Skip to main content

Microsoft

17290 CVEs vendor

Monthly

CVE-2026-27910 HIGH PATCH Exploit Unlikely This Week

Windows Installer privilege escalation via improper permission handling enables authenticated local users to gain SYSTEM-level access across all supported Windows 10, 11, and Server platforms (2012-2025). The vulnerability (CWE-280: Improper Handling of Insufficient Privileges) requires low-privilege local access but offers complete system compromise with low attack complexity. CVSS 7.8 High severity reflects full confidentiality, integrity, and availability impact. Vendor-released patches are a

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-27909 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows Search Component affects Windows 10 (1607-22H2), Windows 11 (22H3-26H1), and Windows Server (2012-2025) via use-after-free memory corruption (CWE-416). Authenticated local attackers with low privileges can exploit this vulnerability to gain SYSTEM-level access with low attack complexity and no user interaction required (CVSS 7.8). Vendor-released patches available for all affected versions; no public exploit identified at time of analysis.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26184 HIGH PATCH Exploit Unlikely This Week

Windows Projected File System buffer over-read allows authenticated local attackers with low privileges to escalate to high integrity, potentially achieving SYSTEM-level access across Windows 10, Windows 11, and Windows Server platforms. This CWE-126 memory disclosure vulnerability scores 7.8 CVSS with straightforward exploitation (low complexity, no user interaction), affecting extensive Windows infrastructure from legacy 1809 through current 26H1 builds. No public exploit identified at time of

Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26182 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock (AFD.sys) allows authenticated low-privilege users to gain SYSTEM-level access through use-after-free memory corruption. Affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025, including Server Core installations. Vendor-released patches available across all affected platforms. No public exploit identified at time of analysis, though high-complexity local exploitation (CVSS AC:H)

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-26178 HIGH PATCH Exploit Unlikely This Week

Integer size truncation in Windows Advanced Rasterization Platform (WARP) enables unauthenticated remote attackers to achieve code execution with elevated privileges across Windows 10, 11, and Server editions by persuading users to interact with malicious content. Microsoft has released security updates addressing this vulnerability across all supported Windows versions. No public exploit identified at time of analysis, though the unauthenticated remote attack vector (CVSS AV:N/PR:N) combined wi

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-26177 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock affects all supported Windows 10, 11, and Server versions through use-after-free memory corruption. Authenticated local attackers with low privileges can exploit this CWE-416 vulnerability to gain SYSTEM-level access, achieving high impact to confidentiality, integrity, and availability. Vendor-released patches are available across all affected platforms. No public exploit identified at time of analysis, though the high

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-26176 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Client Side Caching driver (csc.sys) allows authenticated users with low privileges to gain SYSTEM-level access via heap-based buffer overflow exploitation. Affects all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025). Vendor-released patches are available from Microsoft as of early 2026. No public exploit identified at time of analysis, though the straightforward attack complexity (AC:L) and no user interaction requirement (

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26173 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock (AFD.sys) across Windows 10, 11, and Server 2012-2025 allows low-privileged authenticated attackers to gain SYSTEM-level access via race condition exploitation. The vulnerability affects widespread Windows deployments spanning a decade of operating system versions, from Server 2012 (6.2.9200.0) through Windows 11 26H1 and Server 2025. Microsoft has released patches for all affected versions. No public exploit identified

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-26172 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Push Notifications service affects Windows 10 21H2/22H2, Windows 11 22H3-26H1, and Windows Server 2022/2025 via race condition vulnerability. Authenticated low-privilege attackers can gain SYSTEM-level privileges through improper synchronization during concurrent operations (CWE-362). CVSS 7.8 (High) with high attack complexity (AC:H) and scope change (S:C). No public exploit identified at time of analysis. Microsoft released patches in January 2026 security

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26170 HIGH PATCH Exploit Unlikely This Week

Microsoft PowerShell privilege escalation affecting Windows 10/11 and Server 2016-2025 allows authenticated local attackers with low privileges to gain SYSTEM-level access through improper input validation (CWE-20). The vulnerability has a CVSS score of 7.8 with low attack complexity and requires no user interaction, enabling straightforward exploitation by any standard user account. No public exploit identified at time of analysis, though the attack vector's simplicity (AV:L/AC:L/PR:L/UI:N) sug

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26169 MEDIUM PATCH Exploit Likely This Month

Buffer over-read in Windows Kernel Memory allows authenticated local attackers to disclose sensitive kernel information with high confidence. CVE-2026-26169 affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2016 through 2025. The vulnerability requires local access and low-level user privileges but does not enable privilege escalation or code execution. Microsoft has released vendor patches addressing the issue across all affected versions.

Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-26168 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock (AFD.sys) allows authenticated attackers with low privileges to gain SYSTEM-level access through a race condition vulnerability. Affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. Vendor-released patches available across all affected product lines. Attack complexity rated high (AC:H) but enables full system compromise with changed scope (S:C), indicating container/hypervisor escape potential. No public exploit identified at time of analysis, though the race condition class (CWE-362) is well-understood by exploit developers.

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26163 HIGH PATCH Exploit Unlikely This Week

Windows Kernel double free vulnerability enables local privilege escalation across Windows 10, 11, and Server editions when exploited by authenticated users with low-level privileges. The CWE-415 flaw affects all currently supported Windows versions from legacy Windows Server 2012 R2 through the latest Windows 11 26H1 and Windows Server 2025 builds. With CVSS 7.8 (AV:L/AC:L/PR:L), the vulnerability requires only local access and low-privilege authentication, making it valuable for second-stage a

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26159 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Remote Desktop Licensing Service (affecting Windows 10 1607 through Windows Server 2025) allows low-privileged authenticated users to gain SYSTEM-level access by exploiting missing authentication on critical service functions. The vulnerability (CWE-306) requires local access and low-privilege credentials but enables complete system compromise with low attack complexity. Vendor-released patches are available across all affected Windows versions. No public ex

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26156 HIGH PATCH Exploit Unlikely This Week

Heap-based buffer overflow in Windows Hyper-V enables local code execution with high impact across Windows 10, Windows 11, and Windows Server environments. An unauthenticated attacker with local access can trigger the vulnerability through user interaction (CVSS:3.1 AV:L/AC:L/PR:N/UI:R), achieving full system compromise (C:H/I:H/A:H). Microsoft has released patches addressing 17 affected Windows versions ranging from legacy Windows 10 1607 through Windows 11 26H1 and Windows Server 2025. No publ

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26153 HIGH PATCH Exploit Unlikely This Week

Out-of-bounds read in Windows Encrypting File System (EFS) enables low-privileged local attackers to escalate to SYSTEM privileges on Windows 10 (versions 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2019/2022/2025. The vulnerability (CWE-125) requires local access and low-level privileges but no user interaction, yielding complete system compromise with high impact to confidentiality, integrity, and availability (CVSS 7.8). Vendor-released patches are available

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26152 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Cryptographic Services affects Windows 10, Windows 11, and Windows Server versions from 2012 through 2025 due to insecure storage of cryptographic material. Authenticated attackers with low privileges can exploit this CWE-922 weakness (insecure storage of sensitive information) to gain high-level access to confidentiality, integrity, and availability. Microsoft has released patches for all affected versions. No public exploit identified at time of analysis,

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-26143 HIGH PATCH Exploit Unlikely This Week

Authentication bypass in Microsoft PowerShell 7.4 (versions prior to 7.4.14) and 7.5 (versions prior to 7.5.5) allows local attackers to bypass security features through improper input validation. The vulnerability requires user interaction but no authentication (PR:N), enabling attackers to achieve high impact across confidentiality, integrity, and availability. Microsoft has released patches addressing this security feature bypass. EPSS data not available; no confirmed active exploitation (CISA KEV) identified at time of analysis.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-23657 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Word via use-after-free memory corruption affects Microsoft 365 Apps for Enterprise and Office LTSC 2024. Unauthenticated attackers can achieve full system compromise (confidentiality, integrity, availability) by inducing users to open specially crafted Word documents, triggering memory reuse vulnerabilities during document parsing. Vendor patch available via Microsoft Security Response Center. No public exploit identified at time of analysis, though CVSS 7.8 indicates high severity when user interaction occurs.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-20806 MEDIUM PATCH This Month

Type confusion in Windows COM component allows authenticated local attackers to read sensitive information from memory. The vulnerability affects Windows 10 (versions 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2019/2022/2025 across multiple installation types. An attacker with local user privileges can exploit improper type handling in COM to disclose confidential data without modifying or disrupting system availability. Microsoft has released patches addressing this information disclosure risk.

Information Disclosure Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-20928 MEDIUM PATCH Exploit Unlikely This Month

Windows Recovery Environment Agent improperly stores sensitive information without adequate removal, allowing physical attackers to extract confidential data and bypass security features. The vulnerability affects Windows 10 versions 1607-22H2, Windows 11 versions 22H3-26H1, Windows Server 2016-2025, and Server Core installations across multiple builds. Microsoft has released vendor patches to remediate the information disclosure.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
4.6
EPSS
0.2%
CVE-2026-33826 HIGH PATCH NEWS Exploit Likely This Week

Remote code execution in Windows Active Directory Domain Services affects all supported Windows Server versions (2012 R2 through 2025) when an authenticated attacker with low privileges on an adjacent network sends specially crafted requests to domain controllers. The vulnerability stems from improper input validation (CWE-20) and enables complete system compromise with high impact to confidentiality, integrity, and availability. Patch available per vendor advisory; no public exploit identified at time of analysis. CVSS 8.0 severity reflects adjacent network attack vector requiring low-privilege authentication but trivial attack complexity with no user interaction.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
8.0
EPSS
0.4%
CVE-2026-33825 HIGH POC KEV PATCH THREAT Exploit Likely Act Now

Privilege escalation in Microsoft Defender Antimalware Platform versions before 4.18.26030.3011 allows authenticated local attackers to gain elevated system privileges through insufficiently granular access controls. CVSS 7.8 (High) reflects local attack vector requiring low privileges. EPSS score of 0.04% (12th percentile) indicates low probability of widespread exploitation. Microsoft has released a patched version (4.18.26030.3011) addressing the access control deficiency.

Information Disclosure Microsoft
NVD VulDB GitHub
CVSS 3.1
7.8
EPSS
0.0%
Threat
5.5
CVE-2026-33822 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office Word enables local information disclosure when a user opens a malicious document, affecting Microsoft 365 Apps for Enterprise and Office LTSC for Mac 2021/2024. The vulnerability requires user interaction (document opening) but does not require elevated privileges, with a CVSS score of 6.1 reflecting moderate severity. Microsoft has released patches addressing this issue across affected product lines.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-33098 HIGH PATCH This Week

Local privilege escalation in Windows Container Isolation FS Filter Driver affects all supported Windows 10, Windows 11, and Windows Server versions through use-after-free memory corruption. Low-complexity attack requires only low-privileged local access to achieve full system compromise (SYSTEM-level privileges). Microsoft has released patches for all affected versions. No public exploit identified at time of analysis, but the low attack complexity (AC:L) and requirement for only low privileges

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-33096 HIGH PATCH Exploit Unlikely This Week

Denial of service in Windows HTTP.sys kernel-mode driver allows unauthenticated remote attackers to crash affected systems via malformed HTTP requests. Affects all currently supported Windows 11 versions (22H2 through 26H1) and Windows Server 2022/2025 editions. The vulnerability stems from an out-of-bounds read (CWE-125) triggered when HTTP.sys processes specially crafted network packets without authentication (CVSS AV:N/PR:N). Vendor-released patches available for all affected versions with specific build numbers identified. No public exploit identified at time of analysis, though low attack complexity (AC:L) suggests straightforward exploitation once technical details emerge.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-33095 HIGH PATCH Exploit Unlikely This Week

Use-after-free memory corruption in Microsoft Office Word enables local code execution with high privileges when victims open malicious documents. Affects Microsoft 365 Apps for Enterprise and Office LTSC 2021/2024 for Windows and Mac (versions below 16.108.26041219 for Mac; click-to-run editions require latest security updates). CVSS 7.8 reflects local attack vector requiring user interaction, but exploitation grants complete system compromise (confidentiality, integrity, availability all rated High). No public exploit identified at time of analysis, though use-after-free vulnerabilities are well-understood exploitation primitives. Vendor-released patch available through Microsoft security updates.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-32224 HIGH PATCH This Week

Local privilege escalation in Windows Server Update Service (WSUS) on Windows 11 version 26H1 allows low-privileged authenticated users to gain SYSTEM-level access via use-after-free memory corruption. Exploitation requires local access and high attack complexity (CVSS AC:H), indicating timing-dependent or race condition triggers. Microsoft has released patch version 10.0.28000.1836 to address this vulnerability. No public exploit code or active exploitation confirmed at time of analysis.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32223 MEDIUM PATCH Exploit Unlikely This Month

Heap-based buffer overflow in Windows USB Print Driver allows local privilege escalation via physical device access. Affects Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025, with patch available from Microsoft. Attack requires physical USB access and no user interaction; no public exploit identified at time of analysis.

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-32222 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Win32K ICOMP component via untrusted pointer dereference allows low-privileged authenticated users to achieve SYSTEM-level access on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. The vulnerability requires local access and low-privilege credentials (PR:L) but no user interaction, with confirmed patch availability from Microsoft. CVSS 7.8 reflects complete compromise of confidentiality, integrity, and availability. No public exploit identified at tim

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32221 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Graphics Component across Windows 11 24H2/25H2/26H1 and Server 2025 enables unauthenticated local attackers to execute arbitrary code with high integrity via heap-based buffer overflow exploitation. CVSS 8.4 (High) reflects low attack complexity and no user interaction requirement, though local access is necessary. EPSS data unavailable; no CISA KEV listing or public exploit identified at time of analysis, but the low complexity (AC:L) and no-auth requirement (PR:N) make this highly attractive for post-compromise escalation.

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-32220 MEDIUM PATCH Exploit Unlikely This Month

Windows Virtualization-Based Security (VBS) Enclave in Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025 allows high-privileged local attackers to bypass security features through improper access control, resulting in integrity compromise without requiring user interaction. A vendor-released patch is available from Microsoft's security updates.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-32219 HIGH PATCH This Week

Double free vulnerability in Microsoft Brokering File System enables local privilege escalation on Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025. Low-privileged authenticated users can exploit memory corruption (CWE-415) to gain SYSTEM-level access with high attack complexity. Microsoft has released patches addressing builds prior to 10.0.26100.32690 (24H2/Server 2025), 10.0.26200.8246 (25H2), and 10.0.28000.1836 (26H1). EPSS score of 0.04% (11th percentile) and SSVC assessment of no active exploitation suggest low immediate threat despite 7.0 CVSS score, though CISA classifies technical impact as total (complete system compromise).

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32218 MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that authenticated local users can read, enabling information disclosure on Windows 10 (versions 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2022, and Windows Server 2025. An attacker with local user privileges can access kernel log files to retrieve confidential data such as credentials, cryptographic material, or system secrets. Microsoft has released patches addressing this log injection vulnerability; no public exploit code or active exploitation has been confirmed.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-32217 MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that can be read by local authenticated users, allowing information disclosure on Windows 10 and Windows 11 systems across multiple versions as well as Windows Server 2012 through 2025. The vulnerability requires local access and valid user credentials (privilege level L) but results in high confidentiality impact. Microsoft has released patches for all affected versions.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-32216 MEDIUM PATCH Exploit Unlikely This Month

Null pointer dereference in Windows Redirected Drive Buffering denies service to local authenticated users on Windows 11 version 26H1 (build 10.0.28000.0-10.0.28000.1835). An authorized attacker with local access can trigger the vulnerability to crash the affected system component, though code execution is not possible. Vendor-released patch available; no public exploit code identified at time of analysis.

Denial Of Service Null Pointer Dereference Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-32215 MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that authenticated local users can read, enabling information disclosure on Windows 10 (versions 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2019, 2022, and 2025. An authorized local attacker with user-level privileges can access kernel log files to retrieve confidential data without elevated rights or user interaction. Microsoft has released patches addressing this CWE-532 insertion-of-sensitive-information vulnerability with specific build fixes across all affected editions.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-32202 MEDIUM POC KEV PATCH THREAT Exploit Likely Act Now

Windows Shell protection mechanism failure (CVE-2026-32202) allows remote attackers to perform spoofing attacks over a network without authentication, requiring only user interaction. This low-severity vulnerability affects multiple Windows versions from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through 2025. While not actively exploited in the wild, vendor patches are available across all affected versions, and the low CVSS score (4.3) reflects limited confidentiality impact and no availability impact despite the network-accessible attack vector.

Authentication Bypass Microsoft
NVD VulDB GitHub Exploit-DB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2026-32195 HIGH PATCH Exploit Unlikely This Week

Stack-based buffer overflow in the Windows Kernel enables low-privileged local attackers to escalate to SYSTEM privileges on Windows 11 version 26H1 (build 10.0.28000.0 through 10.0.28000.1835). Despite CVSS 7.0 (High), the attack complexity is high (AC:H) and requires local access with low-level privileges (PR:L). Vendor-released patch available via Microsoft Security Response Center (build 10.0.28000.1836). No public exploit identified at time of analysis, though CWE-121 stack overflows are well-understood vulnerability classes with established exploitation techniques.

Stack Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32192 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Azure Monitor Agent versions prior to 1.41.0 exploits insecure deserialization of untrusted data, allowing authenticated local attackers with low privileges to achieve full system compromise (high confidentiality, integrity, and availability impact). CVSS 7.8 severity reflects local attack vector with low complexity and no user interaction required. No public exploit identified at time of analysis, though the vulnerability class (CWE-502) is well-understood and frequently targeted. Microsoft has released patch version 1.41.0 to address this flaw.

Deserialization Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-32189 HIGH PATCH Exploit Unlikely This Week

Microsoft Excel memory corruption via use-after-free enables arbitrary code execution when victims open malicious spreadsheet files. This vulnerability affects all major Office deployments including Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, and Office LTSC 2021/2024 for both Windows and macOS, as well as Office Online Server. Attackers require user interaction to open a crafted file, but no authentication is needed (CVSS PR:N), making this exploitable through phishing or file-sharing attacks. Vendor patches are available through Microsoft Security Response Center. No public exploit or active exploitation confirmed at time of analysis, though the straightforward attack vector (local file + user click) and high impact (code execution with full system privileges) warrant prompt patching.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-32188 HIGH PATCH Exploit Unlikely This Week

Out-of-bounds read vulnerability (CWE-125) in Microsoft Excel allows local attackers to disclose sensitive memory contents and cause denial of service through maliciously crafted spreadsheet files with user interaction. Affects Microsoft Office 2016/2019, Office LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office Online Server across Windows and macOS platforms. CVSS 7.1 reflects high confidentiality and availability impact with low attack complexity but requires local access and user interaction. No public exploit identified at time of analysis. Vendor-released patches available through Microsoft Security Response Center covering all affected Office product lines.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2026-32184 HIGH PATCH Exploit Unlikely This Week

Deserialization of untrusted data in Microsoft HPC Pack 2019 enables authenticated local attackers to escalate privileges to SYSTEM level. Affects all versions below 6.3.8355. Vendor-released patch available via Microsoft Security Response Center. CVSS 7.8 reflects high impact (complete system compromise) with low attack complexity requiring only low-level authenticated access. No public exploit identified at time of analysis, though CWE-502 deserialization flaws are well-understood and commonly weaponized once technical details emerge.

Deserialization Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2026-32183 HIGH PATCH Exploit Unlikely This Week

Command injection in Windows Snipping Tool allows local code execution when an unauthorized attacker convinces a user to open a specially crafted file. This vulnerability affects all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025), requiring user interaction but no authentication (PR:N). No public exploit identified at time of analysis, though the local attack vector and user interaction requirement limit immediate remote threat. CVSS 7.8 reflects high impact ac

Command Injection Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-32181 MEDIUM PATCH Exploit Unlikely This Month

Improper privilege management in Microsoft Windows allows authenticated local attackers to deny service by exploiting a privilege escalation flaw affecting Windows 10 versions 21H2 and 22H2, Windows 11 versions 22H3 through 26H1, and Windows Server 2022 and 2025. The vulnerability requires local access and valid credentials but does not permit code execution or data manipulation. CVSS 5.5 reflects moderate severity; CISA SSVC framework rates exploitation as none with partial technical impact, indicating this is not currently a priority threat despite patch availability.

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-32168 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Azure Monitor Agent versions prior to 1.35.9 enables authenticated users to gain elevated system privileges through improper input validation flaws. The vulnerability requires low attack complexity and no user interaction, allowing low-privileged attackers with local access to achieve complete system compromise (high confidentiality, integrity, and availability impact). EPSS data not available; no public exploit identified at time of analysis; SSVC framework indicates total technical impact but no active exploitation and non-automatable exploitation vector.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-32165 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows User Interface Core across Windows 10, 11, and Server 2019-2025 allows low-privileged authenticated attackers to achieve SYSTEM-level access via use-after-free memory corruption. The vulnerability requires high attack complexity and local access but enables container escape (scope change) with full confidentiality, integrity, and availability impact. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the use-after-free primitive is a well-understood exploitation technique.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0390 MEDIUM PATCH Exploit Likely This Month

Windows Boot Loader accepts untrusted inputs for security decisions, allowing authorized local attackers to bypass security features with high confidentiality, integrity, and availability impact. This authentication bypass vulnerability (CVSS 6.7) affects Windows 10 versions 1607, 1809, 21H2, and 22H2, as well as Windows Server 2016, 2019, and 2022. Microsoft has released patches addressing the root cause of reliance on untrusted security-critical inputs.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
6.7
EPSS
0.1%
CVE-2026-32160 HIGH PATCH This Week

Local privilege escalation in Windows Push Notifications service affects Windows 10 (1809-22H2), Windows 11 (22H3-26H1), and Windows Server 2019-2025 via race condition in shared resource synchronization. Low-privileged authenticated users can exploit timing vulnerabilities in notification handling to elevate to SYSTEM-level privileges with high confidentiality, integrity, and availability impact (scope change to other security contexts). CVSS 7.8 (high complexity, local vector). Vendor-released

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32159 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Push Notifications service affects all supported Windows 10, 11, and Server versions through a race condition that allows low-privileged authenticated users to gain SYSTEM-level access. The vulnerability (CWE-362) stems from improper synchronization when multiple threads access shared resources in the notification subsystem. Attack complexity is high (AC:H), requiring precise timing to win the race, but successful exploitation grants complete system compromise wit

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32158 HIGH PATCH This Week

Privilege escalation in Windows Push Notifications service across Windows 10, 11, and Server versions (1809 through 26H1) allows low-privileged local attackers to gain SYSTEM-level access via race condition exploitation. The vulnerability stems from improper synchronization when multiple threads access shared resources in the notification framework, enabling scope escape from user context to elevated privileges. Vendor-released patches are available for all affected versions. No public exploit i

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32156 HIGH PATCH Exploit Unlikely This Week

Local code execution in Windows Universal Plug and Play (UPnP) Device Host across all supported Windows 10, 11, and Server versions allows unauthenticated attackers to achieve high-impact compromise via use-after-free memory corruption. The vulnerability affects Windows 10 versions 1607 through 22H2, Windows 11 versions 22H3 through 26H1, and Windows Server 2012 through 2025 (including Server Core installations). Despite requiring local access and high attack complexity (CVSS:3.1/AV:L/AC:H), the

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-32090 HIGH PATCH This Week

Local privilege escalation in Windows Speech Brokered API allows authenticated users with low privileges to gain SYSTEM-level access via race condition exploitation. Affects all supported Windows 10, Windows 11, and Windows Server versions (2016-2025). Microsoft released patches in May 2025 across 17 product variants. Despite CVSS 7.8 severity, EPSS score is low (0.04%, 12th percentile) indicating minimal observed exploitation activity. No active exploitation confirmed (not in CISA KEV) and no public exploit code identified at time of analysis.

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32089 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Speech Brokered API allows authenticated users to gain SYSTEM-level access via use-after-free memory corruption. All supported Windows 10, Windows 11, and Windows Server versions (2016-2025) are affected. Microsoft released patches in their April 2026 security update cycle. EPSS score of 0.04% (12th percentile) indicates low exploitation likelihood in the wild, and no active exploitation or public exploit code has been identified at time of analysis.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-32085 MEDIUM PATCH This Month

Windows Remote Procedure Call (RPC) discloses sensitive information to local authenticated users in Windows 10, Windows 11, and Windows Server 2016-2025. An authorized attacker with local access and limited privileges can read confidential data without user interaction, affecting multiple Windows editions across a 9-year product span. Patch availability confirmed from Microsoft; no active exploitation reported.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-32083 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows SSDP Service (all Windows 10, 11, and Server versions from 2012 onwards) enables low-privileged authenticated users to gain SYSTEM-level access by exploiting a race condition in shared resource handling. The vulnerability requires low privileges and high attack complexity (CVSS AC:H), resulting in complete compromise of confidentiality, integrity, and availability. Vendor-released patches are available for all affected versions with specific build numbers pr

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32082 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows SSDP Service across Windows 10, Windows 11, and Windows Server 2012-2025 allows authenticated users with low privileges to gain SYSTEM-level access by exploiting a race condition in shared resource handling. Attack complexity is high (AC:H), requiring precise timing to win the race window. Patch available per vendor advisory; no public exploit identified at time of analysis.

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32081 MEDIUM PATCH This Month

Windows File Explorer information disclosure vulnerability in Windows 10 and Windows 11 allows authenticated local users to access sensitive information without authorization. The vulnerability affects multiple Windows 10 versions (1607, 1809, 21H2, 22H2), Windows 11 versions (22H3 through 26H1), and Windows Server 2016 through 2025. Microsoft has released patches addressing this CWE-200 information exposure flaw, with no evidence of active exploitation at the time of analysis.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-32075 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Windows Universal Plug and Play (UPnP) Device Host allows authenticated attackers with low privileges to achieve system-level access through use-after-free memory corruption. Affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. Microsoft has released patches across all affected product lines. No public exploit identified at time of analysis, though the local attack vector and authentication requirement (PR:L) limit immedi

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32073 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation via use-after-free in Windows Ancillary Function Driver for WinSock (AFD.sys) affects all supported Windows versions from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012-2025. Authenticated local attackers with low privileges can exploit memory corruption to gain SYSTEM-level access, though high attack complexity suggests reliable exploitation requires sophisticated techniques. Vendor-released patches are available across all affected versions. No publi

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32071 HIGH PATCH Exploit Unlikely This Week

Remote denial-of-service in Windows Local Security Authority Subsystem Service (LSASS) allows unauthenticated network attackers to crash Windows systems through null pointer dereference exploitation. Affects Windows 10 (versions 1607-22H2), Windows 11 (22H3-26H1), and Windows Server (2016-2025) across multiple release channels. Microsoft has released patches for all affected versions. No public exploit identified at time of analysis, but the low attack complexity (AC:L) and unauthenticated netwo

Denial Of Service Null Pointer Dereference Microsoft
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-27931 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Windows GDI (Graphics Device Interface) allows local attackers to disclose sensitive information without authentication. The vulnerability affects Windows 10 versions 21H2 and 22H2, Windows 11 versions 22H3 through 26H1, and Windows Server 2022/2025, requiring user interaction to trigger. Microsoft has released patches for all affected versions, with specific build numbers provided for remediation.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-27929 HIGH PATCH Exploit Unlikely This Week

Windows LUAFV driver privilege escalation via TOCTOU race condition allows authenticated local attackers with low privileges to gain SYSTEM-level access across all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025). The vulnerability requires high attack complexity to exploit the narrow timing window between security checks and file operations. Vendor-released patch available across all affected platforms. No public exploit identified at time of analysis, though th

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-27927 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Projected File System across Windows 10, 11, and Server versions allows authenticated local users to gain SYSTEM-level privileges by exploiting a race condition during concurrent file system operations. Affects all currently supported Windows versions from Server 2019 through Windows 11 26H1. Microsoft released patches in their latest security update cycle. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and minimal privil

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-27926 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Cloud Files Mini Filter Driver (all Windows 10/11 and Server 2019/2022/2025 versions) allows low-privileged authenticated users to gain SYSTEM-level access through a race condition vulnerability. Attack requires high complexity timing manipulation of shared resources in the kernel-mode filter driver. Vendor-released patches available for all affected versions. No public exploit identified at time of analysis, though the authenticated local attack vector and detailed version-specific fix data suggest moderate real-world deployment risk in multi-user Windows environments.

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-27921 HIGH PATCH Exploit Likely This Week

Local privilege escalation in Windows TCP/IP stack across Windows 10, 11, and Server editions allows low-privileged authenticated users to gain SYSTEM-level access by exploiting a race condition in shared resource synchronization. This CWE-362 flaw affects every supported Windows version from legacy Server 2012 through cutting-edge Windows 11 26H1, with vendor-released patches available. The local attack vector (AV:L) and high complexity (AC:H) reduce immediate mass-exploitation risk, though the

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-27919 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Universal Plug and Play (UPnP) Device Host affects all supported Windows versions from Server 2012 through Windows 11 26H1 and Server 2025. Authenticated local attackers with low privileges can exploit an untrusted pointer dereference (CWE-822) to achieve complete system compromise with high impact to confidentiality, integrity, and availability. Microsoft has released patches for all affected versions. No public exploit identified at time of analysis, thoug

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-27918 HIGH PATCH Exploit Unlikely This Week

Windows Shell privilege escalation affects Windows 10 (1809+), Windows 11 (all versions through 26H1), and Windows Server 2019-2025 via a race condition vulnerability (CWE-362). Local authenticated attackers with low-privilege access can exploit concurrent execution flaws to gain SYSTEM-level privileges with low attack complexity and no user interaction required (CVSS 7.8). Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though t

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-27917 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) across Windows 10, 11, and Server 2012 R2-2025 allows authenticated attackers with low privileges to gain SYSTEM-level access via use-after-free memory corruption. Microsoft released patches addressing versions from Windows 10 1607 through Windows 11 26H1 and Server 2012 R2 through Server 2025. CVSS 7.0 rating reflects high attack complexity; no public exploit identified at time of analysis. EPSS data not prov

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-27915 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation via use-after-free memory corruption in Windows Universal Plug and Play (UPnP) Device Host affects all supported Windows versions from Server 2012 through Windows 11 26H1. Authenticated local attackers with low privileges can exploit this CWE-416 flaw to gain SYSTEM-level access with low attack complexity (CVSS:3.1 AV:L/AC:L/PR:L). Vendor-released patches are available across all affected Windows 10, Windows 11, and Windows Server product lines. No public exploit code

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-27908 HIGH PATCH Exploit Likely This Week

Use-after-free in Windows TDI Translation Driver (tdx.sys) allows local privilege escalation to SYSTEM by authenticated low-privileged users on Windows 10/11 and Server 2012-2025. Microsoft has released security updates addressing this CWE-416 memory corruption flaw across all supported Windows versions. CVSS 7.0 reflects high attack complexity but full system compromise if successfully exploited. No public exploit identified at time of analysis, though the vulnerability's local attack vector an

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-27907 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Storage Spaces Controller across Windows 11 (versions 22H3 through 26H1) and Windows Server 2022/2025 allows low-privileged authenticated users to achieve SYSTEM-level access via an integer underflow vulnerability. The flaw enables complete compromise of confidentiality, integrity, and availability on affected systems. EPSS risk data not available; no public exploit identified at time of analysis. Vendor-released patches are available for all affected versions.

Information Disclosure Integer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-27906 MEDIUM PATCH Exploit Likely This Month

Windows Hello biometric authentication can be bypassed by high-privileged local attackers through improper input validation, allowing unauthorized access to authentication mechanisms. This affects Windows 10 versions 21H2 and 22H2, and Windows 11 versions 22H3 through 26H1. The vulnerability requires administrative or SYSTEM-level privileges to exploit and does not enable remote exploitation, but represents a significant risk in multi-user or compromised-admin scenarios where biometric security is the primary defense mechanism.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
4.4
EPSS
0.1%
CVE-2026-26183 HIGH PATCH Exploit Unlikely This Week

Windows RPC API privilege escalation affects all supported Windows Server versions (2012 through 2025) due to improper access control (CWE-284). Low-privileged local attackers can achieve complete system compromise (high confidentiality, integrity, and availability impact) with low attack complexity and no user interaction required. Vendor-released patches are available across all affected Server Core and standard installations. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and clear attack path increase weaponization risk.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26181 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Brokering File System on Windows 11 and Windows Server 2022/2025 allows authenticated users with low privileges to gain SYSTEM-level access via use-after-free memory corruption. The vulnerability affects all actively supported Windows 11 versions (22H3 through 26H1) and recent Windows Server editions. Exploitation requires local access and low-level user privileges (PR:L) but has low attack complexity (AC:L), enabling reliable exploitation once local access is obtained. No public exploit identified at time of analysis, though the use-after-free weakness class is well-understood by attackers.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26180 HIGH PATCH Exploit Unlikely This Week

Heap-based buffer overflow in the Windows Kernel enables local privilege escalation to SYSTEM on Windows 10 (versions 1607 through 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server (2012 through 2025). Authenticated local attackers with low privileges can exploit this memory corruption vulnerability to gain complete system control. Microsoft has released patches addressing 21 affected product versions. No public exploit identified at time of analysis, though the local attack vec

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26179 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Kernel via double free vulnerability enables low-privileged authenticated users to gain SYSTEM-level access across Windows 11 (versions 22H3 through 26H1) and Windows Server 2022/2025. The vulnerability requires local access and low privileges (PR:L) but presents low attack complexity (AC:L) with no user interaction required. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the straightforward attack complexity and severe impact make this a priority for patching in enterprise environments.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26175 MEDIUM PATCH Exploit Unlikely This Month

Windows Boot Manager contains an uninitialized resource vulnerability (CWE-908) that allows unauthorized attackers to bypass security features through physical access to affected systems. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), and Windows Server 2016/2019/2022/2025. While the CVSS score of 4.6 reflects the physical attack vector requirement and information disclosure impact, the authentication bypass nature comb

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
4.6
EPSS
0.2%
CVE-2026-26174 HIGH PATCH Exploit Unlikely This Week

Windows Server Update Service (WSUS) race condition enables local privilege escalation to SYSTEM on Windows 10, 11, and Server 2012-2025. Authenticated users with low-level privileges can exploit improper synchronization in concurrent execution paths to gain full system control. Attack complexity is high (AC:H), requiring precise timing to win the race window. Vendor-released patches available for all affected versions. No public exploit identified at time of analysis, though the high CVSS 7.0 s

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-26167 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Push Notifications across Windows 10/11 and Server 2016-2025 allows low-privileged authenticated users to gain SYSTEM-level access via race condition exploitation. The vulnerability affects all currently supported Windows versions with confirmed vendor patches available. Attack complexity is low with no user interaction required, enabling straightforward exploitation once local access is obtained. The scope change (S:C) indicates the attacker can impact reso

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-26166 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Shell via double-free memory corruption allows low-privileged authenticated users to gain SYSTEM-level access across Windows 11 (versions 22H3 through 26H1) and Windows Server 2022/2025 environments. The CWE-415 double-free vulnerability requires high attack complexity but no user interaction, enabling complete system compromise once exploited. Vendor-released patches are available with specific build numbers identified for each affected version. No public exploit identified at time of analysis, though the CVSS 7.0 score reflects significant impact potential when successfully exploited.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-26165 HIGH PATCH Exploit Unlikely This Week

Windows Shell use-after-free memory corruption enables local privilege escalation to SYSTEM on Windows 11 (all versions 22H3 through 26H1) and Windows Server 2022/2025. Authenticated low-privileged users can exploit freed memory references in Shell components despite high attack complexity requirements. Vendor-released patches address all affected versions. EPSS data not available; no public exploit identified at time of analysis, though the vulnerability class (CWE-416) is well-understood and commonly weaponized in Windows privilege escalation chains.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-26162 HIGH PATCH Exploit Unlikely This Week

Type confusion in Windows OLE (Object Linking and Embedding) enables authenticated local attackers to escalate privileges across all supported Windows 10, 11, and Server versions (2012-2025). The memory corruption flaw allows low-privileged users to execute code with elevated permissions through incompatible type handling. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and lack of user interaction (UI:N) make this accessible to attackers with basic local access.

Information Disclosure Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26161 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Sensor Data Service affects all supported Windows 10, Windows 11, and Windows Server versions through untrusted pointer dereference (CWE-822). Authenticated local attackers with low-privilege accounts can exploit this vulnerability with low complexity to gain SYSTEM-level privileges, achieving full compromise of confidentiality, integrity, and availability. Vendor-released patches are available across all affected product lines. No public exploit identified

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26160 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Remote Desktop Licensing Service affects all supported Windows 10, Windows 11, and Windows Server versions (2012-2025) via missing authentication on a critical function. Authenticated local attackers with low privileges can exploit this CWE-306 authentication bypass to gain SYSTEM-level access with high impact to confidentiality, integrity, and availability (CVSS 7.8). Patch available per vendor; no public exploit identified at time of analysis. The wide foo

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26155 MEDIUM PATCH Exploit Unlikely This Month

Microsoft Local Security Authority Subsystem Service (LSASS) information disclosure vulnerability allows authenticated network attackers to read sensitive memory contents via a bounds check bypass in the LSASS process. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2016, 2019, 2022, and 2025. No public exploit code or active exploitation has been reported; vendor-released patches are available across all affected versions.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-26154 HIGH PATCH Exploit Unlikely This Week

Windows Server Update Service (WSUS) fails to properly validate network inputs, allowing unauthenticated remote attackers to cause denial of service across all Windows Server versions from 2012 through 2025. The vulnerability (CVSS 7.5) enables network-based tampering with high availability impact (AV:N/AC:L/PR:N/UI:N/A:H), though confidentiality and integrity remain unaffected. Patch available per vendor advisory; no public exploit identified at time of analysis. The Authentication Bypass tag and PR:N vector confirm attackers require no credentials, making internet-exposed WSUS servers particularly vulnerable.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-26151 HIGH PATCH Exploit Likely This Week

Windows Remote Desktop spoofing vulnerability allows remote unauthenticated attackers to bypass security warnings and trick users into accepting malicious RDP connections, potentially exposing sensitive session data. Affects all supported Windows 10, 11, and Server versions from 2012 through 2025. Vendor-released patches are available. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and network attack vector (AV:N) indicate exploitation would be straight

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2026-26149 CRITICAL PATCH Exploit Unlikely Act Now

Escape sequence injection in Microsoft Power Apps versions prior to 3.26032.10.0 allows authenticated attackers with low privileges to bypass security controls and achieve remote code execution with high confidentiality, integrity, and availability impact across security boundaries. The vulnerability requires user interaction and affects Power Apps 1710 (build 9.2.23071.136 and earlier). EPSS score of 0.08% (23rd percentile) suggests low probability of mass exploitation despite critical CVSS 9.0 rating. Vendor patch available via Microsoft Security Response Center advisory.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
9.0
EPSS
0.1%
CVE-2026-23670 MEDIUM PATCH Exploit Unlikely This Month

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows authorized local attackers to bypass security features, affecting Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2016-2025. With a CVSS score of 5.7 and high privilege requirement (PR:H), the vulnerability requires administrative or high-privilege account access but presents significant confidentiality and integrity risk to isolated security domai

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
5.7
EPSS
0.1%
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Windows Installer privilege escalation via improper permission handling enables authenticated local users to gain SYSTEM-level access across all supported Windows 10, 11, and Server platforms (2012-2025). The vulnerability (CWE-280: Improper Handling of Insufficient Privileges) requires low-privilege local access but offers complete system compromise with low attack complexity. CVSS 7.8 High severity reflects full confidentiality, integrity, and availability impact. Vendor-released patches are a

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in Microsoft Windows Search Component affects Windows 10 (1607-22H2), Windows 11 (22H3-26H1), and Windows Server (2012-2025) via use-after-free memory corruption (CWE-416). Authenticated local attackers with low privileges can exploit this vulnerability to gain SYSTEM-level access with low attack complexity and no user interaction required (CVSS 7.8). Vendor-released patches available for all affected versions; no public exploit identified at time of analysis.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Windows Projected File System buffer over-read allows authenticated local attackers with low privileges to escalate to high integrity, potentially achieving SYSTEM-level access across Windows 10, Windows 11, and Windows Server platforms. This CWE-126 memory disclosure vulnerability scores 7.8 CVSS with straightforward exploitation (low complexity, no user interaction), affecting extensive Windows infrastructure from legacy 1809 through current 26H1 builds. No public exploit identified at time of

Buffer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock (AFD.sys) allows authenticated low-privilege users to gain SYSTEM-level access through use-after-free memory corruption. Affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025, including Server Core installations. Vendor-released patches available across all affected platforms. No public exploit identified at time of analysis, though high-complexity local exploitation (CVSS AC:H)

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH Exploit Unlikely This Week

Integer size truncation in Windows Advanced Rasterization Platform (WARP) enables unauthenticated remote attackers to achieve code execution with elevated privileges across Windows 10, 11, and Server editions by persuading users to interact with malicious content. Microsoft has released security updates addressing this vulnerability across all supported Windows versions. No public exploit identified at time of analysis, though the unauthenticated remote attack vector (CVSS AV:N/PR:N) combined wi

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock affects all supported Windows 10, 11, and Server versions through use-after-free memory corruption. Authenticated local attackers with low privileges can exploit this CWE-416 vulnerability to gain SYSTEM-level access, achieving high impact to confidentiality, integrity, and availability. Vendor-released patches are available across all affected platforms. No public exploit identified at time of analysis, though the high

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Client Side Caching driver (csc.sys) allows authenticated users with low privileges to gain SYSTEM-level access via heap-based buffer overflow exploitation. Affects all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025). Vendor-released patches are available from Microsoft as of early 2026. No public exploit identified at time of analysis, though the straightforward attack complexity (AC:L) and no user interaction requirement (

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock (AFD.sys) across Windows 10, 11, and Server 2012-2025 allows low-privileged authenticated attackers to gain SYSTEM-level access via race condition exploitation. The vulnerability affects widespread Windows deployments spanning a decade of operating system versions, from Server 2012 (6.2.9200.0) through Windows 11 26H1 and Server 2025. Microsoft has released patches for all affected versions. No public exploit identified

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Push Notifications service affects Windows 10 21H2/22H2, Windows 11 22H3-26H1, and Windows Server 2022/2025 via race condition vulnerability. Authenticated low-privilege attackers can gain SYSTEM-level privileges through improper synchronization during concurrent operations (CWE-362). CVSS 7.8 (High) with high attack complexity (AC:H) and scope change (S:C). No public exploit identified at time of analysis. Microsoft released patches in January 2026 security

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Microsoft PowerShell privilege escalation affecting Windows 10/11 and Server 2016-2025 allows authenticated local attackers with low privileges to gain SYSTEM-level access through improper input validation (CWE-20). The vulnerability has a CVSS score of 7.8 with low attack complexity and requires no user interaction, enabling straightforward exploitation by any standard user account. No public exploit identified at time of analysis, though the attack vector's simplicity (AV:L/AC:L/PR:L/UI:N) sug

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH Exploit Likely This Month

Buffer over-read in Windows Kernel Memory allows authenticated local attackers to disclose sensitive kernel information with high confidence. CVE-2026-26169 affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2016 through 2025. The vulnerability requires local access and low-level user privileges but does not enable privilege escalation or code execution. Microsoft has released vendor patches addressing the issue across all affected versions.

Buffer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Ancillary Function Driver for WinSock (AFD.sys) allows authenticated attackers with low privileges to gain SYSTEM-level access through a race condition vulnerability. Affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. Vendor-released patches available across all affected product lines. Attack complexity rated high (AC:H) but enables full system compromise with changed scope (S:C), indicating container/hypervisor escape potential. No public exploit identified at time of analysis, though the race condition class (CWE-362) is well-understood by exploit developers.

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Windows Kernel double free vulnerability enables local privilege escalation across Windows 10, 11, and Server editions when exploited by authenticated users with low-level privileges. The CWE-415 flaw affects all currently supported Windows versions from legacy Windows Server 2012 R2 through the latest Windows 11 26H1 and Windows Server 2025 builds. With CVSS 7.8 (AV:L/AC:L/PR:L), the vulnerability requires only local access and low-privilege authentication, making it valuable for second-stage a

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Remote Desktop Licensing Service (affecting Windows 10 1607 through Windows Server 2025) allows low-privileged authenticated users to gain SYSTEM-level access by exploiting missing authentication on critical service functions. The vulnerability (CWE-306) requires local access and low-privilege credentials but enables complete system compromise with low attack complexity. Vendor-released patches are available across all affected Windows versions. No public ex

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Heap-based buffer overflow in Windows Hyper-V enables local code execution with high impact across Windows 10, Windows 11, and Windows Server environments. An unauthenticated attacker with local access can trigger the vulnerability through user interaction (CVSS:3.1 AV:L/AC:L/PR:N/UI:R), achieving full system compromise (C:H/I:H/A:H). Microsoft has released patches addressing 17 affected Windows versions ranging from legacy Windows 10 1607 through Windows 11 26H1 and Windows Server 2025. No publ

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Out-of-bounds read in Windows Encrypting File System (EFS) enables low-privileged local attackers to escalate to SYSTEM privileges on Windows 10 (versions 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2019/2022/2025. The vulnerability (CWE-125) requires local access and low-level privileges but no user interaction, yielding complete system compromise with high impact to confidentiality, integrity, and availability (CVSS 7.8). Vendor-released patches are available

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Cryptographic Services affects Windows 10, Windows 11, and Windows Server versions from 2012 through 2025 due to insecure storage of cryptographic material. Authenticated attackers with low privileges can exploit this CWE-922 weakness (insecure storage of sensitive information) to gain high-level access to confidentiality, integrity, and availability. Microsoft has released patches for all affected versions. No public exploit identified at time of analysis,

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Authentication bypass in Microsoft PowerShell 7.4 (versions prior to 7.4.14) and 7.5 (versions prior to 7.5.5) allows local attackers to bypass security features through improper input validation. The vulnerability requires user interaction but no authentication (PR:N), enabling attackers to achieve high impact across confidentiality, integrity, and availability. Microsoft has released patches addressing this security feature bypass. EPSS data not available; no confirmed active exploitation (CISA KEV) identified at time of analysis.

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Word via use-after-free memory corruption affects Microsoft 365 Apps for Enterprise and Office LTSC 2024. Unauthenticated attackers can achieve full system compromise (confidentiality, integrity, availability) by inducing users to open specially crafted Word documents, triggering memory reuse vulnerabilities during document parsing. Vendor patch available via Microsoft Security Response Center. No public exploit identified at time of analysis, though CVSS 7.8 indicates high severity when user interaction occurs.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Type confusion in Windows COM component allows authenticated local attackers to read sensitive information from memory. The vulnerability affects Windows 10 (versions 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2019/2022/2025 across multiple installation types. An attacker with local user privileges can exploit improper type handling in COM to disclose confidential data without modifying or disrupting system availability. Microsoft has released patches addressing this information disclosure risk.

Information Disclosure Memory Corruption Microsoft
NVD VulDB
EPSS 0% CVSS 4.6
MEDIUM PATCH Exploit Unlikely This Month

Windows Recovery Environment Agent improperly stores sensitive information without adequate removal, allowing physical attackers to extract confidential data and bypass security features. The vulnerability affects Windows 10 versions 1607-22H2, Windows 11 versions 22H3-26H1, Windows Server 2016-2025, and Server Core installations across multiple builds. Microsoft has released vendor patches to remediate the information disclosure.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 8.0
HIGH PATCH Exploit Likely This Week

Remote code execution in Windows Active Directory Domain Services affects all supported Windows Server versions (2012 R2 through 2025) when an authenticated attacker with low privileges on an adjacent network sends specially crafted requests to domain controllers. The vulnerability stems from improper input validation (CWE-20) and enables complete system compromise with high impact to confidentiality, integrity, and availability. Patch available per vendor advisory; no public exploit identified at time of analysis. CVSS 8.0 severity reflects adjacent network attack vector requiring low-privilege authentication but trivial attack complexity with no user interaction.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% 5.5 CVSS 7.8
HIGH POC KEV PATCH THREAT Exploit Likely Act Now

Privilege escalation in Microsoft Defender Antimalware Platform versions before 4.18.26030.3011 allows authenticated local attackers to gain elevated system privileges through insufficiently granular access controls. CVSS 7.8 (High) reflects local attack vector requiring low privileges. EPSS score of 0.04% (12th percentile) indicates low probability of widespread exploitation. Microsoft has released a patched version (4.18.26030.3011) addressing the access control deficiency.

Information Disclosure Microsoft
NVD VulDB GitHub
EPSS 0% CVSS 6.1
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Microsoft Office Word enables local information disclosure when a user opens a malicious document, affecting Microsoft 365 Apps for Enterprise and Office LTSC for Mac 2021/2024. The vulnerability requires user interaction (document opening) but does not require elevated privileges, with a CVSS score of 6.1 reflecting moderate severity. Microsoft has released patches addressing this issue across affected product lines.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in Windows Container Isolation FS Filter Driver affects all supported Windows 10, Windows 11, and Windows Server versions through use-after-free memory corruption. Low-complexity attack requires only low-privileged local access to achieve full system compromise (SYSTEM-level privileges). Microsoft has released patches for all affected versions. No public exploit identified at time of analysis, but the low attack complexity (AC:L) and requirement for only low privileges

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Denial of service in Windows HTTP.sys kernel-mode driver allows unauthenticated remote attackers to crash affected systems via malformed HTTP requests. Affects all currently supported Windows 11 versions (22H2 through 26H1) and Windows Server 2022/2025 editions. The vulnerability stems from an out-of-bounds read (CWE-125) triggered when HTTP.sys processes specially crafted network packets without authentication (CVSS AV:N/PR:N). Vendor-released patches available for all affected versions with specific build numbers identified. No public exploit identified at time of analysis, though low attack complexity (AC:L) suggests straightforward exploitation once technical details emerge.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Use-after-free memory corruption in Microsoft Office Word enables local code execution with high privileges when victims open malicious documents. Affects Microsoft 365 Apps for Enterprise and Office LTSC 2021/2024 for Windows and Mac (versions below 16.108.26041219 for Mac; click-to-run editions require latest security updates). CVSS 7.8 reflects local attack vector requiring user interaction, but exploitation grants complete system compromise (confidentiality, integrity, availability all rated High). No public exploit identified at time of analysis, though use-after-free vulnerabilities are well-understood exploitation primitives. Vendor-released patch available through Microsoft security updates.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Windows Server Update Service (WSUS) on Windows 11 version 26H1 allows low-privileged authenticated users to gain SYSTEM-level access via use-after-free memory corruption. Exploitation requires local access and high attack complexity (CVSS AC:H), indicating timing-dependent or race condition triggers. Microsoft has released patch version 10.0.28000.1836 to address this vulnerability. No public exploit code or active exploitation confirmed at time of analysis.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH Exploit Unlikely This Month

Heap-based buffer overflow in Windows USB Print Driver allows local privilege escalation via physical device access. Affects Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025, with patch available from Microsoft. Attack requires physical USB access and no user interaction; no public exploit identified at time of analysis.

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Win32K ICOMP component via untrusted pointer dereference allows low-privileged authenticated users to achieve SYSTEM-level access on Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025. The vulnerability requires local access and low-privilege credentials (PR:L) but no user interaction, with confirmed patch availability from Microsoft. CVSS 7.8 reflects complete compromise of confidentiality, integrity, and availability. No public exploit identified at tim

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 8.4
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Graphics Component across Windows 11 24H2/25H2/26H1 and Server 2025 enables unauthenticated local attackers to execute arbitrary code with high integrity via heap-based buffer overflow exploitation. CVSS 8.4 (High) reflects low attack complexity and no user interaction requirement, though local access is necessary. EPSS data unavailable; no CISA KEV listing or public exploit identified at time of analysis, but the low complexity (AC:L) and no-auth requirement (PR:N) make this highly attractive for post-compromise escalation.

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 4.4
MEDIUM PATCH Exploit Unlikely This Month

Windows Virtualization-Based Security (VBS) Enclave in Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025 allows high-privileged local attackers to bypass security features through improper access control, resulting in integrity compromise without requiring user interaction. A vendor-released patch is available from Microsoft's security updates.

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Double free vulnerability in Microsoft Brokering File System enables local privilege escalation on Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025. Low-privileged authenticated users can exploit memory corruption (CWE-415) to gain SYSTEM-level access with high attack complexity. Microsoft has released patches addressing builds prior to 10.0.26100.32690 (24H2/Server 2025), 10.0.26200.8246 (25H2), and 10.0.28000.1836 (26H1). EPSS score of 0.04% (11th percentile) and SSVC assessment of no active exploitation suggest low immediate threat despite 7.0 CVSS score, though CISA classifies technical impact as total (complete system compromise).

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that authenticated local users can read, enabling information disclosure on Windows 10 (versions 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2022, and Windows Server 2025. An attacker with local user privileges can access kernel log files to retrieve confidential data such as credentials, cryptographic material, or system secrets. Microsoft has released patches addressing this log injection vulnerability; no public exploit code or active exploitation has been confirmed.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that can be read by local authenticated users, allowing information disclosure on Windows 10 and Windows 11 systems across multiple versions as well as Windows Server 2012 through 2025. The vulnerability requires local access and valid user credentials (privilege level L) but results in high confidentiality impact. Microsoft has released patches for all affected versions.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Null pointer dereference in Windows Redirected Drive Buffering denies service to local authenticated users on Windows 11 version 26H1 (build 10.0.28000.0-10.0.28000.1835). An authorized attacker with local access can trigger the vulnerability to crash the affected system component, though code execution is not possible. Vendor-released patch available; no public exploit code identified at time of analysis.

Denial Of Service Null Pointer Dereference Microsoft
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that authenticated local users can read, enabling information disclosure on Windows 10 (versions 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2019, 2022, and 2025. An authorized local attacker with user-level privileges can access kernel log files to retrieve confidential data without elevated rights or user interaction. Microsoft has released patches addressing this CWE-532 insertion-of-sensitive-information vulnerability with specific build fixes across all affected editions.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM POC KEV PATCH THREAT Exploit Likely Act Now

Windows Shell protection mechanism failure (CVE-2026-32202) allows remote attackers to perform spoofing attacks over a network without authentication, requiring only user interaction. This low-severity vulnerability affects multiple Windows versions from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012 through 2025. While not actively exploited in the wild, vendor patches are available across all affected versions, and the low CVSS score (4.3) reflects limited confidentiality impact and no availability impact despite the network-accessible attack vector.

Authentication Bypass Microsoft
NVD VulDB GitHub Exploit-DB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Stack-based buffer overflow in the Windows Kernel enables low-privileged local attackers to escalate to SYSTEM privileges on Windows 11 version 26H1 (build 10.0.28000.0 through 10.0.28000.1835). Despite CVSS 7.0 (High), the attack complexity is high (AC:H) and requires local access with low-level privileges (PR:L). Vendor-released patch available via Microsoft Security Response Center (build 10.0.28000.1836). No public exploit identified at time of analysis, though CWE-121 stack overflows are well-understood vulnerability classes with established exploitation techniques.

Stack Overflow Buffer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Azure Monitor Agent versions prior to 1.41.0 exploits insecure deserialization of untrusted data, allowing authenticated local attackers with low privileges to achieve full system compromise (high confidentiality, integrity, and availability impact). CVSS 7.8 severity reflects local attack vector with low complexity and no user interaction required. No public exploit identified at time of analysis, though the vulnerability class (CWE-502) is well-understood and frequently targeted. Microsoft has released patch version 1.41.0 to address this flaw.

Deserialization Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Microsoft Excel memory corruption via use-after-free enables arbitrary code execution when victims open malicious spreadsheet files. This vulnerability affects all major Office deployments including Microsoft 365 Apps for Enterprise, Excel 2016, Office 2019, and Office LTSC 2021/2024 for both Windows and macOS, as well as Office Online Server. Attackers require user interaction to open a crafted file, but no authentication is needed (CVSS PR:N), making this exploitable through phishing or file-sharing attacks. Vendor patches are available through Microsoft Security Response Center. No public exploit or active exploitation confirmed at time of analysis, though the straightforward attack vector (local file + user click) and high impact (code execution with full system privileges) warrant prompt patching.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.1
HIGH PATCH Exploit Unlikely This Week

Out-of-bounds read vulnerability (CWE-125) in Microsoft Excel allows local attackers to disclose sensitive memory contents and cause denial of service through maliciously crafted spreadsheet files with user interaction. Affects Microsoft Office 2016/2019, Office LTSC 2021/2024, Microsoft 365 Apps for Enterprise, and Office Online Server across Windows and macOS platforms. CVSS 7.1 reflects high confidentiality and availability impact with low attack complexity but requires local access and user interaction. No public exploit identified at time of analysis. Vendor-released patches available through Microsoft Security Response Center covering all affected Office product lines.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Deserialization of untrusted data in Microsoft HPC Pack 2019 enables authenticated local attackers to escalate privileges to SYSTEM level. Affects all versions below 6.3.8355. Vendor-released patch available via Microsoft Security Response Center. CVSS 7.8 reflects high impact (complete system compromise) with low attack complexity requiring only low-level authenticated access. No public exploit identified at time of analysis, though CWE-502 deserialization flaws are well-understood and commonly weaponized once technical details emerge.

Deserialization Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Command injection in Windows Snipping Tool allows local code execution when an unauthorized attacker convinces a user to open a specially crafted file. This vulnerability affects all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025), requiring user interaction but no authentication (PR:N). No public exploit identified at time of analysis, though the local attack vector and user interaction requirement limit immediate remote threat. CVSS 7.8 reflects high impact ac

Command Injection Microsoft
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Improper privilege management in Microsoft Windows allows authenticated local attackers to deny service by exploiting a privilege escalation flaw affecting Windows 10 versions 21H2 and 22H2, Windows 11 versions 22H3 through 26H1, and Windows Server 2022 and 2025. The vulnerability requires local access and valid credentials but does not permit code execution or data manipulation. CVSS 5.5 reflects moderate severity; CISA SSVC framework rates exploitation as none with partial technical impact, indicating this is not currently a priority threat despite patch availability.

Privilege Escalation Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Azure Monitor Agent versions prior to 1.35.9 enables authenticated users to gain elevated system privileges through improper input validation flaws. The vulnerability requires low attack complexity and no user interaction, allowing low-privileged attackers with local access to achieve complete system compromise (high confidentiality, integrity, and availability impact). EPSS data not available; no public exploit identified at time of analysis; SSVC framework indicates total technical impact but no active exploitation and non-automatable exploitation vector.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows User Interface Core across Windows 10, 11, and Server 2019-2025 allows low-privileged authenticated attackers to achieve SYSTEM-level access via use-after-free memory corruption. The vulnerability requires high attack complexity and local access but enables container escape (scope change) with full confidentiality, integrity, and availability impact. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the use-after-free primitive is a well-understood exploitation technique.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 6.7
MEDIUM PATCH Exploit Likely This Month

Windows Boot Loader accepts untrusted inputs for security decisions, allowing authorized local attackers to bypass security features with high confidentiality, integrity, and availability impact. This authentication bypass vulnerability (CVSS 6.7) affects Windows 10 versions 1607, 1809, 21H2, and 22H2, as well as Windows Server 2016, 2019, and 2022. Microsoft has released patches addressing the root cause of reliance on untrusted security-critical inputs.

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in Windows Push Notifications service affects Windows 10 (1809-22H2), Windows 11 (22H3-26H1), and Windows Server 2019-2025 via race condition in shared resource synchronization. Low-privileged authenticated users can exploit timing vulnerabilities in notification handling to elevate to SYSTEM-level privileges with high confidentiality, integrity, and availability impact (scope change to other security contexts). CVSS 7.8 (high complexity, local vector). Vendor-released

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Push Notifications service affects all supported Windows 10, 11, and Server versions through a race condition that allows low-privileged authenticated users to gain SYSTEM-level access. The vulnerability (CWE-362) stems from improper synchronization when multiple threads access shared resources in the notification subsystem. Attack complexity is high (AC:H), requiring precise timing to win the race, but successful exploitation grants complete system compromise wit

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Push Notifications service across Windows 10, 11, and Server versions (1809 through 26H1) allows low-privileged local attackers to gain SYSTEM-level access via race condition exploitation. The vulnerability stems from improper synchronization when multiple threads access shared resources in the notification framework, enabling scope escape from user context to elevated privileges. Vendor-released patches are available for all affected versions. No public exploit i

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.4
HIGH PATCH Exploit Unlikely This Week

Local code execution in Windows Universal Plug and Play (UPnP) Device Host across all supported Windows 10, 11, and Server versions allows unauthenticated attackers to achieve high-impact compromise via use-after-free memory corruption. The vulnerability affects Windows 10 versions 1607 through 22H2, Windows 11 versions 22H3 through 26H1, and Windows Server 2012 through 2025 (including Server Core installations). Despite requiring local access and high attack complexity (CVSS:3.1/AV:L/AC:H), the

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in Windows Speech Brokered API allows authenticated users with low privileges to gain SYSTEM-level access via race condition exploitation. Affects all supported Windows 10, Windows 11, and Windows Server versions (2016-2025). Microsoft released patches in May 2025 across 17 product variants. Despite CVSS 7.8 severity, EPSS score is low (0.04%, 12th percentile) indicating minimal observed exploitation activity. No active exploitation confirmed (not in CISA KEV) and no public exploit code identified at time of analysis.

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Speech Brokered API allows authenticated users to gain SYSTEM-level access via use-after-free memory corruption. All supported Windows 10, Windows 11, and Windows Server versions (2016-2025) are affected. Microsoft released patches in their April 2026 security update cycle. EPSS score of 0.04% (12th percentile) indicates low exploitation likelihood in the wild, and no active exploitation or public exploit code has been identified at time of analysis.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Remote Procedure Call (RPC) discloses sensitive information to local authenticated users in Windows 10, Windows 11, and Windows Server 2016-2025. An authorized attacker with local access and limited privileges can read confidential data without user interaction, affecting multiple Windows editions across a 9-year product span. Patch availability confirmed from Microsoft; no active exploitation reported.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows SSDP Service (all Windows 10, 11, and Server versions from 2012 onwards) enables low-privileged authenticated users to gain SYSTEM-level access by exploiting a race condition in shared resource handling. The vulnerability requires low privileges and high attack complexity (CVSS AC:H), resulting in complete compromise of confidentiality, integrity, and availability. Vendor-released patches are available for all affected versions with specific build numbers pr

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows SSDP Service across Windows 10, Windows 11, and Windows Server 2012-2025 allows authenticated users with low privileges to gain SYSTEM-level access by exploiting a race condition in shared resource handling. Attack complexity is high (AC:H), requiring precise timing to win the race window. Patch available per vendor advisory; no public exploit identified at time of analysis.

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows File Explorer information disclosure vulnerability in Windows 10 and Windows 11 allows authenticated local users to access sensitive information without authorization. The vulnerability affects multiple Windows 10 versions (1607, 1809, 21H2, 22H2), Windows 11 versions (22H3 through 26H1), and Windows Server 2016 through 2025. Microsoft has released patches addressing this CWE-200 information exposure flaw, with no evidence of active exploitation at the time of analysis.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Likely This Week

Local privilege escalation in Windows Universal Plug and Play (UPnP) Device Host allows authenticated attackers with low privileges to achieve system-level access through use-after-free memory corruption. Affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. Microsoft has released patches across all affected product lines. No public exploit identified at time of analysis, though the local attack vector and authentication requirement (PR:L) limit immedi

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation via use-after-free in Windows Ancillary Function Driver for WinSock (AFD.sys) affects all supported Windows versions from Windows 10 1607 through Windows 11 26H1 and Windows Server 2012-2025. Authenticated local attackers with low privileges can exploit memory corruption to gain SYSTEM-level access, though high attack complexity suggests reliable exploitation requires sophisticated techniques. Vendor-released patches are available across all affected versions. No publi

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Remote denial-of-service in Windows Local Security Authority Subsystem Service (LSASS) allows unauthenticated network attackers to crash Windows systems through null pointer dereference exploitation. Affects Windows 10 (versions 1607-22H2), Windows 11 (22H3-26H1), and Windows Server (2016-2025) across multiple release channels. Microsoft has released patches for all affected versions. No public exploit identified at time of analysis, but the low attack complexity (AC:L) and unauthenticated netwo

Denial Of Service Null Pointer Dereference Microsoft
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Windows GDI (Graphics Device Interface) allows local attackers to disclose sensitive information without authentication. The vulnerability affects Windows 10 versions 21H2 and 22H2, Windows 11 versions 22H3 through 26H1, and Windows Server 2022/2025, requiring user interaction to trigger. Microsoft has released patches for all affected versions, with specific build numbers provided for remediation.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Windows LUAFV driver privilege escalation via TOCTOU race condition allows authenticated local attackers with low privileges to gain SYSTEM-level access across all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025). The vulnerability requires high attack complexity to exploit the narrow timing window between security checks and file operations. Vendor-released patch available across all affected platforms. No public exploit identified at time of analysis, though th

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Windows Projected File System across Windows 10, 11, and Server versions allows authenticated local users to gain SYSTEM-level privileges by exploiting a race condition during concurrent file system operations. Affects all currently supported Windows versions from Server 2019 through Windows 11 26H1. Microsoft released patches in their latest security update cycle. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and minimal privil

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Cloud Files Mini Filter Driver (all Windows 10/11 and Server 2019/2022/2025 versions) allows low-privileged authenticated users to gain SYSTEM-level access through a race condition vulnerability. Attack requires high complexity timing manipulation of shared resources in the kernel-mode filter driver. Vendor-released patches available for all affected versions. No public exploit identified at time of analysis, though the authenticated local attack vector and detailed version-specific fix data suggest moderate real-world deployment risk in multi-user Windows environments.

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Likely This Week

Local privilege escalation in Windows TCP/IP stack across Windows 10, 11, and Server editions allows low-privileged authenticated users to gain SYSTEM-level access by exploiting a race condition in shared resource synchronization. This CWE-362 flaw affects every supported Windows version from legacy Server 2012 through cutting-edge Windows 11 26H1, with vendor-released patches available. The local attack vector (AV:L) and high complexity (AC:H) reduce immediate mass-exploitation risk, though the

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Universal Plug and Play (UPnP) Device Host affects all supported Windows versions from Server 2012 through Windows 11 26H1 and Server 2025. Authenticated local attackers with low privileges can exploit an untrusted pointer dereference (CWE-822) to achieve complete system compromise with high impact to confidentiality, integrity, and availability. Microsoft has released patches for all affected versions. No public exploit identified at time of analysis, thoug

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Windows Shell privilege escalation affects Windows 10 (1809+), Windows 11 (all versions through 26H1), and Windows Server 2019-2025 via a race condition vulnerability (CWE-362). Local authenticated attackers with low-privilege access can exploit concurrent execution flaws to gain SYSTEM-level privileges with low attack complexity and no user interaction required (CVSS 7.8). Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though t

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) across Windows 10, 11, and Server 2012 R2-2025 allows authenticated attackers with low privileges to gain SYSTEM-level access via use-after-free memory corruption. Microsoft released patches addressing versions from Windows 10 1607 through Windows 11 26H1 and Server 2012 R2 through Server 2025. CVSS 7.0 rating reflects high attack complexity; no public exploit identified at time of analysis. EPSS data not prov

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation via use-after-free memory corruption in Windows Universal Plug and Play (UPnP) Device Host affects all supported Windows versions from Server 2012 through Windows 11 26H1. Authenticated local attackers with low privileges can exploit this CWE-416 flaw to gain SYSTEM-level access with low attack complexity (CVSS:3.1 AV:L/AC:L/PR:L). Vendor-released patches are available across all affected Windows 10, Windows 11, and Windows Server product lines. No public exploit code

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Likely This Week

Use-after-free in Windows TDI Translation Driver (tdx.sys) allows local privilege escalation to SYSTEM by authenticated low-privileged users on Windows 10/11 and Server 2012-2025. Microsoft has released security updates addressing this CWE-416 memory corruption flaw across all supported Windows versions. CVSS 7.0 reflects high attack complexity but full system compromise if successfully exploited. No public exploit identified at time of analysis, though the vulnerability's local attack vector an

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Storage Spaces Controller across Windows 11 (versions 22H3 through 26H1) and Windows Server 2022/2025 allows low-privileged authenticated users to achieve SYSTEM-level access via an integer underflow vulnerability. The flaw enables complete compromise of confidentiality, integrity, and availability on affected systems. EPSS risk data not available; no public exploit identified at time of analysis. Vendor-released patches are available for all affected versions.

Information Disclosure Integer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 4.4
MEDIUM PATCH Exploit Likely This Month

Windows Hello biometric authentication can be bypassed by high-privileged local attackers through improper input validation, allowing unauthorized access to authentication mechanisms. This affects Windows 10 versions 21H2 and 22H2, and Windows 11 versions 22H3 through 26H1. The vulnerability requires administrative or SYSTEM-level privileges to exploit and does not enable remote exploitation, but represents a significant risk in multi-user or compromised-admin scenarios where biometric security is the primary defense mechanism.

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Windows RPC API privilege escalation affects all supported Windows Server versions (2012 through 2025) due to improper access control (CWE-284). Low-privileged local attackers can achieve complete system compromise (high confidentiality, integrity, and availability impact) with low attack complexity and no user interaction required. Vendor-released patches are available across all affected Server Core and standard installations. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and clear attack path increase weaponization risk.

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Brokering File System on Windows 11 and Windows Server 2022/2025 allows authenticated users with low privileges to gain SYSTEM-level access via use-after-free memory corruption. The vulnerability affects all actively supported Windows 11 versions (22H3 through 26H1) and recent Windows Server editions. Exploitation requires local access and low-level user privileges (PR:L) but has low attack complexity (AC:L), enabling reliable exploitation once local access is obtained. No public exploit identified at time of analysis, though the use-after-free weakness class is well-understood by attackers.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Heap-based buffer overflow in the Windows Kernel enables local privilege escalation to SYSTEM on Windows 10 (versions 1607 through 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server (2012 through 2025). Authenticated local attackers with low privileges can exploit this memory corruption vulnerability to gain complete system control. Microsoft has released patches addressing 21 affected product versions. No public exploit identified at time of analysis, though the local attack vec

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Kernel via double free vulnerability enables low-privileged authenticated users to gain SYSTEM-level access across Windows 11 (versions 22H3 through 26H1) and Windows Server 2022/2025. The vulnerability requires local access and low privileges (PR:L) but presents low attack complexity (AC:L) with no user interaction required. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the straightforward attack complexity and severe impact make this a priority for patching in enterprise environments.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 4.6
MEDIUM PATCH Exploit Unlikely This Month

Windows Boot Manager contains an uninitialized resource vulnerability (CWE-908) that allows unauthorized attackers to bypass security features through physical access to affected systems. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), and Windows Server 2016/2019/2022/2025. While the CVSS score of 4.6 reflects the physical attack vector requirement and information disclosure impact, the authentication bypass nature comb

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Windows Server Update Service (WSUS) race condition enables local privilege escalation to SYSTEM on Windows 10, 11, and Server 2012-2025. Authenticated users with low-level privileges can exploit improper synchronization in concurrent execution paths to gain full system control. Attack complexity is high (AC:H), requiring precise timing to win the race window. Vendor-released patches available for all affected versions. No public exploit identified at time of analysis, though the high CVSS 7.0 s

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Push Notifications across Windows 10/11 and Server 2016-2025 allows low-privileged authenticated users to gain SYSTEM-level access via race condition exploitation. The vulnerability affects all currently supported Windows versions with confirmed vendor patches available. Attack complexity is low with no user interaction required, enabling straightforward exploitation once local access is obtained. The scope change (S:C) indicates the attacker can impact reso

Information Disclosure Race Condition Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Shell via double-free memory corruption allows low-privileged authenticated users to gain SYSTEM-level access across Windows 11 (versions 22H3 through 26H1) and Windows Server 2022/2025 environments. The CWE-415 double-free vulnerability requires high attack complexity but no user interaction, enabling complete system compromise once exploited. Vendor-released patches are available with specific build numbers identified for each affected version. No public exploit identified at time of analysis, though the CVSS 7.0 score reflects significant impact potential when successfully exploited.

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Windows Shell use-after-free memory corruption enables local privilege escalation to SYSTEM on Windows 11 (all versions 22H3 through 26H1) and Windows Server 2022/2025. Authenticated low-privileged users can exploit freed memory references in Shell components despite high attack complexity requirements. Vendor-released patches address all affected versions. EPSS data not available; no public exploit identified at time of analysis, though the vulnerability class (CWE-416) is well-understood and commonly weaponized in Windows privilege escalation chains.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Type confusion in Windows OLE (Object Linking and Embedding) enables authenticated local attackers to escalate privileges across all supported Windows 10, 11, and Server versions (2012-2025). The memory corruption flaw allows low-privileged users to execute code with elevated permissions through incompatible type handling. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and lack of user interaction (UI:N) make this accessible to attackers with basic local access.

Information Disclosure Memory Corruption Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Sensor Data Service affects all supported Windows 10, Windows 11, and Windows Server versions through untrusted pointer dereference (CWE-822). Authenticated local attackers with low-privilege accounts can exploit this vulnerability with low complexity to gain SYSTEM-level privileges, achieving full compromise of confidentiality, integrity, and availability. Vendor-released patches are available across all affected product lines. No public exploit identified

Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Remote Desktop Licensing Service affects all supported Windows 10, Windows 11, and Windows Server versions (2012-2025) via missing authentication on a critical function. Authenticated local attackers with low privileges can exploit this CWE-306 authentication bypass to gain SYSTEM-level access with high impact to confidentiality, integrity, and availability (CVSS 7.8). Patch available per vendor; no public exploit identified at time of analysis. The wide foo

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH Exploit Unlikely This Month

Microsoft Local Security Authority Subsystem Service (LSASS) information disclosure vulnerability allows authenticated network attackers to read sensitive memory contents via a bounds check bypass in the LSASS process. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2016, 2019, 2022, and 2025. No public exploit code or active exploitation has been reported; vendor-released patches are available across all affected versions.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Windows Server Update Service (WSUS) fails to properly validate network inputs, allowing unauthenticated remote attackers to cause denial of service across all Windows Server versions from 2012 through 2025. The vulnerability (CVSS 7.5) enables network-based tampering with high availability impact (AV:N/AC:L/PR:N/UI:N/A:H), though confidentiality and integrity remain unaffected. Patch available per vendor advisory; no public exploit identified at time of analysis. The Authentication Bypass tag and PR:N vector confirm attackers require no credentials, making internet-exposed WSUS servers particularly vulnerable.

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 7.1
HIGH PATCH Exploit Likely This Week

Windows Remote Desktop spoofing vulnerability allows remote unauthenticated attackers to bypass security warnings and trick users into accepting malicious RDP connections, potentially exposing sensitive session data. Affects all supported Windows 10, 11, and Server versions from 2012 through 2025. Vendor-released patches are available. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and network attack vector (AV:N) indicate exploitation would be straight

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 9.0
CRITICAL PATCH Exploit Unlikely Act Now

Escape sequence injection in Microsoft Power Apps versions prior to 3.26032.10.0 allows authenticated attackers with low privileges to bypass security controls and achieve remote code execution with high confidentiality, integrity, and availability impact across security boundaries. The vulnerability requires user interaction and affects Power Apps 1710 (build 9.2.23071.136 and earlier). EPSS score of 0.08% (23rd percentile) suggests low probability of mass exploitation despite critical CVSS 9.0 rating. Vendor patch available via Microsoft Security Response Center advisory.

Authentication Bypass Microsoft
NVD VulDB
EPSS 0% CVSS 5.7
MEDIUM PATCH Exploit Unlikely This Month

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows authorized local attackers to bypass security features, affecting Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2016-2025. With a CVSS score of 5.7 and high privilege requirement (PR:H), the vulnerability requires administrative or high-privilege account access but presents significant confidentiality and integrity risk to isolated security domai

Authentication Bypass Microsoft
NVD VulDB
Prev Page 19 of 193 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy