore.OData and Microsoft.AspNet.OData) lets a remote, unauthenticated attacker exhaust server resources and cause a denial of service over the network. Any web application or API exposing OData query endpoints built on the affected packages is at risk, and the CVSS 7.5 rating reflects a high-availability impact with no confidentiality or integrity compromise. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

Denial Of Service Aspnet Odata Aspnetcore Odata
NVD
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Microsoft Windows Kernel (Windows 11 version 26H1) lets an already-authenticated low-privileged user corrupt kernel memory through a use-after-free condition and gain SYSTEM-level control. Microsoft self-reported the flaw and has shipped a patch; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The CVSS 7.8 (High) score reflects full confidentiality, integrity, and availability compromise achievable entirely from a local, low-privilege foothold with no user interaction.

Use After Free Memory Corruption Denial Of Service +2
NVD
EPSS 0% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Local privilege elevation in the Windows Speech component (Text-to-Speech / speech runtime) affects a broad range of Windows 10, Windows 11, and Windows Server releases, where a use-after-free (CWE-416) lets an already-authenticated local user corrupt memory to run code at higher privilege. Exploitation is non-trivial - it requires local access, low-level authentication, user interaction, and winning a memory-timing condition - and the CVSS 7.5 rating reflects a scope-changed, high-impact outcome. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, so this is a patch-on-cycle EoP rather than an emergency.

Use After Free Memory Corruption Denial Of Service +15
NVD
EPSS 0% CVSS 8.0
HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Windows Server 2025 DNS Server role allows a privileged, authenticated attacker to run arbitrary code over the network by triggering a use-after-free (CWE-416) memory-corruption condition. The flaw carries a CVSS 8.0 rating with a changed scope, meaning successful exploitation can affect resources beyond the vulnerable component. Microsoft has issued a patch; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Use After Free Memory Corruption Denial Of Service +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH Exploit Unlikely This Month

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Use After Free Memory Corruption Denial Of Service +12
NVD
Prev Page 2 of 405 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy