Skip to main content

Microsoft

17290 CVEs vendor

Monthly

CVE-2026-33067 Go CRITICAL PATCH Act Now

SiYuan's Bazaar marketplace fails to sanitize package metadata (displayName, description) before rendering in the Electron desktop application, allowing stored XSS that escalates to arbitrary remote code execution. Any SiYuan user (versions ≤3.5.9) who browses the Bazaar will automatically execute attacker-controlled code with full OS-level privileges when a malicious package card renders-no installation or user interaction required. A functional proof-of-concept exists demonstrating command execution via img onerror handlers, and this vulnerability is actively tracked in GitHub's advisory database (GHSA-mvpm-v6q4-m2pf), making it a critical supply-chain risk to the SiYuan user community.

Command Injection Apple Microsoft XSS RCE +4
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.4%
CVE-2026-33066 Go CRITICAL PATCH Act Now

SiYuan's Bazaar (community package marketplace) fails to sanitize HTML in package README files during rendering, allowing stored XSS that escalates to remote code execution due to unsafe Electron configuration. An attacker can submit a malicious package with embedded JavaScript in the README that executes with full Node.js access when any user views the package details in the Bazaar. This affects SiYuan versions 3.5.9 and earlier across Windows, macOS, and Linux, with a CVSS score of 9.6 and multiple real-world exploitation vectors including data theft, reverse shells, and persistent backdoors.

Apple Microsoft XSS RCE Information Disclosure +4
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.5%
CVE-2026-2559 MEDIUM PATCH This Month

The Post SMTP WordPress plugin for versions up to 3.8.0 contains an authorization bypass vulnerability in the Office 365 OAuth redirect handler that allows authenticated subscribers and above to overwrite sensitive SMTP configuration without proper capability checks or nonce validation. An attacker with subscriber-level access can craft a malicious URL to inject attacker-controlled Azure app credentials into the site's Microsoft 365 configuration, potentially causing administrators to unknowingly connect to the attacker's account during Pro wizard setup. This vulnerability has a CVSS score of 5.3 and is classified as CWE-862 (Missing Authorization), with active evidence of the vulnerable code path present in the plugin repository.

WordPress Microsoft Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22168 npm MEDIUM PATCH This Month

OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in the system.run function that allows authenticated operators to execute arbitrary commands on Windows systems by appending malicious arguments after cmd.exe /c while the approval audit log records only the benign command text. An authenticated attacker with operator privileges can exploit this to achieve local command execution on trusted Windows nodes with mismatched or incomplete audit trails, enabling information disclosure and lateral movement while evading detection.

Information Disclosure Microsoft Openclaw Windows
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-58112 Monitor

This vulnerability enables arbitrary SQL command execution in Microsoft Dynamics 365 Customer Engagement (on-premises) version 1612 through malicious Report Definition Language (RDL) files uploaded to SQL Server Reporting Services. An attacker with the 'Add Reporting Services Reports' privilege can upload a crafted RDL file containing raw SQL queries; if the file is already loaded and executable by the user, this privilege is not required. Upon report generation, arbitrary SQL commands execute in the underlying database, potentially allowing data exfiltration, linked server access, or operating system command execution depending on SQL Server service account permissions. A proof-of-concept has been documented in public repositories, indicating active research and potential exploitation risk.

Information Disclosure Microsoft
NVD GitHub VulDB
EPSS
0.0%
CVE-2026-3856 MEDIUM PATCH This Month

CVE-2026-3856 is a security vulnerability (CVSS 5.3) that allows an attacker. Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Microsoft IBM Information Disclosure Db2 Recovery Expert Windows
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33039 PHP HIGH PATCH This Week

A Server-Side Request Forgery (SSRF) vulnerability in AVideo's LiveLinks proxy endpoint allows unauthenticated attackers to access internal services and cloud metadata by exploiting missing validation on HTTP redirect targets. The vulnerability enables attackers to bypass initial URL validation through a malicious redirect, potentially exposing AWS/GCP/Azure instance metadata including IAM credentials. A detailed proof-of-concept is available and a patch has been released by the vendor.

PHP SSRF Google Microsoft Mozilla +1
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-2809 MEDIUM PATCH This Month

Netskope's Endpoint DLP Module for Windows is vulnerable to an integer overflow in its DLL Injector that can be triggered by a high-privileged local user to crash the system. When the Endpoint DLP module is enabled, successful exploitation results in a Blue Screen of Death and denial of service on the affected machine. No patch is currently available for this medium-severity vulnerability.

Buffer Overflow Microsoft Endpoint Dlp Module For Netskope Client Windows
NVD VulDB
CVSS 4.0
6.7
EPSS
0.0%
CVE-2025-15584 MEDIUM PATCH This Month

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems.

Buffer Overflow Microsoft Endpoint Dlp Module For Netskope Client Windows
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-32812 PHP MEDIUM PATCH This Month

An unauthenticated Server-Side Request Forgery (SSRF) and Local File Read vulnerability exists in the Admidio SSO metadata fetch endpoint, which accepts arbitrary URLs via GET parameter and passes them directly to file_get_contents() after validating only with PHP's FILTER_VALIDATE_URL-a format checker that does not block dangerous URI schemes. An authenticated administrator can exploit this to read arbitrary local files (including database credentials from config.php), probe internal network services, or fetch cloud instance metadata (such as AWS IAM credentials from 169.254.169.254). A proof-of-concept demonstrating all attack vectors has been published; CVSS 6.8 reflects high confidentiality impact but is mitigated by the requirement for administrator privileges.

CSRF Elastic PHP Microsoft SSRF +1
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-32268 PHP HIGH PATCH This Week

The DefaultController->actionLoadContainerData() endpoint in the Microsoft plugin permits unauthenticated attackers possessing a valid CSRF token to enumerate accessible storage buckets and extract sensitive data from Azure error messages. This authorization bypass affects users running unpatched versions prior to 2.1.1, exposing cloud storage infrastructure details and potentially sensitive system information through verbose error responses.

Information Disclosure Authentication Bypass Microsoft CSRF
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-2274 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security (On-Prem) on Windows allows Stored XSS.This issue affects Web Security through 8.5.6.

XSS Microsoft
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-4255 HIGH PATCH This Week

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME allows local attackers to execute arbitrary code with administrative privileges through DLL side-loading. The vulnerability affects versions up to 2.0.5 and occurs because the application loads DLLs using Windows' default search order without verifying integrity or signatures, allowing malicious DLLs placed in writable directories to be loaded when the application runs. No active exploitation has been reported (not in KEV), no public POC is available, and EPSS data is not yet available for this CVE.

RCE Microsoft
NVD VulDB
CVSS 4.0
8.4
EPSS
0.0%
CVE-2017-20218 HIGH POC This Week

Serviio PRO 1.8 and earlier versions contain an unquoted service path vulnerability combined with insecure directory permissions that allows local authenticated users to escalate privileges to SYSTEM level. A public exploit is available, making this vulnerability easily exploitable by any authenticated user on the system. With a CVSS score of 7.8 and multiple proof-of-concept exploits published, this represents a significant risk for organizations running affected versions.

Privilege Escalation RCE Microsoft
NVD Exploit-DB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-0385 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) for Android contains a spoofing vulnerability that allows attackers to manipulate the presentation of content or identity through a network-based attack requiring user interaction. The vulnerability affects Microsoft Edge on Android devices and has a CVSS score of 5.0, indicating moderate severity with low impact on confidentiality, integrity, and availability. While the CVSS vector indicates User Interaction is Required and Attack Complexity is High, the vulnerability is not currently listed as actively exploited in known vulnerability databases, though the Reliability Rating of Confirmed suggests vendor verification.

Microsoft Google Authentication Bypass
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-31944 HIGH This Week

LibreChat versions 0.8.2 through 0.8.2-rc3 contain an authentication bypass vulnerability in the Model Context Protocol (MCP) OAuth callback endpoint that allows attackers to steal OAuth tokens by tricking victims into completing an OAuth flow, resulting in account takeover of the victim's MCP-linked services like Atlassian and Outlook. No active exploitation is known (not in KEV), no POC is publicly available, and EPSS data is not yet available for this newly disclosed vulnerability.

Atlassian Authentication Bypass Microsoft AI / ML Librechat
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-2673 MEDIUM POC PATCH CISA This Month

OpenSSL and Microsoft products using the 'DEFAULT' keyword in TLS 1.3 key exchange group configurations may negotiate weaker cryptographic groups than intended, allowing network-based attackers to potentially downgrade the security of encrypted connections without authentication or user interaction. This affects servers that combine default group lists with custom configurations, particularly impacting hybrid post-quantum key exchange implementations where clients defer group selection. A patch is available to remediate this high-severity confidentiality risk.

OpenSSL Information Disclosure Microsoft
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
Threat
4.8
CVE-2026-23943 MEDIUM PATCH This Month

A remote code execution vulnerability (CVSS 6.9) that allows denial of service. Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Microsoft Denial Of Service SSH
NVD VulDB GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-3497 MEDIUM PATCH This Month

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself.

SSH Information Disclosure Microsoft Ubuntu Linux Openssh +2
NVD VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-21672 HIGH This Week

Local privilege escalation in Veeam Backup & Replication on Windows enables authenticated users to gain system-level access without user interaction. An attacker with local account credentials can exploit this vulnerability to achieve complete control over the backup infrastructure, including reading, modifying, or deleting backups. No patch is currently available for this high-severity issue affecting backup administrators and organizations relying on Veeam for data protection.

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-31979 HIGH PATCH This Week

Local privilege escalation in Himmelblau prior to versions 3.1.0 and 2.3.8 allows authenticated local users to exploit insecure Kerberos cache file handling in the root-running himmelblaud-tasks daemon through symlink attacks. The vulnerability stems from the removal of PrivateTmp protections, exposing /tmp operations to symlink-based file overwrite and ownership manipulation attacks. An attacker with local access can leverage this flaw to achieve arbitrary file modification and full system compromise.

Privilege Escalation Microsoft Himmelblau Suse
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2019-25485 MEDIUM POC This Month

R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. [CVSS 6.2 MEDIUM]

Buffer Overflow Memory Corruption Microsoft
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2019-25476 MEDIUM POC This Month

Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. [CVSS 6.2 MEDIUM]

Buffer Overflow Denial Of Service Memory Corruption Microsoft
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-31813 MEDIUM This Month

Supabase Auth allows remote attackers to hijack user sessions by crafting fraudulent ID tokens when Apple or Azure OAuth providers are configured, enabling unauthorized access to victim accounts without requiring user interaction. An attacker can forge a valid JWT token for any target email address and exchange it at the token endpoint to obtain legitimate session credentials, effectively impersonating arbitrary users. This affects organizations using Supabase with Apple or Azure authentication enabled, with no patch currently available to remediate the vulnerability.

Microsoft Authentication Bypass Apple
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-68623 HIGH This Week

In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. [CVSS 8.8 HIGH]

Microsoft Privilege Escalation
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-30903 CRITICAL Act Now

File path control in Zoom Workplace for Windows Mail feature before 6.6.0.

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.1
9.6
EPSS
0.1%
CVE-2026-30902 HIGH This Week

Zoom Client for Windows contains a privilege escalation vulnerability that allows authenticated local users to gain elevated system privileges through improper access controls. An attacker with valid credentials can exploit this weakness to execute arbitrary code or access sensitive system resources without administrative approval. No patch is currently available for this issue.

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-30901 HIGH This Week

Improper Input Validation in Zoom Room versions up to 6.6.5 is affected by improper input validation (CVSS 7.0).

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-30900 HIGH This Week

Zoom's Windows client fails to properly validate minimum version requirements during updates, enabling authenticated local users to escalate their privileges on affected systems. An attacker with local access and valid credentials could exploit this validation bypass to gain elevated permissions. No patch is currently available for this vulnerability.

Privilege Escalation Microsoft
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-66413 HIGH This Week

Git for Windows versions prior to 2.53.0(2) leak NTLM credential hashes when users clone from malicious servers, enabling password cracking attacks. The vulnerability requires user interaction (cloning from attacker-controlled repository) but needs no authentication from the attacker. EPSS score of 0.03% suggests low probability of mass exploitation, and no evidence of active exploitation or public POC exists at time of analysis. However, the simplicity of the attack (social engineering a git clone operation) and the high confidentiality impact (user credential theft) make this a priority for Windows-based development environments.

Microsoft Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-26123 MEDIUM PATCH This Month

Microsoft Authenticator contains an information disclosure vulnerability that allows local attackers to access sensitive data without requiring elevated privileges or user interaction beyond standard operation. The vulnerability stems from improper categorization of security controls, enabling unauthorized disclosure of confidential information on affected systems. No patch is currently available for this issue.

Microsoft Information Disclosure Authenticator
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-3315 MEDIUM This Month

Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33.

Microsoft Privilege Escalation
NVD VulDB
CVSS 4.0
5.8
EPSS
0.0%
CVE-2026-26148 HIGH PATCH This Week

Local privilege escalation in Azure Entra ID SSH Login Extension for Linux stems from improper initialization of trusted variables, enabling unauthenticated attackers on affected systems to gain elevated privileges. This high-severity vulnerability (CVSS 8.1) requires local access but can compromise system confidentiality, integrity, and availability across trust boundaries. No patch is currently available.

Authentication Bypass Microsoft Azure Ad Ssh Login Extension For Linux
NVD VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-26144 HIGH PATCH This Week

Information disclosure in Microsoft 365 Apps Excel allows unauthenticated remote attackers to extract sensitive data through stored cross-site scripting attacks in generated web content. The vulnerability requires no user interaction and affects all Excel users who process untrusted documents. No patch is currently available, leaving users dependent on mitigation strategies until Microsoft releases a fix.

Microsoft XSS 365 Apps
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-26141 HIGH PATCH This Week

Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Authentication Bypass Microsoft Azure Automation Hybrid Worker Windows Extension
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26134 HIGH PATCH This Week

Microsoft Office is vulnerable to an integer overflow that allows authenticated local users to escalate their privileges and gain full system control. An attacker with valid credentials can exploit this numeric calculation flaw to execute arbitrary code with elevated permissions. No patch is currently available for this vulnerability.

Microsoft Integer Overflow Buffer Overflow
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26132 HIGH PATCH This Week

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Microsoft Memory Corruption Denial Of Service Windows
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26128 HIGH PATCH This Week

Windows SMB Server's authentication mechanism can be bypassed by local authenticated users to gain elevated privileges on affected systems. This high-severity vulnerability (CVSS 7.8) impacts confidentiality, integrity, and availability, though no patch is currently available. Organizations should implement compensating controls and monitor for exploitation attempts targeting this authentication weakness.

Microsoft Authentication Bypass
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26121 HIGH PATCH This Week

Azure IoT Explorer is vulnerable to server-side request forgery that enables unauthenticated network-based attackers to perform spoofing attacks and access sensitive information. The vulnerability requires no user interaction and can be exploited remotely with low attack complexity, affecting the confidentiality of exposed data. No patch is currently available.

SSRF Microsoft Azure Iot Explorer
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-26118 LIB HIGH PATCH This Week

Authenticated users can exploit a server-side request forgery vulnerability in Azure MCP Server to escalate their privileges across the network, potentially gaining unauthorized access to sensitive resources. The vulnerability affects Microsoft Azure environments and requires only low attack complexity with no user interaction, making it a significant risk for organizations using this service. No patch is currently available, leaving affected systems exposed to exploitation.

SSRF Microsoft Azure Mcp Server
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-26117 HIGH PATCH This Week

Privilege escalation in Microsoft Azure Connected Machine Agent on Windows allows local authenticated users to bypass authentication mechanisms and gain elevated system privileges. An attacker with existing local access can exploit alternate authentication paths to escalate their permissions without user interaction. No patch is currently available for this vulnerability affecting Arc Enabled Servers.

Authentication Bypass Microsoft Arc Enabled Servers Azure Connected Machine Agent Windows
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26114 HIGH PATCH This Week

Remote code execution in Microsoft SharePoint Server through unsafe deserialization of untrusted data allows authenticated attackers to execute arbitrary code with high privileges over the network. The vulnerability requires valid user credentials but no user interaction, making it exploitable by any authorized account. No patch is currently available, leaving affected systems vulnerable until Microsoft releases a fix.

Microsoft Deserialization Sharepoint Server
NVD VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-26113 HIGH PATCH This Week

Unsafe pointer dereference in Microsoft Office, SharePoint Server, and 365 Apps enables local code execution with high privileges on affected systems. An attacker with local access can exploit this memory safety flaw to achieve complete system compromise including data theft and modification. No patch is currently available, leaving users vulnerable until Microsoft releases a security update.

Microsoft Authentication Bypass Sharepoint Server Office Office Long Term Servicing Channel +1
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-26112 HIGH PATCH This Week

Microsoft Excel and Office products are vulnerable to local code execution through unsafe pointer dereferencing, requiring user interaction to trigger. An attacker with local access can exploit this flaw to achieve arbitrary code execution with full system privileges. No patch is currently available, leaving users of affected Office versions at risk.

Microsoft Authentication Bypass Office Online Server Excel Office +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26111 HIGH POC PATCH This Week

Remote code execution in Windows RRAS across Server 2016, 2022, and 2025 via an integer overflow vulnerability allows authenticated attackers to execute arbitrary code over the network with high privileges. Public exploit code exists for this vulnerability, and no patch is currently available. Authenticated users with network access can trigger the vulnerability through a simple interaction to gain complete system compromise.

Buffer Overflow Heap Overflow Microsoft Windows Server 2022 Windows Server 2016 +4
NVD VulDB GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-26110 HIGH PATCH This Week

Local code execution in Microsoft Office and 365 Apps stems from a type confusion vulnerability in memory handling that allows unauthenticated attackers to execute arbitrary code with system privileges. The vulnerability affects Office Long Term Servicing Channel deployments and requires only local access with no user interaction to trigger. No patch is currently available, making this a critical risk for organizations running affected Office versions.

Microsoft Authentication Bypass Memory Corruption
NVD VulDB
CVSS 3.1
8.4
EPSS
0.1%
CVE-2026-26109 HIGH PATCH This Week

Arbitrary code execution in Microsoft Office Excel and related products (Office Online Server, 365 Apps) via out-of-bounds memory read allows local attackers to achieve complete system compromise without requiring user interaction or elevated privileges. This high-severity vulnerability affects multiple Microsoft Office components and currently lacks a security patch. An attacker with local access can exploit memory corruption to execute malicious code with full system permissions.

Microsoft Information Disclosure Buffer Overflow Office Online Server 365 Apps +3
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-26108 HIGH PATCH This Week

Heap buffer overflow in Microsoft Office Excel enables local code execution with high integrity and confidentiality impact affecting Office, Office Online Server, and 365 Apps. An attacker with user interaction can achieve arbitrary code execution in the context of the affected application. No patch is currently available for this vulnerability.

Microsoft Buffer Overflow Heap Overflow Office Office Online Server +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26107 HIGH PATCH This Week

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Microsoft Use After Free Denial Of Service Memory Corruption Office Long Term Servicing Channel +4
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-26106 HIGH PATCH This Week

Remote code execution in Microsoft SharePoint Server allows authenticated users to bypass input validation and execute arbitrary code across the network. This high-severity vulnerability (CVSS 8.8) affects authorized attackers who can leverage improper validation controls to achieve full system compromise. No patch is currently available, making immediate mitigation and access controls critical for affected organizations.

Microsoft Information Disclosure Sharepoint Server
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-26105 HIGH PATCH This Week

Microsoft SharePoint Server contains a reflected cross-site scripting vulnerability that allows remote attackers to execute arbitrary scripts in users' browsers through malicious links, enabling spoofing attacks and credential theft. The vulnerability requires user interaction to trigger and affects all SharePoint deployments with no available patch. With a CVSS score of 8.1, this poses a significant risk to organizations relying on SharePoint for collaboration.

Microsoft XSS Sharepoint Server
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-25190 HIGH PATCH This Week

Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Authentication Bypass Microsoft Windows Server 2022 23h2 Windows Server 2022 Windows 11 26h1 +12
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-25189 HIGH PATCH This Week

Privilege escalation in Windows DWM Core Library affects Windows 10 versions 21H2 and 1809 through a use-after-free memory corruption vulnerability that allows authenticated local attackers to gain system-level privileges. The vulnerability requires local access and valid user credentials but no user interaction, creating a significant risk for multi-user systems. No patch is currently available.

Use After Free Microsoft Denial Of Service Memory Corruption Windows 10 21h2 +5
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25188 HIGH PATCH This Week

Privilege escalation in Windows Telephony Service through heap buffer overflow affects Windows 10 1607, Windows 11 25h2, and Windows Server 2012, allowing adjacent network attackers to gain elevated system access without authentication. The vulnerability has a high CVSS score of 8.8 but currently lacks a patch, creating significant risk for exposed systems. Exploitation requires network proximity but no user interaction.

Buffer Overflow Heap Overflow Microsoft Windows 10 1607 Windows 11 25h2 +13
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-25186 MEDIUM PATCH This Month

Unauthorized disclosure of sensitive information in Windows Accessibility Infrastructure (ATBroker.exe) affects Windows Server 2019, 2025, Windows 10 22h2, and Windows 11 25h2, allowing local authenticated attackers to read confidential data. The vulnerability requires user privileges and local access but poses no risk to system integrity or availability. No patch is currently available for this issue.

Information Disclosure Microsoft Windows Server 2019 Windows 10 22h2 Windows Server 2025 +12
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-25185 MEDIUM PATCH This Month

Windows Shell Link Processing leaks sensitive information over the network in Windows Server 2012, 2019, and 2022, enabling remote spoofing attacks without authentication or user interaction. An unauthenticated attacker can exploit this information disclosure to conduct spoofing attacks against affected systems. No patch is currently available.

Information Disclosure Microsoft Windows Server 2022 23h2 Windows Server 2012 Windows Server 2022 +12
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-25181 HIGH PATCH This Week

Information disclosure in Windows GDI+ affects Windows 11 (24h2, 25h2) and Windows Server 2012/2016, allowing unauthenticated attackers to read sensitive data remotely through an out-of-bounds memory access vulnerability. The flaw requires no user interaction and can be exploited over the network to compromise confidentiality without modifying system data or availability. No patch is currently available for this high-severity vulnerability.

Information Disclosure Buffer Overflow Microsoft Windows 11 24h2 Windows Server 2012 +13
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25180 MEDIUM PATCH This Month

Microsoft Graphics Component contains an out-of-bounds read vulnerability affecting Windows 10 1607, Windows Server 2019, and 2022, enabling local attackers to read sensitive information from memory. The vulnerability requires user interaction and local access, posing a confidentiality risk without offering a currently available patch. Attack complexity is low, making it a practical concern for systems running affected Office and Windows versions.

Microsoft Information Disclosure Buffer Overflow
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25179 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock in Windows Server 2025, 2022, and Windows 10 1809 contains insufficient input validation that allows authenticated local users to escalate privileges. An attacker with local access and valid credentials can exploit this vulnerability to gain elevated system permissions, though no patch is currently available. This HIGH severity vulnerability affects multiple Windows Server and client versions with no active exploit mitigation path.

Information Disclosure Microsoft Windows Server 2025 Windows Server 2022 Windows Server 2022 23h2 +12
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-25178 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock (AFD) in Windows 11 versions 24h2 and 26h1 contains a use-after-free vulnerability (CWE-416) that allows authenticated local attackers to escalate privileges through memory corruption. An attacker with local access could exploit this flaw to gain elevated system permissions, though no official patch is currently available.

Use After Free Microsoft Denial Of Service Memory Corruption Windows 11 26h1 +14
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-25177 HIGH PATCH This Week

Privilege escalation in Windows Active Directory Domain Services (AD DS) across Windows 11, Windows 10, and Windows Server platforms allows authenticated network attackers to gain elevated privileges by exploiting improper validation of resource naming restrictions. An attacker with valid domain credentials can leverage this vulnerability to escalate their access level without user interaction. Currently, no patch is available, leaving all affected Windows versions vulnerable.

Information Disclosure Windows 11 23h2 Windows 11 26h1 Windows Server 2025 Windows 10 22h2 +11
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-25176 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock in Windows 10 (all versions) and Windows 11 contains an access control weakness that enables authenticated local attackers to escalate privileges to system level. An attacker with standard user credentials can exploit this flaw to gain elevated rights on affected systems. No patch is currently available for this vulnerability.

Authentication Bypass Microsoft Windows 10 22h2 Windows 10 1607 Windows Server 2019 +12
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25175 HIGH PATCH This Week

Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Information Disclosure Buffer Overflow Microsoft Windows Server 2019 Windows 10 1607 +9
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25174 HIGH PATCH This Week

Windows Extensible File Allocation (exFAT) contains an out-of-bounds read vulnerability affecting Windows Server 2022, Windows 10 1607, and Windows 11 versions 23h2/25h2, enabling authenticated local users to escalate privileges with high impact on confidentiality, integrity, and availability. The vulnerability requires local access and user-level privileges to exploit, with no patch currently available. This flaw carries a CVSS score of 7.8 and affects multiple supported Windows versions across server and client platforms.

Information Disclosure Buffer Overflow Microsoft Windows Server 2022 Windows 10 1607 +13
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25173 HIGH POC PATCH This Week

Remote code execution in Windows RRAS affects Windows 10 1607 and Windows Server 2022 23h2 through an integer overflow vulnerability exploitable by authenticated network attackers. Public exploit code exists for this vulnerability, enabling authenticated users to execute arbitrary code with high integrity and confidentiality impact. No patch is currently available, making this a critical exposure for affected Windows environments.

Microsoft Buffer Overflow Heap Overflow Windows Server 2022 23h2 Windows 10 1607 +13
NVD VulDB GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-25172 HIGH POC PATCH This Week

Remote code execution in Windows Routing and Remote Access Service (RRAS) across Windows Server 2012, 2022, and 2022 23h2 stems from an integer overflow vulnerability that authenticated network attackers can exploit with user interaction. Public exploit code exists for this vulnerability, enabling attackers to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available.

Microsoft Buffer Overflow Heap Overflow Windows Server 2022 Windows Server 2012 +5
NVD VulDB GitHub
CVSS 3.1
8.0
EPSS
0.1%
CVE-2026-25171 HIGH PATCH This Week

Privilege escalation in Windows Authentication Methods (Windows 10 22H2, Windows 11 26H1) stems from a use-after-free memory vulnerability that allows authenticated local attackers to gain elevated system privileges. The flaw requires low user privileges and manual interaction but provides complete system compromise through code execution. No patch is currently available for this high-severity vulnerability.

Use After Free Microsoft Denial Of Service Memory Corruption Windows 10 22h2 +14
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-25170 HIGH PATCH This Week

Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Microsoft Denial Of Service Memory Corruption Windows 11 23h2 +7
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-25169 MEDIUM PATCH This Month

A division by zero flaw in the Microsoft Graphics Component on Windows 10 and Windows 11 systems enables local attackers to trigger a denial of service condition without requiring special privileges or user interaction. The vulnerability affects multiple Windows versions including Windows 10 1607, 22h2 and Windows 11 25h2, 26h1, with no patch currently available.

Microsoft Authentication Bypass Windows 10 1607 Windows 11 25h2 Windows 11 26h1 +11
NVD VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-25168 MEDIUM PATCH This Month

Microsoft Graphics Component on Windows 10 21H2, Windows Server 2016, and Windows 11 25H2 is vulnerable to a null pointer dereference that enables local denial of service attacks. An attacker with local access can trigger the vulnerability without requiring elevated privileges or user interaction to crash the graphics component and render the system unavailable. No patch is currently available for this medium-severity vulnerability.

Microsoft Null Pointer Dereference Denial Of Service Windows 10 21h2 Windows Server 2016 +12
NVD VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-25167 HIGH PATCH This Week

Privilege escalation in Microsoft's Brokering File System on Windows 11 (24h2 and 25h2) stems from a use-after-free vulnerability that allows local attackers to gain elevated system privileges. An attacker with local access can exploit memory corruption to execute arbitrary code with higher privileges, potentially compromising system integrity. No patch is currently available for this vulnerability.

Microsoft Use After Free Denial Of Service Memory Corruption Windows 11 24h2 +3
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-25166 HIGH PATCH This Week

Local code execution in Windows System Image Manager (Windows 11 23h2, Windows Server 2019/2022) through unsafe deserialization of untrusted data. An authenticated local attacker can exploit this vulnerability to execute arbitrary code with elevated privileges. No patch is currently available.

Deserialization Microsoft Windows 11 23h2 Windows Server 2019 Windows Server 2022 23h2 +10
NVD VulDB
CVSS 3.1
7.8
EPSS
0.6%
CVE-2026-25165 HIGH PATCH This Week

Privilege escalation in Windows Performance Counters via null pointer dereference affects Windows Server 2019 and Windows 11 systems, enabling authenticated local attackers to gain elevated privileges. The vulnerability impacts systems where users have standard account access, allowing them to escalate to higher privilege levels on affected machines. No patch is currently available.

Null Pointer Dereference Microsoft Denial Of Service Windows Server 2019 Windows 11 26h1 +13
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24297 MEDIUM PATCH This Month

Windows Kerberos authentication in Server 2012 and Windows 10 (versions 1607, 1809) contains a race condition that enables unauthenticated remote attackers to circumvent security feature protections. The synchronization flaw in concurrent resource access allows attackers to bypass intended security controls without user interaction over the network. No patch is currently available for this vulnerability.

Race Condition Microsoft Authentication Bypass Windows Server 2012 Windows 10 1607 +6
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24296 HIGH PATCH This Week

Privilege escalation in Windows Device Association Service (Windows 10 versions 1607, 1809, and 21H2) stems from improper synchronization of shared resources, enabling local authenticated users to gain elevated system privileges. The vulnerability requires high attack complexity and no user interaction, making it exploitable by insiders or compromised local accounts. No patch is currently available.

Race Condition Microsoft Information Disclosure Windows Server 2022 23h2 Windows Server 2019 +13
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-24295 HIGH PATCH This Week

Privilege escalation in Windows Device Association Service across Windows 10, 11, and Server 2022 stems from improper synchronization of shared resources, enabling local authenticated users to gain elevated system privileges. The vulnerability requires local access and specific timing conditions but poses high risk due to its impact on confidentiality, integrity, and availability. No patch is currently available.

Race Condition Microsoft Information Disclosure Windows Server 2022 23h2 Windows 11 24h2 +12
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-24294 HIGH PATCH This Week

Windows SMB Server authentication bypass across multiple versions (Windows 10 1607, Windows 11 23h2, Windows Server 2012/2025) permits authenticated local users to escalate privileges with high impact to confidentiality, integrity, and availability. The vulnerability stems from improper authentication validation in the SMB service, allowing a local attacker to gain system-level access without user interaction. No patch is currently available, leaving affected systems vulnerable to privilege escalation attacks from any authenticated user.

Microsoft Authentication Bypass Windows 10 1607 Windows 10 1809 Windows 10 21h2 +11
NVD VulDB GitHub
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-24293 HIGH PATCH This Week

Privilege escalation in Windows Ancillary Function Driver for WinSock affects Windows 11 24H2, Windows Server 2022, and Windows Server 2025, allowing authenticated local attackers to gain system-level access through null pointer dereference. The vulnerability requires valid user credentials and local access but no user interaction to exploit. No patch is currently available.

Null Pointer Dereference Microsoft Denial Of Service Windows Server 2022 Windows 11 24h2 +7
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24292 HIGH PATCH This Week

Privilege escalation in Windows Connected Devices Platform Service (Cdpsvc) exploits a use-after-free memory vulnerability, affecting Windows 10 22h2 and Windows 11 (25h2, 26h1). An authenticated local attacker can leverage this flaw to gain system-level privileges on vulnerable systems. No patch is currently available for this high-severity vulnerability.

Use After Free Denial Of Service Memory Corruption Windows 10 22h2 Windows 11 25h2 +10
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24291 HIGH PATCH This Week

Privilege escalation in Windows Accessibility Infrastructure (ATBroker.exe) across Windows 10, Windows 11, and Windows Server 2022 stems from improper permission assignments on a critical resource. A local authenticated attacker can exploit this misconfiguration to gain elevated privileges without user interaction. No patch is currently available for this vulnerability.

Information Disclosure Microsoft Windows Server 2022 Windows 11 25h2 Windows 11 23h2 +12
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-24290 HIGH PATCH This Week

Windows Projected File System in Windows 11 and Server 2022 contains improper access control that enables authenticated local users to escalate privileges to system level. An attacker with valid credentials can exploit this vulnerability to gain elevated permissions without user interaction. Currently, no patch is available to address this issue.

Microsoft Authentication Bypass Windows 11 24h2 Windows Server 2022 23h2 Windows 11 26h1 +9
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24289 HIGH PATCH This Week

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Microsoft Denial Of Service Memory Corruption Windows 10 22h2 +13
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-24288 MEDIUM PATCH This Month

Arbitrary code execution in Windows 10 (versions 21H2 and 22H2) via heap buffer overflow in Mobile Broadband functionality requires physical access to a target device. An attacker with direct hardware access can trigger memory corruption to achieve kernel-level code execution with full system privileges. No patch is currently available for this vulnerability.

Buffer Overflow Heap Overflow Microsoft Windows 10 22h2 Windows 10 21h2 +1
NVD VulDB
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-24287 HIGH PATCH This Week

Windows Kernel path traversal vulnerability in Server 2025, Server 2022, Windows 11 24h2, and Windows 10 22h2 enables authenticated local attackers to achieve full system compromise through privilege escalation. The flaw allows an authorized user to manipulate file name or path parameters, bypassing access controls and gaining kernel-level privileges. No patch is currently available.

Information Disclosure Microsoft Windows Server 2025 Windows 11 24h2 Windows Server 2022 23h2 +9
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-24285 HIGH PATCH This Week

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Microsoft Denial Of Service Memory Corruption
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-24283 HIGH PATCH This Week

Privilege escalation in Windows 11 (24h2, 26h1) and Windows Server 2022 (23h2) via heap overflow allows authenticated local users to gain system-level access. The vulnerability requires valid credentials but no user interaction, making it a direct path to complete system compromise. No patch is currently available.

Buffer Overflow Heap Overflow Microsoft Windows 11 24h2 Windows 11 26h1 +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-24282 MEDIUM PATCH This Month

Windows Push Message Routing Service contains an out-of-bounds read vulnerability that enables authenticated local users to access sensitive information on affected systems running Windows 10 and Windows 11. The vulnerability requires valid credentials to exploit and poses a confidentiality risk, though no patch is currently available. This affects multiple Windows versions including 21H2, 22H2, and 23H2 releases.

Buffer Overflow Information Disclosure Windows 10 21h2 Windows 10 1607 Windows 11 25h2 +6
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23674 HIGH PATCH This Week

Windows MapUrlToZone security bypass in Windows 11 24H2, Windows 10 21H2, and Windows Server 2016/2025 allows unauthenticated remote attackers to circumvent zone-based security restrictions through improper path equivalence resolution. An attacker can exploit this network-accessible vulnerability without user interaction to bypass intended access controls. No patch is currently available for this high-severity vulnerability.

Microsoft Authentication Bypass Windows 11 24h2 Windows 10 21h2 Windows Server 2025 +12
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-23673 HIGH PATCH This Week

Windows ReFS contains an out-of-bounds read vulnerability affecting Server 2019, 2022, 2025, and Windows 11 26h1 that enables authenticated local users to escalate privileges with high impact to confidentiality, integrity, and availability. The vulnerability requires low attack complexity and no user interaction, making it exploitable by any authenticated user on the system. No patch is currently available for this HIGH severity issue.

Information Disclosure Microsoft Buffer Overflow Windows Server 2019 Windows Server 2025 +13
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-23672 HIGH PATCH This Week

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability [CVSS 7.8 HIGH]

Information Disclosure Buffer Overflow Microsoft Windows 11 25h2 Windows Server 2019 +13
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

SiYuan's Bazaar marketplace fails to sanitize package metadata (displayName, description) before rendering in the Electron desktop application, allowing stored XSS that escalates to arbitrary remote code execution. Any SiYuan user (versions ≤3.5.9) who browses the Bazaar will automatically execute attacker-controlled code with full OS-level privileges when a malicious package card renders-no installation or user interaction required. A functional proof-of-concept exists demonstrating command execution via img onerror handlers, and this vulnerability is actively tracked in GitHub's advisory database (GHSA-mvpm-v6q4-m2pf), making it a critical supply-chain risk to the SiYuan user community.

Command Injection Apple Microsoft +6
NVD GitHub VulDB
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

SiYuan's Bazaar (community package marketplace) fails to sanitize HTML in package README files during rendering, allowing stored XSS that escalates to remote code execution due to unsafe Electron configuration. An attacker can submit a malicious package with embedded JavaScript in the README that executes with full Node.js access when any user views the package details in the Bazaar. This affects SiYuan versions 3.5.9 and earlier across Windows, macOS, and Linux, with a CVSS score of 9.6 and multiple real-world exploitation vectors including data theft, reverse shells, and persistent backdoors.

Apple Microsoft XSS +6
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

The Post SMTP WordPress plugin for versions up to 3.8.0 contains an authorization bypass vulnerability in the Office 365 OAuth redirect handler that allows authenticated subscribers and above to overwrite sensitive SMTP configuration without proper capability checks or nonce validation. An attacker with subscriber-level access can craft a malicious URL to inject attacker-controlled Azure app credentials into the site's Microsoft 365 configuration, potentially causing administrators to unknowingly connect to the attacker's account during Pro wizard setup. This vulnerability has a CVSS score of 5.3 and is classified as CWE-862 (Missing Authorization), with active evidence of the vulnerable code path present in the plugin repository.

WordPress Microsoft Authentication Bypass
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

OpenClaw versions prior to 2026.2.21 contain an approval-integrity mismatch vulnerability in the system.run function that allows authenticated operators to execute arbitrary commands on Windows systems by appending malicious arguments after cmd.exe /c while the approval audit log records only the benign command text. An authenticated attacker with operator privileges can exploit this to achieve local command execution on trusted Windows nodes with mismatched or incomplete audit trails, enabling information disclosure and lateral movement while evading detection.

Information Disclosure Microsoft Openclaw +1
NVD GitHub VulDB
EPSS 0%
Monitor

This vulnerability enables arbitrary SQL command execution in Microsoft Dynamics 365 Customer Engagement (on-premises) version 1612 through malicious Report Definition Language (RDL) files uploaded to SQL Server Reporting Services. An attacker with the 'Add Reporting Services Reports' privilege can upload a crafted RDL file containing raw SQL queries; if the file is already loaded and executable by the user, this privilege is not required. Upon report generation, arbitrary SQL commands execute in the underlying database, potentially allowing data exfiltration, linked server access, or operating system command execution depending on SQL Server service account permissions. A proof-of-concept has been documented in public repositories, indicating active research and potential exploitation risk.

Information Disclosure Microsoft
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

CVE-2026-3856 is a security vulnerability (CVSS 5.3) that allows an attacker. Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Microsoft IBM Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 8.6
HIGH PATCH This Week

A Server-Side Request Forgery (SSRF) vulnerability in AVideo's LiveLinks proxy endpoint allows unauthenticated attackers to access internal services and cloud metadata by exploiting missing validation on HTTP redirect targets. The vulnerability enables attackers to bypass initial URL validation through a malicious redirect, potentially exposing AWS/GCP/Azure instance metadata including IAM credentials. A detailed proof-of-concept is available and a patch has been released by the vendor.

PHP SSRF Google +3
NVD GitHub VulDB
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Netskope's Endpoint DLP Module for Windows is vulnerable to an integer overflow in its DLL Injector that can be triggered by a high-privileged local user to crash the system. When the Endpoint DLP module is enabled, successful exploitation results in a Blue Screen of Death and denial of service on the affected machine. No patch is currently available for this medium-severity vulnerability.

Buffer Overflow Microsoft Endpoint Dlp Module For Netskope Client +1
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems.

Buffer Overflow Microsoft Endpoint Dlp Module For Netskope Client +1
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

An unauthenticated Server-Side Request Forgery (SSRF) and Local File Read vulnerability exists in the Admidio SSO metadata fetch endpoint, which accepts arbitrary URLs via GET parameter and passes them directly to file_get_contents() after validating only with PHP's FILTER_VALIDATE_URL-a format checker that does not block dangerous URI schemes. An authenticated administrator can exploit this to read arbitrary local files (including database credentials from config.php), probe internal network services, or fetch cloud instance metadata (such as AWS IAM credentials from 169.254.169.254). A proof-of-concept demonstrating all attack vectors has been published; CVSS 6.8 reflects high confidentiality impact but is mitigated by the requirement for administrator privileges.

CSRF Elastic PHP +3
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

The DefaultController->actionLoadContainerData() endpoint in the Microsoft plugin permits unauthenticated attackers possessing a valid CSRF token to enumerate accessible storage buckets and extract sensitive data from Azure error messages. This authorization bypass affects users running unpatched versions prior to 2.1.1, exposing cloud storage infrastructure details and potentially sensitive system information through verbose error responses.

Information Disclosure Authentication Bypass Microsoft +1
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security (On-Prem) on Windows allows Stored XSS.This issue affects Web Security through 8.5.6.

XSS Microsoft
NVD VulDB
EPSS 0% CVSS 8.4
HIGH PATCH This Week

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME allows local attackers to execute arbitrary code with administrative privileges through DLL side-loading. The vulnerability affects versions up to 2.0.5 and occurs because the application loads DLLs using Windows' default search order without verifying integrity or signatures, allowing malicious DLLs placed in writable directories to be loaded when the application runs. No active exploitation has been reported (not in KEV), no public POC is available, and EPSS data is not yet available for this CVE.

RCE Microsoft
NVD VulDB
EPSS 0% CVSS 8.5
HIGH POC This Week

Serviio PRO 1.8 and earlier versions contain an unquoted service path vulnerability combined with insecure directory permissions that allows local authenticated users to escalate privileges to SYSTEM level. A public exploit is available, making this vulnerability easily exploitable by any authenticated user on the system. With a CVSS score of 7.8 and multiple proof-of-concept exploits published, this represents a significant risk for organizations running affected versions.

Privilege Escalation RCE Microsoft
NVD Exploit-DB
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) for Android contains a spoofing vulnerability that allows attackers to manipulate the presentation of content or identity through a network-based attack requiring user interaction. The vulnerability affects Microsoft Edge on Android devices and has a CVSS score of 5.0, indicating moderate severity with low impact on confidentiality, integrity, and availability. While the CVSS vector indicates User Interaction is Required and Attack Complexity is High, the vulnerability is not currently listed as actively exploited in known vulnerability databases, though the Reliability Rating of Confirmed suggests vendor verification.

Microsoft Google Authentication Bypass
NVD VulDB
EPSS 0% CVSS 7.6
HIGH This Week

LibreChat versions 0.8.2 through 0.8.2-rc3 contain an authentication bypass vulnerability in the Model Context Protocol (MCP) OAuth callback endpoint that allows attackers to steal OAuth tokens by tricking victims into completing an OAuth flow, resulting in account takeover of the victim's MCP-linked services like Atlassian and Outlook. No active exploitation is known (not in KEV), no POC is publicly available, and EPSS data is not yet available for this newly disclosed vulnerability.

Atlassian Authentication Bypass Microsoft +2
NVD GitHub VulDB
EPSS 0% 4.8 CVSS 6.5
MEDIUM POC PATCH This Month

OpenSSL and Microsoft products using the 'DEFAULT' keyword in TLS 1.3 key exchange group configurations may negotiate weaker cryptographic groups than intended, allowing network-based attackers to potentially downgrade the security of encrypted connections without authentication or user interaction. This affects servers that combine default group lists with custom configurations, particularly impacting hybrid post-quantum key exchange implementations where clients defer group selection. A patch is available to remediate this high-severity confidentiality risk.

OpenSSL Information Disclosure Microsoft
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

A remote code execution vulnerability (CVSS 6.9) that allows denial of service. Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Microsoft Denial Of Service SSH
NVD VulDB GitHub
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself.

SSH Information Disclosure Microsoft +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Local privilege escalation in Veeam Backup & Replication on Windows enables authenticated users to gain system-level access without user interaction. An attacker with local account credentials can exploit this vulnerability to achieve complete control over the backup infrastructure, including reading, modifying, or deleting backups. No patch is currently available for this high-severity issue affecting backup administrators and organizations relying on Veeam for data protection.

Privilege Escalation Microsoft
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Local privilege escalation in Himmelblau prior to versions 3.1.0 and 2.3.8 allows authenticated local users to exploit insecure Kerberos cache file handling in the root-running himmelblaud-tasks daemon through symlink attacks. The vulnerability stems from the removal of PrivateTmp protections, exposing /tmp operations to symlink-based file overwrite and ownership manipulation attacks. An attacker with local access can leverage this flaw to achieve arbitrary file modification and full system compromise.

Privilege Escalation Microsoft Himmelblau +1
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. [CVSS 6.2 MEDIUM]

Buffer Overflow Memory Corruption Microsoft
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. [CVSS 6.2 MEDIUM]

Buffer Overflow Denial Of Service Memory Corruption +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 4.8
MEDIUM This Month

Supabase Auth allows remote attackers to hijack user sessions by crafting fraudulent ID tokens when Apple or Azure OAuth providers are configured, enabling unauthorized access to victim accounts without requiring user interaction. An attacker can forge a valid JWT token for any target email address and exchange it at the token endpoint to obtain legitimate session credentials, effectively impersonating arbitrary users. This affects organizations using Supabase with Apple or Azure authentication enabled, with no patch currently available to remediate the vulnerability.

Microsoft Authentication Bypass Apple
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

In Microsoft DirectX End-User Runtime Web Installer 9.29.1974.0, a low-privilege user can replace an executable file during the installation process, which may result in unintended elevation of privileges. [CVSS 8.8 HIGH]

Microsoft Privilege Escalation
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL Act Now

File path control in Zoom Workplace for Windows Mail feature before 6.6.0.

Privilege Escalation Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Zoom Client for Windows contains a privilege escalation vulnerability that allows authenticated local users to gain elevated system privileges through improper access controls. An attacker with valid credentials can exploit this weakness to execute arbitrary code or access sensitive system resources without administrative approval. No patch is currently available for this issue.

Privilege Escalation Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH This Week

Improper Input Validation in Zoom Room versions up to 6.6.5 is affected by improper input validation (CVSS 7.0).

Privilege Escalation Microsoft
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Zoom's Windows client fails to properly validate minimum version requirements during updates, enabling authenticated local users to escalate their privileges on affected systems. An attacker with local access and valid credentials could exploit this validation bypass to gain elevated permissions. No patch is currently available for this vulnerability.

Privilege Escalation Microsoft
NVD VulDB
EPSS 0% CVSS 7.4
HIGH This Week

Git for Windows versions prior to 2.53.0(2) leak NTLM credential hashes when users clone from malicious servers, enabling password cracking attacks. The vulnerability requires user interaction (cloning from attacker-controlled repository) but needs no authentication from the attacker. EPSS score of 0.03% suggests low probability of mass exploitation, and no evidence of active exploitation or public POC exists at time of analysis. However, the simplicity of the attack (social engineering a git clone operation) and the high confidentiality impact (user credential theft) make this a priority for Windows-based development environments.

Microsoft Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Authenticator contains an information disclosure vulnerability that allows local attackers to access sensitive data without requiring elevated privileges or user interaction beyond standard operation. The vulnerability stems from improper categorization of security controls, enabling unauthorized disclosure of confidential information on affected systems. No patch is currently available for this issue.

Microsoft Information Disclosure Authenticator
NVD VulDB
EPSS 0% CVSS 5.8
MEDIUM This Month

Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33.

Microsoft Privilege Escalation
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Local privilege escalation in Azure Entra ID SSH Login Extension for Linux stems from improper initialization of trusted variables, enabling unauthenticated attackers on affected systems to gain elevated privileges. This high-severity vulnerability (CVSS 8.1) requires local access but can compromise system confidentiality, integrity, and availability across trust boundaries. No patch is currently available.

Authentication Bypass Microsoft Azure Ad Ssh Login Extension For Linux
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Information disclosure in Microsoft 365 Apps Excel allows unauthenticated remote attackers to extract sensitive data through stored cross-site scripting attacks in generated web content. The vulnerability requires no user interaction and affects all Excel users who process untrusted documents. No patch is currently available, leaving users dependent on mitigation strategies until Microsoft releases a fix.

Microsoft XSS 365 Apps
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Authentication Bypass Microsoft Azure Automation Hybrid Worker Windows Extension
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Microsoft Office is vulnerable to an integer overflow that allows authenticated local users to escalate their privileges and gain full system control. An attacker with valid credentials can exploit this numeric calculation flaw to execute arbitrary code with elevated permissions. No patch is currently available for this vulnerability.

Microsoft Integer Overflow Buffer Overflow
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Microsoft Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows SMB Server's authentication mechanism can be bypassed by local authenticated users to gain elevated privileges on affected systems. This high-severity vulnerability (CVSS 7.8) impacts confidentiality, integrity, and availability, though no patch is currently available. Organizations should implement compensating controls and monitor for exploitation attempts targeting this authentication weakness.

Microsoft Authentication Bypass
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Azure IoT Explorer is vulnerable to server-side request forgery that enables unauthenticated network-based attackers to perform spoofing attacks and access sensitive information. The vulnerability requires no user interaction and can be exploited remotely with low attack complexity, affecting the confidentiality of exposed data. No patch is currently available.

SSRF Microsoft Azure Iot Explorer
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Authenticated users can exploit a server-side request forgery vulnerability in Azure MCP Server to escalate their privileges across the network, potentially gaining unauthorized access to sensitive resources. The vulnerability affects Microsoft Azure environments and requires only low attack complexity with no user interaction, making it a significant risk for organizations using this service. No patch is currently available, leaving affected systems exposed to exploitation.

SSRF Microsoft Azure Mcp Server
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Microsoft Azure Connected Machine Agent on Windows allows local authenticated users to bypass authentication mechanisms and gain elevated system privileges. An attacker with existing local access can exploit alternate authentication paths to escalate their permissions without user interaction. No patch is currently available for this vulnerability affecting Arc Enabled Servers.

Authentication Bypass Microsoft Arc Enabled Servers Azure Connected Machine Agent +1
NVD VulDB
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Microsoft SharePoint Server through unsafe deserialization of untrusted data allows authenticated attackers to execute arbitrary code with high privileges over the network. The vulnerability requires valid user credentials but no user interaction, making it exploitable by any authorized account. No patch is currently available, leaving affected systems vulnerable until Microsoft releases a fix.

Microsoft Deserialization Sharepoint Server
NVD VulDB
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Unsafe pointer dereference in Microsoft Office, SharePoint Server, and 365 Apps enables local code execution with high privileges on affected systems. An attacker with local access can exploit this memory safety flaw to achieve complete system compromise including data theft and modification. No patch is currently available, leaving users vulnerable until Microsoft releases a security update.

Microsoft Authentication Bypass Sharepoint Server +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Microsoft Excel and Office products are vulnerable to local code execution through unsafe pointer dereferencing, requiring user interaction to trigger. An attacker with local access can exploit this flaw to achieve arbitrary code execution with full system privileges. No patch is currently available, leaving users of affected Office versions at risk.

Microsoft Authentication Bypass Office Online Server +4
NVD VulDB
EPSS 0% CVSS 8.0
HIGH POC PATCH This Week

Remote code execution in Windows RRAS across Server 2016, 2022, and 2025 via an integer overflow vulnerability allows authenticated attackers to execute arbitrary code over the network with high privileges. Public exploit code exists for this vulnerability, and no patch is currently available. Authenticated users with network access can trigger the vulnerability through a simple interaction to gain complete system compromise.

Buffer Overflow Heap Overflow Microsoft +6
NVD VulDB GitHub
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Local code execution in Microsoft Office and 365 Apps stems from a type confusion vulnerability in memory handling that allows unauthenticated attackers to execute arbitrary code with system privileges. The vulnerability affects Office Long Term Servicing Channel deployments and requires only local access with no user interaction to trigger. No patch is currently available, making this a critical risk for organizations running affected Office versions.

Microsoft Authentication Bypass Memory Corruption
NVD VulDB
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Arbitrary code execution in Microsoft Office Excel and related products (Office Online Server, 365 Apps) via out-of-bounds memory read allows local attackers to achieve complete system compromise without requiring user interaction or elevated privileges. This high-severity vulnerability affects multiple Microsoft Office components and currently lacks a security patch. An attacker with local access can exploit memory corruption to execute malicious code with full system permissions.

Microsoft Information Disclosure Buffer Overflow +5
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap buffer overflow in Microsoft Office Excel enables local code execution with high integrity and confidentiality impact affecting Office, Office Online Server, and 365 Apps. An attacker with user interaction can achieve arbitrary code execution in the context of the affected application. No patch is currently available for this vulnerability.

Microsoft Buffer Overflow Heap Overflow +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Microsoft Use After Free Denial Of Service +6
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Microsoft SharePoint Server allows authenticated users to bypass input validation and execute arbitrary code across the network. This high-severity vulnerability (CVSS 8.8) affects authorized attackers who can leverage improper validation controls to achieve full system compromise. No patch is currently available, making immediate mitigation and access controls critical for affected organizations.

Microsoft Information Disclosure Sharepoint Server
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Microsoft SharePoint Server contains a reflected cross-site scripting vulnerability that allows remote attackers to execute arbitrary scripts in users' browsers through malicious links, enabling spoofing attacks and credential theft. The vulnerability requires user interaction to trigger and affects all SharePoint deployments with no available patch. With a CVSS score of 8.1, this poses a significant risk to organizations relying on SharePoint for collaboration.

Microsoft XSS Sharepoint Server
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Authentication Bypass Microsoft Windows Server 2022 23h2 +14
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows DWM Core Library affects Windows 10 versions 21H2 and 1809 through a use-after-free memory corruption vulnerability that allows authenticated local attackers to gain system-level privileges. The vulnerability requires local access and valid user credentials but no user interaction, creating a significant risk for multi-user systems. No patch is currently available.

Use After Free Microsoft Denial Of Service +7
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Windows Telephony Service through heap buffer overflow affects Windows 10 1607, Windows 11 25h2, and Windows Server 2012, allowing adjacent network attackers to gain elevated system access without authentication. The vulnerability has a high CVSS score of 8.8 but currently lacks a patch, creating significant risk for exposed systems. Exploitation requires network proximity but no user interaction.

Buffer Overflow Heap Overflow Microsoft +15
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Unauthorized disclosure of sensitive information in Windows Accessibility Infrastructure (ATBroker.exe) affects Windows Server 2019, 2025, Windows 10 22h2, and Windows 11 25h2, allowing local authenticated attackers to read confidential data. The vulnerability requires user privileges and local access but poses no risk to system integrity or availability. No patch is currently available for this issue.

Information Disclosure Microsoft Windows Server 2019 +14
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Windows Shell Link Processing leaks sensitive information over the network in Windows Server 2012, 2019, and 2022, enabling remote spoofing attacks without authentication or user interaction. An unauthenticated attacker can exploit this information disclosure to conduct spoofing attacks against affected systems. No patch is currently available.

Information Disclosure Microsoft Windows Server 2022 23h2 +14
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Information disclosure in Windows GDI+ affects Windows 11 (24h2, 25h2) and Windows Server 2012/2016, allowing unauthenticated attackers to read sensitive data remotely through an out-of-bounds memory access vulnerability. The flaw requires no user interaction and can be exploited over the network to compromise confidentiality without modifying system data or availability. No patch is currently available for this high-severity vulnerability.

Information Disclosure Buffer Overflow Microsoft +15
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Microsoft Graphics Component contains an out-of-bounds read vulnerability affecting Windows 10 1607, Windows Server 2019, and 2022, enabling local attackers to read sensitive information from memory. The vulnerability requires user interaction and local access, posing a confidentiality risk without offering a currently available patch. Attack complexity is low, making it a practical concern for systems running affected Office and Windows versions.

Microsoft Information Disclosure Buffer Overflow
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock in Windows Server 2025, 2022, and Windows 10 1809 contains insufficient input validation that allows authenticated local users to escalate privileges. An attacker with local access and valid credentials can exploit this vulnerability to gain elevated system permissions, though no patch is currently available. This HIGH severity vulnerability affects multiple Windows Server and client versions with no active exploit mitigation path.

Information Disclosure Microsoft Windows Server 2025 +14
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock (AFD) in Windows 11 versions 24h2 and 26h1 contains a use-after-free vulnerability (CWE-416) that allows authenticated local attackers to escalate privileges through memory corruption. An attacker with local access could exploit this flaw to gain elevated system permissions, though no official patch is currently available.

Use After Free Microsoft Denial Of Service +16
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Windows Active Directory Domain Services (AD DS) across Windows 11, Windows 10, and Windows Server platforms allows authenticated network attackers to gain elevated privileges by exploiting improper validation of resource naming restrictions. An attacker with valid domain credentials can leverage this vulnerability to escalate their access level without user interaction. Currently, no patch is available, leaving all affected Windows versions vulnerable.

Information Disclosure Windows 11 23h2 Windows 11 26h1 +13
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock in Windows 10 (all versions) and Windows 11 contains an access control weakness that enables authenticated local attackers to escalate privileges to system level. An attacker with standard user credentials can exploit this flaw to gain elevated rights on affected systems. No patch is currently available for this vulnerability.

Authentication Bypass Microsoft Windows 10 22h2 +14
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Information Disclosure Buffer Overflow Microsoft +11
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Extensible File Allocation (exFAT) contains an out-of-bounds read vulnerability affecting Windows Server 2022, Windows 10 1607, and Windows 11 versions 23h2/25h2, enabling authenticated local users to escalate privileges with high impact on confidentiality, integrity, and availability. The vulnerability requires local access and user-level privileges to exploit, with no patch currently available. This flaw carries a CVSS score of 7.8 and affects multiple supported Windows versions across server and client platforms.

Information Disclosure Buffer Overflow Microsoft +15
NVD VulDB
EPSS 0% CVSS 8.0
HIGH POC PATCH This Week

Remote code execution in Windows RRAS affects Windows 10 1607 and Windows Server 2022 23h2 through an integer overflow vulnerability exploitable by authenticated network attackers. Public exploit code exists for this vulnerability, enabling authenticated users to execute arbitrary code with high integrity and confidentiality impact. No patch is currently available, making this a critical exposure for affected Windows environments.

Microsoft Buffer Overflow Heap Overflow +15
NVD VulDB GitHub
EPSS 0% CVSS 8.0
HIGH POC PATCH This Week

Remote code execution in Windows Routing and Remote Access Service (RRAS) across Windows Server 2012, 2022, and 2022 23h2 stems from an integer overflow vulnerability that authenticated network attackers can exploit with user interaction. Public exploit code exists for this vulnerability, enabling attackers to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available.

Microsoft Buffer Overflow Heap Overflow +7
NVD VulDB GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Privilege escalation in Windows Authentication Methods (Windows 10 22H2, Windows 11 26H1) stems from a use-after-free memory vulnerability that allows authenticated local attackers to gain elevated system privileges. The flaw requires low user privileges and manual interaction but provides complete system compromise through code execution. No patch is currently available for this high-severity vulnerability.

Use After Free Microsoft Denial Of Service +16
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Microsoft Denial Of Service +9
NVD VulDB
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A division by zero flaw in the Microsoft Graphics Component on Windows 10 and Windows 11 systems enables local attackers to trigger a denial of service condition without requiring special privileges or user interaction. The vulnerability affects multiple Windows versions including Windows 10 1607, 22h2 and Windows 11 25h2, 26h1, with no patch currently available.

Microsoft Authentication Bypass Windows 10 1607 +13
NVD VulDB
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Microsoft Graphics Component on Windows 10 21H2, Windows Server 2016, and Windows 11 25H2 is vulnerable to a null pointer dereference that enables local denial of service attacks. An attacker with local access can trigger the vulnerability without requiring elevated privileges or user interaction to crash the graphics component and render the system unavailable. No patch is currently available for this medium-severity vulnerability.

Microsoft Null Pointer Dereference Denial Of Service +14
NVD VulDB
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Privilege escalation in Microsoft's Brokering File System on Windows 11 (24h2 and 25h2) stems from a use-after-free vulnerability that allows local attackers to gain elevated system privileges. An attacker with local access can exploit memory corruption to execute arbitrary code with higher privileges, potentially compromising system integrity. No patch is currently available for this vulnerability.

Microsoft Use After Free Denial Of Service +5
NVD VulDB
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Local code execution in Windows System Image Manager (Windows 11 23h2, Windows Server 2019/2022) through unsafe deserialization of untrusted data. An authenticated local attacker can exploit this vulnerability to execute arbitrary code with elevated privileges. No patch is currently available.

Deserialization Microsoft Windows 11 23h2 +12
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Performance Counters via null pointer dereference affects Windows Server 2019 and Windows 11 systems, enabling authenticated local attackers to gain elevated privileges. The vulnerability impacts systems where users have standard account access, allowing them to escalate to higher privilege levels on affected machines. No patch is currently available.

Null Pointer Dereference Microsoft Denial Of Service +15
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Windows Kerberos authentication in Server 2012 and Windows 10 (versions 1607, 1809) contains a race condition that enables unauthenticated remote attackers to circumvent security feature protections. The synchronization flaw in concurrent resource access allows attackers to bypass intended security controls without user interaction over the network. No patch is currently available for this vulnerability.

Race Condition Microsoft Authentication Bypass +8
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Privilege escalation in Windows Device Association Service (Windows 10 versions 1607, 1809, and 21H2) stems from improper synchronization of shared resources, enabling local authenticated users to gain elevated system privileges. The vulnerability requires high attack complexity and no user interaction, making it exploitable by insiders or compromised local accounts. No patch is currently available.

Race Condition Microsoft Information Disclosure +15
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Privilege escalation in Windows Device Association Service across Windows 10, 11, and Server 2022 stems from improper synchronization of shared resources, enabling local authenticated users to gain elevated system privileges. The vulnerability requires local access and specific timing conditions but poses high risk due to its impact on confidentiality, integrity, and availability. No patch is currently available.

Race Condition Microsoft Information Disclosure +14
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows SMB Server authentication bypass across multiple versions (Windows 10 1607, Windows 11 23h2, Windows Server 2012/2025) permits authenticated local users to escalate privileges with high impact to confidentiality, integrity, and availability. The vulnerability stems from improper authentication validation in the SMB service, allowing a local attacker to gain system-level access without user interaction. No patch is currently available, leaving affected systems vulnerable to privilege escalation attacks from any authenticated user.

Microsoft Authentication Bypass Windows 10 1607 +13
NVD VulDB GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Ancillary Function Driver for WinSock affects Windows 11 24H2, Windows Server 2022, and Windows Server 2025, allowing authenticated local attackers to gain system-level access through null pointer dereference. The vulnerability requires valid user credentials and local access but no user interaction to exploit. No patch is currently available.

Null Pointer Dereference Microsoft Denial Of Service +9
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Connected Devices Platform Service (Cdpsvc) exploits a use-after-free memory vulnerability, affecting Windows 10 22h2 and Windows 11 (25h2, 26h1). An authenticated local attacker can leverage this flaw to gain system-level privileges on vulnerable systems. No patch is currently available for this high-severity vulnerability.

Use After Free Denial Of Service Memory Corruption +12
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Accessibility Infrastructure (ATBroker.exe) across Windows 10, Windows 11, and Windows Server 2022 stems from improper permission assignments on a critical resource. A local authenticated attacker can exploit this misconfiguration to gain elevated privileges without user interaction. No patch is currently available for this vulnerability.

Information Disclosure Microsoft Windows Server 2022 +14
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Projected File System in Windows 11 and Server 2022 contains improper access control that enables authenticated local users to escalate privileges to system level. An attacker with valid credentials can exploit this vulnerability to gain elevated permissions without user interaction. Currently, no patch is available to address this issue.

Microsoft Authentication Bypass Windows 11 24h2 +11
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Microsoft Denial Of Service +15
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Arbitrary code execution in Windows 10 (versions 21H2 and 22H2) via heap buffer overflow in Mobile Broadband functionality requires physical access to a target device. An attacker with direct hardware access can trigger memory corruption to achieve kernel-level code execution with full system privileges. No patch is currently available for this vulnerability.

Buffer Overflow Heap Overflow Microsoft +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel path traversal vulnerability in Server 2025, Server 2022, Windows 11 24h2, and Windows 10 22h2 enables authenticated local attackers to achieve full system compromise through privilege escalation. The flaw allows an authorized user to manipulate file name or path parameters, bypassing access controls and gaining kernel-level privileges. No patch is currently available.

Information Disclosure Microsoft Windows Server 2025 +11
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]

Use After Free Microsoft Denial Of Service +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation in Windows 11 (24h2, 26h1) and Windows Server 2022 (23h2) via heap overflow allows authenticated local users to gain system-level access. The vulnerability requires valid credentials but no user interaction, making it a direct path to complete system compromise. No patch is currently available.

Buffer Overflow Heap Overflow Microsoft +6
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Push Message Routing Service contains an out-of-bounds read vulnerability that enables authenticated local users to access sensitive information on affected systems running Windows 10 and Windows 11. The vulnerability requires valid credentials to exploit and poses a confidentiality risk, though no patch is currently available. This affects multiple Windows versions including 21H2, 22H2, and 23H2 releases.

Buffer Overflow Information Disclosure Windows 10 21h2 +8
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Windows MapUrlToZone security bypass in Windows 11 24H2, Windows 10 21H2, and Windows Server 2016/2025 allows unauthenticated remote attackers to circumvent zone-based security restrictions through improper path equivalence resolution. An attacker can exploit this network-accessible vulnerability without user interaction to bypass intended access controls. No patch is currently available for this high-severity vulnerability.

Microsoft Authentication Bypass Windows 11 24h2 +14
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows ReFS contains an out-of-bounds read vulnerability affecting Server 2019, 2022, 2025, and Windows 11 26h1 that enables authenticated local users to escalate privileges with high impact to confidentiality, integrity, and availability. The vulnerability requires low attack complexity and no user interaction, making it exploitable by any authenticated user on the system. No patch is currently available for this HIGH severity issue.

Information Disclosure Microsoft Buffer Overflow +15
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability [CVSS 7.8 HIGH]

Information Disclosure Buffer Overflow Microsoft +15
NVD VulDB
Prev Page 22 of 193 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy