Skip to main content

Windows

1584 CVEs product

Monthly

CVE-2026-30793 CRITICAL Act Now

Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.

CSRF Privilege Escalation Authentication Bypass Google Apple +4
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-30785 HIGH This Week

RustDesk Client through version 1.4.5 on Windows, macOS, and Linux uses weak password hashing and improper object prototype handling in its password security and configuration encryption modules, allowing local authenticated attackers to extract embedded sensitive data including passwords and machine identifiers. The vulnerability affects critical cryptographic functions including symmetric_crypt() and decrypt_str_or_original(), enabling attackers with local access and valid credentials to compromise encrypted credentials and system identifiers. No patch is currently available.

Information Disclosure Microsoft Apple Windows macOS
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-3598 HIGH This Week

RustDesk Server Pro through version 1.7.5 uses weak cryptographic algorithms in configuration string generation and web console export functions, enabling attackers to extract sensitive embedded data from exported configurations. This vulnerability affects Windows, macOS, and Linux deployments and requires no authentication or user interaction to exploit. No patch is currently available.

Information Disclosure Apple Microsoft Windows macOS
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-30791 HIGH This Week

RustDesk Client through version 1.4.5 uses a broken cryptographic algorithm that allows attackers to retrieve sensitive embedded data during config import, URI scheme handling, or CLI operations across Windows, macOS, Linux, iOS, Android, and web clients. An unauthenticated remote attacker can exploit this vulnerability without user interaction to extract sensitive configuration information. No patch is currently available for this high-severity vulnerability.

Microsoft Apple Google Information Disclosure Rustdesk +3
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-3000 CRITICAL PATCH Act Now

IDExpert Windows Logon Agent has a second RCE vulnerability through another unsigned code download path.

Windows RCE Idexpert
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-2999 CRITICAL PATCH Act Now

IDExpert Windows Logon Agent by Changing has an RCE vulnerability through download of code without integrity check, allowing malicious update injection.

Windows RCE Idexpert
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-28414 PyPI HIGH POC PATCH GHSA This Week

Gradio versions up to 6.7 contains a vulnerability that allows attackers to read arbitrary files from the file system (CVSS 7.5).

Windows Python Path Traversal AI / ML Gradio
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-3255 MEDIUM PATCH This Month

HTTP::Session2 before version 1.12 for Perl generates predictable session identifiers on Windows systems when /dev/urandom is unavailable, falling back to weak randomization using rand() combined with guessable values like PID and epoch time. An attacker could predict valid session IDs to hijack user sessions, as SHA-1 hashing of these weak inputs provides insufficient cryptographic protection. This affects Perl applications using HTTP::Session2 on Windows platforms where secure random sources are not accessible.

Windows
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1585 MEDIUM This Month

Unquoted service path handling in IJ Scan Utility versions 1.1.2 through 1.5.0 on Windows allows privileged local attackers to achieve arbitrary code execution by placing a malicious executable in a predictable directory location. An authenticated user with high privileges could exploit this weakness to execute commands with the same permissions as the vulnerable service. No patch is currently available for this issue.

Windows
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-22722 MEDIUM This Month

Null pointer dereference in Windows allows authenticated local users to cause a denial of service condition with potential system instability. An attacker with valid user credentials can trigger this memory safety issue to crash affected processes or degrade system availability. No patch is currently available for this vulnerability.

Windows Null Pointer Dereference
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-26986 HIGH POC PATCH This Week

FreeRDP is a free implementation of the Remote Desktop Protocol. [CVSS 7.5 HIGH]

Windows Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25954 HIGH POC PATCH This Week

FreeRDP is a free implementation of the Remote Desktop Protocol. [CVSS 7.5 HIGH]

Windows Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25952 CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_SetWindowMinMaxInfo before version 3.23.0. X11 client window management triggers memory corruption. PoC and patch available.

Windows Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2636 MEDIUM This Month

Local denial of service in Windows CLFS.sys driver allows unprivileged users to crash the system through improper handling of special elements. Affected versions include Windows 11 2024 LTSC and Windows Server 2025 prior to the September 2025 cumulative update, while Windows 25H2 and later contain the patch. No public exploit code is currently available, and the vulnerability carries a CVSS score of 5.5 with zero estimated probability of exploitation.

Microsoft Windows Denial Of Service
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-27615 HIGH POC This Week

Adb Explorer contains a vulnerability that allows attackers to set the binary's path to point to a remote network resource, hosted on an attack (CVSS 7.8).

Windows Adb Explorer
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25891 Go HIGH POC PATCH This Week

Fiber web framework versions 3.0.0 and earlier on Windows contain a path traversal vulnerability that allows remote attackers to bypass static file middleware protections and read arbitrary files from the server. Public exploit code exists for this vulnerability, which affects applications using the vulnerable Fiber versions. The issue has been patched in Fiber v3.1.0.

Windows Path Traversal Fiber Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-14963 HIGH This Week

A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. [CVSS 7.8 HIGH]

Windows Endpoint Security
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-10010 MEDIUM This Month

Cryptopro Secure Disk contains a vulnerability that allows attackers to execute arbitrary code in the context of the root user and enables an attacker t (CVSS 6.8).

Linux RCE Cryptopro Secure Disk Windows Linux Kernel
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-2664 HIGH This Week

Local privilege escalation via out-of-bounds memory read in Docker Desktop's grpcfuse kernel module (versions up to 4.61.0) on Linux, Windows, and macOS allows authenticated local attackers to achieve complete system compromise through manipulation of /proc/docker entries. The vulnerability requires local access and valid user credentials but enables reading and modifying arbitrary kernel memory with high impact on confidentiality, integrity, and availability. Docker Desktop 4.62.0 and later resolve this issue.

Linux Windows macOS Docker Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-40541 CRITICAL Act Now

IDOR vulnerability in SolarWinds Serv-U allows accessing objects belonging to other users. Fourth critical Serv-U vulnerability in this batch.

Windows Serv U
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-40540 CRITICAL Act Now

Second type confusion vulnerability in SolarWinds Serv-U. Different attack vector from CVE-2025-40539 but same impact — arbitrary code execution.

Windows Serv U
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-40539 CRITICAL Act Now

Type confusion vulnerability in SolarWinds Serv-U enables arbitrary code execution. Second critical Serv-U vulnerability.

Windows Serv U
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-40538 CRITICAL Act Now

Broken access control in SolarWinds Serv-U allows unauthorized user creation by exploiting privilege assignment flaws. First of four critical Serv-U vulnerabilities.

Windows Serv U
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2025-63946 HIGH POC This Week

A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. [CVSS 7.4 HIGH]

Windows Privilege Escalation Race Condition Pcmanager
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-63945 HIGH POC This Week

A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. [CVSS 7.4 HIGH]

Windows Privilege Escalation Race Condition Ioa
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-27199 PyPI MEDIUM PATCH This Month

Werkzeug versions 3.1.5 and below on Windows fail to properly filter reserved device names in the safe_join function when paths contain multiple segments, allowing attackers to craft requests that trigger indefinite hangs by targeting special device names like NUL. Remote attackers can exploit this denial-of-service vulnerability against applications using send_from_directory to serve user-specified files. A patch is available in version 3.1.6.

Windows Werkzeug Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-2490 MEDIUM This Month

RustDesk Client for Windows file transfer functionality allows local attackers with low-privileged code execution to read arbitrary files through symlink injection, potentially disclosing sensitive information with SYSTEM-level access. An attacker can exploit the Transfer File feature by uploading a specially crafted symbolic link to bypass access controls and access protected files on the target system. No patch is currently available for this vulnerability.

Windows Information Disclosure
NVD GitHub
CVSS 3.0
5.5
EPSS
0.0%
CVE-2026-27115 HIGH This Week

ADB Explorer through version 0.9.26020 fails to validate user-supplied directory paths, enabling local attackers to trigger recursive deletion of arbitrary filesystem directories including critical system and user folders. An attacker can exploit this by crafting a malicious shortcut or script that launches the application with a sensitive path argument, causing permanent data loss when the application processes the ClearDrag() function at startup or exit. Any user tricked into launching ADB Explorer via a weaponized shortcut or batch file faces complete loss of targeted directories such as Documents or user profile folders.

Path Traversal Microsoft Windows
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-26064 HIGH POC PATCH This Week

Remote code execution in Calibre 9.2.1 and earlier allows authenticated users to write arbitrary files via a path traversal flaw in the extract_pictures() function that fails to properly sanitize directory traversal sequences. On Windows systems, attackers can exploit this to write malicious payloads to the Startup folder, achieving code execution upon the next user login. Public exploit code exists for this vulnerability, and a patch is available in version 9.3.0.

Windows RCE Path Traversal Calibre Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-30416 CRITICAL Act Now

Missing authorization in Acronis Cyber Protect 16 allows sensitive data access. CVSS 10.0.

Linux Windows Cyber Protect
NVD
CVSS 3.0
10.0
EPSS
0.0%
CVE-2025-30412 CRITICAL Act Now

Second improper authentication in Acronis Cyber Protect 16. CVSS 10.0.

Linux Windows Cyber Protect
NVD
CVSS 3.0
10.0
EPSS
0.0%
CVE-2025-30411 CRITICAL Act Now

Improper authentication in Acronis Cyber Protect 16. CVSS 10.0.

Linux Windows Cyber Protect
NVD
CVSS 3.0
10.0
EPSS
0.0%
CVE-2025-30410 CRITICAL Act Now

Missing authentication in Acronis Cyber Protect Cloud Agent (Linux, Windows, macOS).

Linux Windows macOS
NVD
CVSS 3.0
9.8
EPSS
0.0%
CVE-2026-26959 HIGH This Week

Arbitrary code execution in ADB Explorer version 0.9.26020 and earlier on Windows allows local attackers to execute malicious binaries by manipulating the ManualAdbPath configuration setting without integrity validation. An attacker can exploit this through social engineering by distributing a crafted settings file that redirects the application to a malicious executable, gaining code execution with user privileges. The vulnerability requires user interaction to launch the application with a malicious configuration directory.

Windows RCE
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25766 Go MEDIUM POC PATCH This Month

Unauthenticated remote file read in Echo web framework versions 5.0.0-5.0.2 on Windows allows attackers to traverse outside the static root directory and access arbitrary files via backslash path sequences in requests. The vulnerability stems from improper path normalization where path.Clean() does not treat backslashes as separators, but the underlying os.Open() call on Windows does, enabling directory traversal. Public exploit code exists for this medium-severity vulnerability, though a patch is available in version 5.0.3.

Windows Golang Path Traversal Echo Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-25926 HIGH POC This Week

Notepad++ versions before 8.9.2 allow local code execution through an unsafe search path vulnerability that permits attackers to hijack the Windows Explorer executable if they control the process working directory. A user with local access running the affected application could be tricked into executing a malicious explorer.exe, leading to arbitrary code execution with application privileges. Public exploit code exists for this vulnerability and no patch is currently available.

Windows
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2019-25365 CRITICAL POC Act Now

Buffer overflow in ChaosPro 2.0 fractal generator via configuration file path handling allows code execution through crafted configuration files. PoC available.

Windows RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2019-25357 HIGH POC This Week

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). [CVSS 8.4 HIGH]

Windows Buffer Overflow Stack Overflow
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2019-25352 HIGH POC This Week

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. [CVSS 7.5 HIGH]

Windows Path Traversal
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-2464 Monitor

Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service.

Windows Path Traversal
NVD
EPSS
0.4%
CVE-2026-26119 HIGH PATCH This Week

Windows Admin Center's authentication mechanism can be bypassed by authenticated network users to gain elevated privileges on affected Windows systems. An attacker with valid credentials could exploit this weakness to escalate their access level without additional user interaction. A patch is available to remediate this high-severity vulnerability.

Windows Windows Admin Center Microsoft
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-33130 MEDIUM This Month

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack. [CVSS 6.5 MEDIUM]

IBM Linux Windows Denial Of Service Db2 Merge Backup
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-33124 MEDIUM This Month

Db2 Merge Backup versions up to 12.1.0.0 is affected by incorrect calculation of buffer size (CVSS 6.5).

IBM Linux Windows Denial Of Service Db2 Merge Backup
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-27904 MEDIUM PATCH This Month

Db2 Recovery Expert versions up to 5.5.0 is affected by cross-site request forgery (csrf) (CVSS 6.5).

IBM Linux Windows CSRF Db2 Recovery Expert
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-27903 MEDIUM This Month

Db2 Recovery Expert versions up to 5.5.0 is affected by cleartext transmission of sensitive information (CVSS 5.9).

IBM Linux Windows Db2 Recovery Expert
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-27901 MEDIUM This Month

Db2 Recovery Expert versions up to 5.5.0 contains a vulnerability that allows attackers to conduct various attacks against the vulnerable system, including cross-site scri (CVSS 6.5).

IBM Linux Windows XSS Db2 Recovery Expert
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-13108 MEDIUM This Month

Db2 Merge Backup versions up to 12.1.0.0 contains a vulnerability that allows attackers to access sensitive information in memory due to the buffer not properly clearing r (CVSS 5.5).

IBM Linux Windows Db2 Merge Backup
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-36425 MEDIUM This Month

Db2 versions up to 12.1.3 contains a vulnerability that allows attackers to an authenticated user to obtain sensitive information under specific HADR config (CVSS 5.3).

IBM Linux Windows Db2
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-36247 HIGH This Week

Db2 versions up to 12.1.3 is affected by improper restriction of xml external entity reference (CVSS 7.1).

IBM Linux Windows XXE Db2
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-14689 MEDIUM This Month

Db2 contains a vulnerability that allows attackers to an authenticated user to cause a denial of service due to improper neutralizatio (CVSS 6.5).

IBM Linux Windows Denial Of Service Db2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-13867 MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic

IBM Linux Windows Denial Of Service Db2
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2542 HIGH This Week

Total VPN 0.5.29.0 on Windows contains an unquoted search path vulnerability in win-service.exe that allows local attackers with low privileges to achieve code execution through path manipulation. The vulnerability requires high attack complexity and local access, but no patch is currently available from the vendor.

Windows
NVD GitHub VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-26334 HIGH This Week

Local privilege escalation in Calero VeraSMART versions before 2026 R1 stems from hardcoded AES encryption keys embedded in Veramark.Framework.dll that protect service account credentials stored in app.settings. An attacker with local system access can extract these static keys, decrypt the stored passwords, and use the recovered credentials to authenticate as the service account, potentially gaining elevated privileges depending on that account's permissions. No patch is currently available for this vulnerability.

Windows Privilege Escalation Verasmart
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-26208 HIGH This Week

ADB Explorer on Windows versions prior to Beta 0.9.26020 allows local attackers to achieve remote code execution by crafting a malicious App.txt settings file that exploits insecure JSON deserialization with enabled type name handling. An attacker can inject a gadget chain payload into the configuration file that executes arbitrary code when the application launches and processes settings. No patch is currently available for affected versions.

Windows RCE Deserialization
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2026-2026 MEDIUM This Month

Nessus Agent on Windows systems contains improper file permission controls that allow local authenticated users to trigger denial of service attacks against the agent process. The vulnerability requires local access with standard user privileges and could disrupt security monitoring capabilities on affected hosts. No patch is currently available for this issue.

Windows Denial Of Service Nessus Agent
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-0872 Monitor

Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.

Windows
NVD
EPSS
0.0%
CVE-2026-23856 HIGH This Week

Privilege escalation in Dell iDRAC Service Module (Windows versions before 6.0.3.1 and Linux versions before 5.4.1.1) stems from improper access controls that allow local users with low privileges to gain elevated system access. An attacker with local access can exploit this vulnerability to obtain administrative capabilities on affected systems. No patch is currently available for this issue affecting both Windows and Linux environments.

Linux Windows
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37181 CRITICAL POC Act Now

Stack overflow in Torrent FLV Converter 1.51 Build 117 via SEH overwrite. PoC available.

Windows Stack Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-0228 CERT-EU Monitor

An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so.

Paloalto Windows
NVD
EPSS
0.0%
CVE-2019-25308 HIGH POC This Week

Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific path locations. [CVSS 7.8 HIGH]

Windows Golang Mikogo
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25307 HIGH POC This Week

its Windows service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

Windows
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-1763 MEDIUM This Month

GE Vernova Enervista UR Setup version 8.6 and earlier on Windows contains a vulnerability allowing high-privileged local attackers to modify system integrity without user interaction. An attacker with administrative privileges could exploit this flaw to alter critical configuration or data, though no patch is currently available.

Windows
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-1762 LOW Monitor

A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions. [CVSS 2.9 LOW]

Windows
NVD
CVSS 3.1
2.9
EPSS
0.0%
CVE-2026-25992 Go HIGH POC This Week

Unauthenticated attackers can read sensitive configuration files from SiYuan knowledge management systems prior to version 3.5.5 by exploiting case-sensitivity bypass in file access controls on Windows and other case-insensitive filesystems. The /api/file/getFile endpoint fails to properly validate mixed-case path traversal attempts, allowing unauthorized access to protected data. Public exploit code exists for this vulnerability, and no patch is currently available.

Windows Siyuan
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21517 MEDIUM PATCH This Month

Windows App for Mac is susceptible to privilege escalation through improper symbolic link resolution, enabling authenticated local attackers to bypass access controls and gain elevated privileges. The vulnerability stems from insufficient validation during file operations and requires low-level user privileges and specific system conditions to exploit. No patch is currently available.

Windows Windows App Microsoft
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-21510 HIGH POC KEV PATCH THREAT Act Now

Windows Shell contains a protection mechanism failure (CVE-2026-21510, CVSS 8.8) that allows unauthenticated remote attackers to bypass security features over a network. KEV-listed, this vulnerability in the core Windows Shell component enables remote code execution by circumventing security boundaries designed to prevent execution of untrusted content received from the network.

Windows Windows 11 23h2 Windows Server 2016 Windows 10 21h2 Windows Server 2025 +10
NVD VulDB GitHub
CVSS 3.1
8.8
EPSS
3.8%
CVE-2026-21508 HIGH PATCH This Week

Windows Storage component contains an authentication bypass that enables authenticated local users to escalate privileges on Windows 10, Windows 11, and Windows Server 2016/2019 systems. An attacker with valid local credentials can exploit this vulnerability to gain elevated system access without user interaction. No patch is currently available for this HIGH severity issue affecting multiple Windows versions.

Windows Windows 10 1809 Windows Server 2016 Windows 11 24h2 Windows 10 1607 +10
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-21255 HIGH PATCH This Week

Windows Hyper-V fails to properly enforce access controls, enabling local authenticated users to circumvent security features and gain unauthorized system access. This high-severity flaw affects Windows 10, Windows 11, Windows Server 2022, and Hyper-V implementations, allowing privileged attackers to escalate privileges across system boundaries. No patch is currently available for this vulnerability.

Windows Hyper-V Windows 10 1607 Windows 11 25h2 Windows Server 2022 +10
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-21251 HIGH PATCH This Week

Privilege escalation in Windows Cluster Client Failover exploits a use-after-free memory vulnerability, enabling authenticated local users to gain elevated system privileges. The flaw affects Windows Server 2016, 2019, and 2025 installations where an attacker with existing local access can trigger the vulnerability through the failover clustering component. No patch is currently available for this high-severity vulnerability.

Windows Use After Free Windows Server 2019 Windows Server 2025 Windows Server 2016 +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21250 HIGH POC PATCH This Week

Windows HTTP.sys contains an unsafe pointer dereference vulnerability that enables authenticated local attackers to escalate privileges on affected systems including Windows 11, Windows Server 2025, and related versions. An attacker with local user access can exploit this flaw to gain system-level privileges with high confidence in successful exploitation. No patch is currently available for this vulnerability.

Windows Windows Server 2025 Windows 11 24h2 Windows Server 2022 23h2 Windows 11 25h2 +1
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21249 LOW PATCH Monitor

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally. [CVSS 3.3 LOW]

Windows Microsoft
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-21248 HIGH POC PATCH This Week

Heap overflow in Windows Hyper-V enables authenticated local users to achieve arbitrary code execution with high privileges on affected Windows and Windows Server systems. An attacker with local access and user-level permissions can trigger memory corruption through user interaction to compromise system integrity and confidentiality. This vulnerability affects Windows 10 1809, Windows Server 2025, and related Hyper-V implementations with no patch currently available.

Windows Hyper-V Buffer Overflow Heap Overflow Windows Server 2025 +12
NVD Exploit-DB VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-21247 HIGH PATCH This Week

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. [CVSS 7.3 HIGH]

Windows Hyper-V Windows 11 24h2 Windows 10 22h2 Windows Server 2022 +10
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-21245 HIGH PATCH This Week

Windows Kernel heap overflow in Windows 11 25h2 and Windows Server 2025 enables authenticated local attackers to achieve privilege escalation with high impact on confidentiality, integrity, and availability. The vulnerability requires local access and user privileges but no user interaction, making it a practical attack vector for lateral movement within systems. No patch is currently available, leaving affected systems exposed until remediation is released.

Linux Windows Buffer Overflow Heap Overflow Windows 11 25h2 +3
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21244 HIGH POC PATCH This Week

Heap overflow in Windows Hyper-V enables authenticated local users to achieve arbitrary code execution with high privileges (CVSS 7.3). Exploitation requires user interaction and local system access, affecting Windows 10 1809 and Windows Server 2025. No patch is currently available.

Windows Hyper-V Buffer Overflow Heap Overflow Windows 10 1809 +12
NVD Exploit-DB VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-21243 HIGH PATCH This Week

Windows LDAP service in Server 2022 and 2022 23H2 is vulnerable to denial of service through a null pointer dereference that can be triggered remotely without authentication. An attacker can exploit this flaw over the network to crash the LDAP service and disrupt directory access functionality. No patch is currently available for this vulnerability.

Windows LDAP Null Pointer Dereference Windows Server 2022 Windows Server 2022 23h2 +3
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21242 HIGH PATCH This Week

Windows Subsystem for Linux contains a use-after-free vulnerability that enables local privilege escalation for authenticated users. An attacker with valid local access could exploit this memory safety flaw to gain elevated system privileges on affected Windows Server 2022 systems.

Linux Windows Use After Free Windows Server 2022 Windows Server 2022 23h2 +7
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-21241 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock in Windows 11 23h2 and Windows Server 2022 23h2 contains a use-after-free vulnerability that allows authenticated local users to achieve privilege escalation. An attacker with local access and valid credentials can trigger the memory safety flaw to gain elevated system privileges. No patch is currently available for this HIGH severity vulnerability.

Windows Use After Free Windows Server 2022 23h2 Windows 11 23h2 Windows Server 2022 +4
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-21240 HIGH PATCH This Week

Windows HTTP.sys contains a race condition between privilege checks and resource access that enables local authenticated users to escalate privileges on Windows 10 21H2, Windows 11 23H2, and Windows Server 2025. An attacker with valid credentials can exploit this timing vulnerability to gain system-level access. No patch is currently available for this vulnerability.

Windows Race Condition Windows 10 21h2 Windows 11 23h2 Windows Server 2025 +8
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21239 HIGH PATCH This Week

Privilege escalation via heap buffer overflow in Windows Kernel (Windows 10 21H2, Windows Server 2016) allows authenticated local users to gain elevated system privileges. The vulnerability requires local access and user-level permissions, making it exploitable by authorized account holders to bypass security boundaries. No patch is currently available for this issue.

Linux Windows Buffer Overflow Heap Overflow Windows 10 21h2 +13
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21238 HIGH PATCH This Week

Privilege escalation in the Windows Ancillary Function Driver for WinSock affects Windows 11 and Windows Server 2022/2019, allowing authenticated local users to gain elevated system privileges. The vulnerability stems from improper access control mechanisms and currently lacks a patch. An authenticated attacker with local access can exploit this to achieve full system compromise.

Windows Windows 11 23h2 Windows Server 2022 23h2 Windows 11 25h2 Windows Server 2019 +10
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21237 HIGH PATCH This Week

Local privilege escalation in Windows Subsystem for Linux affects Windows 11 23h2 and Windows 10 22h2 through a race condition in shared resource synchronization. An authenticated local attacker can exploit this vulnerability to gain elevated privileges on the system. No patch is currently available for this vulnerability.

Linux Windows Race Condition Windows 11 23h2 Windows 10 22h2 +7
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-21236 HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock contains a heap buffer overflow vulnerability that enables authenticated local users to achieve privilege escalation on affected Windows 10 and Server 2012 systems. An attacker with valid user credentials can exploit this memory corruption flaw to execute arbitrary code with elevated privileges. No patch is currently available for this vulnerability.

Windows Buffer Overflow Heap Overflow Windows 10 1607 Windows 10 21h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21234 HIGH PATCH This Week

Local privilege escalation in Windows Connected Devices Platform Service exploits a race condition in resource synchronization, allowing authenticated attackers to gain elevated privileges on affected Windows systems including Server 2022, Windows 11 25h2, and Windows 10 21h2. The vulnerability requires local access and user interaction is not needed, making it a practical attack vector for users with standard privileges. No patch is currently available.

Windows Race Condition Windows Server 2022 Windows 11 25h2 Windows 10 21h2 +8
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-21232 HIGH PATCH This Week

Windows HTTP.sys contains an untrusted pointer dereference vulnerability that enables authenticated local users to escalate privileges on Windows 11 and Windows Server 2022/2025 systems. An attacker with valid credentials can exploit this flaw to gain elevated access without user interaction. No patch is currently available for this HIGH severity issue affecting multiple Windows versions.

Windows Windows 11 25h2 Windows Server 2022 23h2 Windows 11 24h2 Windows Server 2025 +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21231 HIGH PATCH This Week

Windows Kernel privilege escalation vulnerability in Windows 10 21H2 and Windows Server 2012 stems from improper synchronization of concurrent access to shared resources, enabling local authenticated users to gain elevated system privileges. The race condition can be triggered without user interaction and impacts confidentiality, integrity, and availability of the affected system. No patch is currently available.

Linux Windows Race Condition Windows 10 21h2 Windows Server 2012 +12
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-21222 MEDIUM PATCH This Month

Windows Kernel inadvertently logs sensitive information accessible to authenticated local users, enabling information disclosure attacks. This medium-severity vulnerability affects Windows 10 22H2, Windows 11 23H2, and 24H2, as well as Linux systems, allowing authorized attackers with local access to retrieve confidential data. No patch is currently available for this issue.

Linux Windows Windows 10 22h2 Windows 11 24h2 Windows 11 23h2 +10
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20846 HIGH PATCH This Week

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. [CVSS 7.5 HIGH]

Windows Buffer Overflow Windows 11 23h2 Windows 11 24h2 Windows Server 2012 +11
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-20841 HIGH PATCH This Week

Local code execution in Windows Notepad stems from inadequate sanitization of command metacharacters, enabling authenticated users to execute arbitrary commands through specially crafted input. The vulnerability requires user interaction and local access, making it exploitable by attackers with limited system privileges. No patch is currently available.

Windows Command Injection Windows Notepad Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-62676 HIGH This Week

Forticlient versions up to 7.4.4 is affected by improper link resolution before file access (CVSS 7.1).

Fortinet Windows Forticlient
NVD
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 9.3
CRITICAL Act Now

Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.

CSRF Privilege Escalation Authentication Bypass +6
NVD GitHub VulDB
EPSS 0% CVSS 8.2
HIGH This Week

RustDesk Client through version 1.4.5 on Windows, macOS, and Linux uses weak password hashing and improper object prototype handling in its password security and configuration encryption modules, allowing local authenticated attackers to extract embedded sensitive data including passwords and machine identifiers. The vulnerability affects critical cryptographic functions including symmetric_crypt() and decrypt_str_or_original(), enabling attackers with local access and valid credentials to compromise encrypted credentials and system identifiers. No patch is currently available.

Information Disclosure Microsoft Apple +2
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH This Week

RustDesk Server Pro through version 1.7.5 uses weak cryptographic algorithms in configuration string generation and web console export functions, enabling attackers to extract sensitive embedded data from exported configurations. This vulnerability affects Windows, macOS, and Linux deployments and requires no authentication or user interaction to exploit. No patch is currently available.

Information Disclosure Apple Microsoft +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

RustDesk Client through version 1.4.5 uses a broken cryptographic algorithm that allows attackers to retrieve sensitive embedded data during config import, URI scheme handling, or CLI operations across Windows, macOS, Linux, iOS, Android, and web clients. An unauthenticated remote attacker can exploit this vulnerability without user interaction to extract sensitive configuration information. No patch is currently available for this high-severity vulnerability.

Microsoft Apple Google +5
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

IDExpert Windows Logon Agent has a second RCE vulnerability through another unsigned code download path.

Windows RCE Idexpert
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

IDExpert Windows Logon Agent by Changing has an RCE vulnerability through download of code without integrity check, allowing malicious update injection.

Windows RCE Idexpert
NVD
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Gradio versions up to 6.7 contains a vulnerability that allows attackers to read arbitrary files from the file system (CVSS 7.5).

Windows Python Path Traversal +2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

HTTP::Session2 before version 1.12 for Perl generates predictable session identifiers on Windows systems when /dev/urandom is unavailable, falling back to weak randomization using rand() combined with guessable values like PID and epoch time. An attacker could predict valid session IDs to hijack user sessions, as SHA-1 hashing of these weak inputs provides insufficient cryptographic protection. This affects Perl applications using HTTP::Session2 on Windows platforms where secure random sources are not accessible.

Windows
NVD GitHub
EPSS 0% CVSS 6.7
MEDIUM This Month

Unquoted service path handling in IJ Scan Utility versions 1.1.2 through 1.5.0 on Windows allows privileged local attackers to achieve arbitrary code execution by placing a malicious executable in a predictable directory location. An authenticated user with high privileges could exploit this weakness to execute commands with the same permissions as the vulnerable service. No patch is currently available for this issue.

Windows
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Null pointer dereference in Windows allows authenticated local users to cause a denial of service condition with potential system instability. An attacker with valid user credentials can trigger this memory safety issue to crash affected processes or degrade system availability. No patch is currently available for this vulnerability.

Windows Null Pointer Dereference
NVD
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

FreeRDP is a free implementation of the Remote Desktop Protocol. [CVSS 7.5 HIGH]

Windows Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

FreeRDP is a free implementation of the Remote Desktop Protocol. [CVSS 7.5 HIGH]

Windows Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Use-after-free in FreeRDP xf_SetWindowMinMaxInfo before version 3.23.0. X11 client window management triggers memory corruption. PoC and patch available.

Windows Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

Local denial of service in Windows CLFS.sys driver allows unprivileged users to crash the system through improper handling of special elements. Affected versions include Windows 11 2024 LTSC and Windows Server 2025 prior to the September 2025 cumulative update, while Windows 25H2 and later contain the patch. No public exploit code is currently available, and the vulnerability carries a CVSS score of 5.5 with zero estimated probability of exploitation.

Microsoft Windows Denial Of Service
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Adb Explorer contains a vulnerability that allows attackers to set the binary's path to point to a remote network resource, hosted on an attack (CVSS 7.8).

Windows Adb Explorer
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Fiber web framework versions 3.0.0 and earlier on Windows contain a path traversal vulnerability that allows remote attackers to bypass static file middleware protections and read arbitrary files from the server. Public exploit code exists for this vulnerability, which affects applications using the vulnerable Fiber versions. The issue has been patched in Fiber v3.1.0.

Windows Path Traversal Fiber +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. [CVSS 7.8 HIGH]

Windows Endpoint Security
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cryptopro Secure Disk contains a vulnerability that allows attackers to execute arbitrary code in the context of the root user and enables an attacker t (CVSS 6.8).

Linux RCE Cryptopro Secure Disk +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Local privilege escalation via out-of-bounds memory read in Docker Desktop's grpcfuse kernel module (versions up to 4.61.0) on Linux, Windows, and macOS allows authenticated local attackers to achieve complete system compromise through manipulation of /proc/docker entries. The vulnerability requires local access and valid user credentials but enables reading and modifying arbitrary kernel memory with high impact on confidentiality, integrity, and availability. Docker Desktop 4.62.0 and later resolve this issue.

Linux Windows macOS +2
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

IDOR vulnerability in SolarWinds Serv-U allows accessing objects belonging to other users. Fourth critical Serv-U vulnerability in this batch.

Windows Serv U
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Second type confusion vulnerability in SolarWinds Serv-U. Different attack vector from CVE-2025-40539 but same impact — arbitrary code execution.

Windows Serv U
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Type confusion vulnerability in SolarWinds Serv-U enables arbitrary code execution. Second critical Serv-U vulnerability.

Windows Serv U
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Broken access control in SolarWinds Serv-U allows unauthorized user creation by exploiting privilege assignment flaws. First of four critical Serv-U vulnerabilities.

Windows Serv U
NVD
EPSS 0% CVSS 7.4
HIGH POC This Week

A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. [CVSS 7.4 HIGH]

Windows Privilege Escalation Race Condition +1
NVD GitHub
EPSS 0% CVSS 7.4
HIGH POC This Week

A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. [CVSS 7.4 HIGH]

Windows Privilege Escalation Race Condition +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Werkzeug versions 3.1.5 and below on Windows fail to properly filter reserved device names in the safe_join function when paths contain multiple segments, allowing attackers to craft requests that trigger indefinite hangs by targeting special device names like NUL. Remote attackers can exploit this denial-of-service vulnerability against applications using send_from_directory to serve user-specified files. A patch is available in version 3.1.6.

Windows Werkzeug Suse
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

RustDesk Client for Windows file transfer functionality allows local attackers with low-privileged code execution to read arbitrary files through symlink injection, potentially disclosing sensitive information with SYSTEM-level access. An attacker can exploit the Transfer File feature by uploading a specially crafted symbolic link to bypass access controls and access protected files on the target system. No patch is currently available for this vulnerability.

Windows Information Disclosure
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

ADB Explorer through version 0.9.26020 fails to validate user-supplied directory paths, enabling local attackers to trigger recursive deletion of arbitrary filesystem directories including critical system and user folders. An attacker can exploit this by crafting a malicious shortcut or script that launches the application with a sensitive path argument, causing permanent data loss when the application processes the ClearDrag() function at startup or exit. Any user tricked into launching ADB Explorer via a weaponized shortcut or batch file faces complete loss of targeted directories such as Documents or user profile folders.

Path Traversal Microsoft Windows
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Remote code execution in Calibre 9.2.1 and earlier allows authenticated users to write arbitrary files via a path traversal flaw in the extract_pictures() function that fails to properly sanitize directory traversal sequences. On Windows systems, attackers can exploit this to write malicious payloads to the Startup folder, achieving code execution upon the next user login. Public exploit code exists for this vulnerability, and a patch is available in version 9.3.0.

Windows RCE Path Traversal +2
NVD GitHub
EPSS 0% CVSS 10.0
CRITICAL Act Now

Missing authorization in Acronis Cyber Protect 16 allows sensitive data access. CVSS 10.0.

Linux Windows Cyber Protect
NVD
EPSS 0% CVSS 10.0
CRITICAL Act Now

Second improper authentication in Acronis Cyber Protect 16. CVSS 10.0.

Linux Windows Cyber Protect
NVD
EPSS 0% CVSS 10.0
CRITICAL Act Now

Improper authentication in Acronis Cyber Protect 16. CVSS 10.0.

Linux Windows Cyber Protect
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Missing authentication in Acronis Cyber Protect Cloud Agent (Linux, Windows, macOS).

Linux Windows macOS
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in ADB Explorer version 0.9.26020 and earlier on Windows allows local attackers to execute malicious binaries by manipulating the ManualAdbPath configuration setting without integrity validation. An attacker can exploit this through social engineering by distributing a crafted settings file that redirects the application to a malicious executable, gaining code execution with user privileges. The vulnerability requires user interaction to launch the application with a malicious configuration directory.

Windows RCE
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Unauthenticated remote file read in Echo web framework versions 5.0.0-5.0.2 on Windows allows attackers to traverse outside the static root directory and access arbitrary files via backslash path sequences in requests. The vulnerability stems from improper path normalization where path.Clean() does not treat backslashes as separators, but the underlying os.Open() call on Windows does, enabling directory traversal. Public exploit code exists for this medium-severity vulnerability, though a patch is available in version 5.0.3.

Windows Golang Path Traversal +2
NVD GitHub
EPSS 0% CVSS 7.3
HIGH POC This Week

Notepad++ versions before 8.9.2 allow local code execution through an unsafe search path vulnerability that permits attackers to hijack the Windows Explorer executable if they control the process working directory. A user with local access running the affected application could be tricked into executing a malicious explorer.exe, leading to arbitrary code execution with application privileges. Public exploit code exists for this vulnerability and no patch is currently available.

Windows
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Buffer overflow in ChaosPro 2.0 fractal generator via configuration file path handling allows code execution through crafted configuration files. PoC available.

Windows RCE Buffer Overflow
NVD Exploit-DB
EPSS 0% CVSS 8.4
HIGH POC This Week

Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). [CVSS 8.4 HIGH]

Windows Buffer Overflow Stack Overflow
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH POC This Week

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. [CVSS 7.5 HIGH]

Windows Path Traversal
NVD Exploit-DB
EPSS 0%
Monitor

Path traversal vulnerability in the AMR Printer Management 1.01 Beta web service, which allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service.

Windows Path Traversal
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Admin Center's authentication mechanism can be bypassed by authenticated network users to gain elevated privileges on affected Windows systems. An attacker with valid credentials could exploit this weakness to escalate their access level without additional user interaction. A patch is available to remediate this high-severity vulnerability.

Windows Windows Admin Center Microsoft
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack. [CVSS 6.5 MEDIUM]

IBM Linux Windows +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Db2 Merge Backup versions up to 12.1.0.0 is affected by incorrect calculation of buffer size (CVSS 6.5).

IBM Linux Windows +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Db2 Recovery Expert versions up to 5.5.0 is affected by cross-site request forgery (csrf) (CVSS 6.5).

IBM Linux Windows +2
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Db2 Recovery Expert versions up to 5.5.0 is affected by cleartext transmission of sensitive information (CVSS 5.9).

IBM Linux Windows +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Db2 Recovery Expert versions up to 5.5.0 contains a vulnerability that allows attackers to conduct various attacks against the vulnerable system, including cross-site scri (CVSS 6.5).

IBM Linux Windows +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Db2 Merge Backup versions up to 12.1.0.0 contains a vulnerability that allows attackers to access sensitive information in memory due to the buffer not properly clearing r (CVSS 5.5).

IBM Linux Windows +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Db2 versions up to 12.1.3 contains a vulnerability that allows attackers to an authenticated user to obtain sensitive information under specific HADR config (CVSS 5.3).

IBM Linux Windows +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Db2 versions up to 12.1.3 is affected by improper restriction of xml external entity reference (CVSS 7.1).

IBM Linux Windows +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Db2 contains a vulnerability that allows attackers to an authenticated user to cause a denial of service due to improper neutralizatio (CVSS 6.5).

IBM Linux Windows +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic

IBM Linux Windows +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Total VPN 0.5.29.0 on Windows contains an unquoted search path vulnerability in win-service.exe that allows local attackers with low privileges to achieve code execution through path manipulation. The vulnerability requires high attack complexity and local access, but no patch is currently available from the vendor.

Windows
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Local privilege escalation in Calero VeraSMART versions before 2026 R1 stems from hardcoded AES encryption keys embedded in Veramark.Framework.dll that protect service account credentials stored in app.settings. An attacker with local system access can extract these static keys, decrypt the stored passwords, and use the recovered credentials to authenticate as the service account, potentially gaining elevated privileges depending on that account's permissions. No patch is currently available for this vulnerability.

Windows Privilege Escalation Verasmart
NVD
EPSS 0% CVSS 7.8
HIGH This Week

ADB Explorer on Windows versions prior to Beta 0.9.26020 allows local attackers to achieve remote code execution by crafting a malicious App.txt settings file that exploits insecure JSON deserialization with enabled type name handling. An attacker can inject a gadget chain payload into the configuration file that executes arbitrary code when the application launches and processes settings. No patch is currently available for affected versions.

Windows RCE Deserialization
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM This Month

Nessus Agent on Windows systems contains improper file permission controls that allow local authenticated users to trigger denial of service attacks against the agent process. The vulnerability requires local access with standard user privileges and could disrupt security monitoring capabilities on affected hosts. No patch is currently available for this issue.

Windows Denial Of Service Nessus Agent
NVD
EPSS 0%
Monitor

Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.

Windows
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Privilege escalation in Dell iDRAC Service Module (Windows versions before 6.0.3.1 and Linux versions before 5.4.1.1) stems from improper access controls that allow local users with low privileges to gain elevated system access. An attacker with local access can exploit this vulnerability to obtain administrative capabilities on affected systems. No patch is currently available for this issue affecting both Windows and Linux environments.

Linux Windows
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Stack overflow in Torrent FLV Converter 1.51 Build 117 via SEH overwrite. PoC available.

Windows Stack Overflow
NVD Exploit-DB
EPSS 0%
Monitor

An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so.

Paloalto Windows
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific path locations. [CVSS 7.8 HIGH]

Windows Golang Mikogo
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

its Windows service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

Windows
NVD Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM This Month

GE Vernova Enervista UR Setup version 8.6 and earlier on Windows contains a vulnerability allowing high-privileged local attackers to modify system integrity without user interaction. An attacker with administrative privileges could exploit this flaw to alter critical configuration or data, though no patch is currently available.

Windows
NVD
EPSS 0% CVSS 2.9
LOW Monitor

A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions. [CVSS 2.9 LOW]

Windows
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

Unauthenticated attackers can read sensitive configuration files from SiYuan knowledge management systems prior to version 3.5.5 by exploiting case-sensitivity bypass in file access controls on Windows and other case-insensitive filesystems. The /api/file/getFile endpoint fails to properly validate mixed-case path traversal attempts, allowing unauthorized access to protected data. Public exploit code exists for this vulnerability, and no patch is currently available.

Windows Siyuan
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Windows App for Mac is susceptible to privilege escalation through improper symbolic link resolution, enabling authenticated local attackers to bypass access controls and gain elevated privileges. The vulnerability stems from insufficient validation during file operations and requires low-level user privileges and specific system conditions to exploit. No patch is currently available.

Windows Windows App Microsoft
NVD
EPSS 4% CVSS 8.8
HIGH POC KEV PATCH THREAT Act Now

Windows Shell contains a protection mechanism failure (CVE-2026-21510, CVSS 8.8) that allows unauthenticated remote attackers to bypass security features over a network. KEV-listed, this vulnerability in the core Windows Shell component enables remote code execution by circumventing security boundaries designed to prevent execution of untrusted content received from the network.

Windows Windows 11 23h2 Windows Server 2016 +12
NVD VulDB GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Storage component contains an authentication bypass that enables authenticated local users to escalate privileges on Windows 10, Windows 11, and Windows Server 2016/2019 systems. An attacker with valid local credentials can exploit this vulnerability to gain elevated system access without user interaction. No patch is currently available for this HIGH severity issue affecting multiple Windows versions.

Windows Windows 10 1809 Windows Server 2016 +12
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Windows Hyper-V fails to properly enforce access controls, enabling local authenticated users to circumvent security features and gain unauthorized system access. This high-severity flaw affects Windows 10, Windows 11, Windows Server 2022, and Hyper-V implementations, allowing privileged attackers to escalate privileges across system boundaries. No patch is currently available for this vulnerability.

Windows Hyper-V Windows 10 1607 +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Cluster Client Failover exploits a use-after-free memory vulnerability, enabling authenticated local users to gain elevated system privileges. The flaw affects Windows Server 2016, 2019, and 2025 installations where an attacker with existing local access can trigger the vulnerability through the failover clustering component. No patch is currently available for this high-severity vulnerability.

Windows Use After Free Windows Server 2019 +5
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Windows HTTP.sys contains an unsafe pointer dereference vulnerability that enables authenticated local attackers to escalate privileges on affected systems including Windows 11, Windows Server 2025, and related versions. An attacker with local user access can exploit this flaw to gain system-level privileges with high confidence in successful exploitation. No patch is currently available for this vulnerability.

Windows Windows Server 2025 Windows 11 24h2 +3
NVD Exploit-DB VulDB
EPSS 0% CVSS 3.3
LOW PATCH Monitor

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally. [CVSS 3.3 LOW]

Windows Microsoft
NVD
EPSS 0% CVSS 7.3
HIGH POC PATCH This Week

Heap overflow in Windows Hyper-V enables authenticated local users to achieve arbitrary code execution with high privileges on affected Windows and Windows Server systems. An attacker with local access and user-level permissions can trigger memory corruption through user interaction to compromise system integrity and confidentiality. This vulnerability affects Windows 10 1809, Windows Server 2025, and related Hyper-V implementations with no patch currently available.

Windows Hyper-V Buffer Overflow +14
NVD Exploit-DB VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. [CVSS 7.3 HIGH]

Windows Hyper-V Windows 11 24h2 +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel heap overflow in Windows 11 25h2 and Windows Server 2025 enables authenticated local attackers to achieve privilege escalation with high impact on confidentiality, integrity, and availability. The vulnerability requires local access and user privileges but no user interaction, making it a practical attack vector for lateral movement within systems. No patch is currently available, leaving affected systems exposed until remediation is released.

Linux Windows Buffer Overflow +5
NVD
EPSS 0% CVSS 7.3
HIGH POC PATCH This Week

Heap overflow in Windows Hyper-V enables authenticated local users to achieve arbitrary code execution with high privileges (CVSS 7.3). Exploitation requires user interaction and local system access, affecting Windows 10 1809 and Windows Server 2025. No patch is currently available.

Windows Hyper-V Buffer Overflow +14
NVD Exploit-DB VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Windows LDAP service in Server 2022 and 2022 23H2 is vulnerable to denial of service through a null pointer dereference that can be triggered remotely without authentication. An attacker can exploit this flaw over the network to crash the LDAP service and disrupt directory access functionality. No patch is currently available for this vulnerability.

Windows LDAP Null Pointer Dereference +5
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Subsystem for Linux contains a use-after-free vulnerability that enables local privilege escalation for authenticated users. An attacker with valid local access could exploit this memory safety flaw to gain elevated system privileges on affected Windows Server 2022 systems.

Linux Windows Use After Free +9
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock in Windows 11 23h2 and Windows Server 2022 23h2 contains a use-after-free vulnerability that allows authenticated local users to achieve privilege escalation. An attacker with local access and valid credentials can trigger the memory safety flaw to gain elevated system privileges. No patch is currently available for this HIGH severity vulnerability.

Windows Use After Free Windows Server 2022 23h2 +6
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows HTTP.sys contains a race condition between privilege checks and resource access that enables local authenticated users to escalate privileges on Windows 10 21H2, Windows 11 23H2, and Windows Server 2025. An attacker with valid credentials can exploit this timing vulnerability to gain system-level access. No patch is currently available for this vulnerability.

Windows Race Condition Windows 10 21h2 +10
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation via heap buffer overflow in Windows Kernel (Windows 10 21H2, Windows Server 2016) allows authenticated local users to gain elevated system privileges. The vulnerability requires local access and user-level permissions, making it exploitable by authorized account holders to bypass security boundaries. No patch is currently available for this issue.

Linux Windows Buffer Overflow +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in the Windows Ancillary Function Driver for WinSock affects Windows 11 and Windows Server 2022/2019, allowing authenticated local users to gain elevated system privileges. The vulnerability stems from improper access control mechanisms and currently lacks a patch. An authenticated attacker with local access can exploit this to achieve full system compromise.

Windows Windows 11 23h2 Windows Server 2022 23h2 +12
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Windows Subsystem for Linux affects Windows 11 23h2 and Windows 10 22h2 through a race condition in shared resource synchronization. An authenticated local attacker can exploit this vulnerability to gain elevated privileges on the system. No patch is currently available for this vulnerability.

Linux Windows Race Condition +9
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Ancillary Function Driver for WinSock contains a heap buffer overflow vulnerability that enables authenticated local users to achieve privilege escalation on affected Windows 10 and Server 2012 systems. An attacker with valid user credentials can exploit this memory corruption flaw to execute arbitrary code with elevated privileges. No patch is currently available for this vulnerability.

Windows Buffer Overflow Heap Overflow +14
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Windows Connected Devices Platform Service exploits a race condition in resource synchronization, allowing authenticated attackers to gain elevated privileges on affected Windows systems including Server 2022, Windows 11 25h2, and Windows 10 21h2. The vulnerability requires local access and user interaction is not needed, making it a practical attack vector for users with standard privileges. No patch is currently available.

Windows Race Condition Windows Server 2022 +10
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows HTTP.sys contains an untrusted pointer dereference vulnerability that enables authenticated local users to escalate privileges on Windows 11 and Windows Server 2022/2025 systems. An attacker with valid credentials can exploit this flaw to gain elevated access without user interaction. No patch is currently available for this HIGH severity issue affecting multiple Windows versions.

Windows Windows 11 25h2 Windows Server 2022 23h2 +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Kernel privilege escalation vulnerability in Windows 10 21H2 and Windows Server 2012 stems from improper synchronization of concurrent access to shared resources, enabling local authenticated users to gain elevated system privileges. The race condition can be triggered without user interaction and impacts confidentiality, integrity, and availability of the affected system. No patch is currently available.

Linux Windows Race Condition +14
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Kernel inadvertently logs sensitive information accessible to authenticated local users, enabling information disclosure attacks. This medium-severity vulnerability affects Windows 10 22H2, Windows 11 23H2, and 24H2, as well as Linux systems, allowing authorized attackers with local access to retrieve confidential data. No patch is currently available for this issue.

Linux Windows Windows 10 22h2 +12
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. [CVSS 7.5 HIGH]

Windows Buffer Overflow Windows 11 23h2 +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local code execution in Windows Notepad stems from inadequate sanitization of command metacharacters, enabling authenticated users to execute arbitrary commands through specially crafted input. The vulnerability requires user interaction and local access, making it exploitable by attackers with limited system privileges. No patch is currently available.

Windows Command Injection Windows Notepad +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Forticlient versions up to 7.4.4 is affected by improper link resolution before file access (CVSS 7.1).

Fortinet Windows Forticlient
NVD
Prev Page 2 of 18 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy