420
CVEs
35
Critical
256
High
8
KEV
9
PoC
250
Unpatched C/H
21.2%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
35
HIGH
256
MEDIUM
119
LOW
7
Monthly CVE Trend
Affected Products (30)
Windows
1267
Windows Server 2025
720
Windows Server 2022
714
Windows Server 2022 23h2
713
Windows Server 2019
687
Windows 11 23h2
662
Windows 11 24h2
649
Windows 10 22h2
636
Windows 10 21h2
634
Windows 10 1809
607
Windows Server 2016
602
Windows 10 1607
522
Windows 11 22h2
497
Windows Server 2012
486
Windows 10 1507
378
Windows Server 2008
367
Memory Corruption
195
Use After Free
187
Windows 11 25h2
177
Heap Overflow
164
Office Long Term Servicing Channel
137
365 Apps
137
Office
130
Race Condition
84
Excel
52
Chrome
51
Office Online Server
49
Command Injection
47
Sharepoint Server
43
macOS
42
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-20963 | Microsoft Office SharePoint contains a deserialization vulnerability (CVE-2026-20963) that allows authenticated users to execute arbitrary code over the network through crafted serialized objects. KEV-listed with public PoC, this CVSS 8.8 vulnerability enables any SharePoint user to escalate to server-level code execution, making it a critical threat for organizations relying on SharePoint for document management and collaboration. | CRITICAL | 9.8 | 1.6% | 126 |
KEV
PoC
No patch
|
| CVE-2026-21509 | Microsoft Office contains a security feature bypass (CVE-2026-21509, CVSS 7.8) where reliance on untrusted inputs in security decisions allows local attackers to bypass protections designed to prevent execution of malicious content. KEV-listed with EPSS 9.3%, this vulnerability enables attackers to circumvent Office security features like Protected View or macro restrictions through crafted documents. | HIGH | 7.8 | 9.3% | 98 |
KEV
No patch
|
| CVE-2026-21510 | Windows Shell contains a protection mechanism failure (CVE-2026-21510, CVSS 8.8) that allows unauthenticated remote attackers to bypass security features over a network. KEV-listed, this vulnerability in the core Windows Shell component enables remote code execution by circumventing security boundaries designed to prevent execution of untrusted content received from the network. | HIGH | 8.8 | 3.8% | 98 |
KEV
PoC
No patch
|
| CVE-2026-21514 | Microsoft Office Word contains a security decision bypass (CVE-2026-21514, CVSS 7.8) through reliance on untrusted inputs, allowing local attackers to bypass protections when opening malicious documents. KEV-listed, this vulnerability enables document-based attacks that circumvent Word's security features designed to protect users from malicious content. | HIGH | 7.8 | 4.5% | 93 |
KEV
No patch
|
| CVE-2026-21519 | Desktop Window Manager (DWM) in Windows contains a type confusion vulnerability (CVE-2026-21519, CVSS 7.8) that enables authorized local attackers to escalate privileges. KEV-listed, this kernel-level vulnerability in the Windows compositor allows any authenticated user to achieve SYSTEM-level access through exploitation of an incompatible type access in DWM's resource handling. | HIGH | 7.8 | 3.1% | 92 |
KEV
No patch
|
| CVE-2026-21533 | Windows Remote Desktop contains an improper privilege management vulnerability (CVE-2026-21533, CVSS 7.8) enabling authorized local attackers to escalate to SYSTEM. KEV-listed, this vulnerability in the RDP subsystem is particularly concerning in environments where Remote Desktop is widely used, as it can be chained with RDP session access for complete system compromise. | HIGH | 7.8 | 2.7% | 92 |
KEV
PoC
No patch
|
| CVE-2026-21525 | Windows Remote Access Connection Manager contains a null pointer dereference flaw affecting Windows 10 (versions 1809 and 21h2) and Windows 11 (version 23h2) that has been confirmed as actively exploited. A local attacker can trigger a denial of service condition without requiring authentication or user interaction. No patch is currently available for this vulnerability. | MEDIUM | 6.2 | 3.4% | 84 |
KEV
No patch
|
| CVE-2026-20805 | Desktop Windows Manager on Windows 10, Windows 11, and Windows Server 2022 leaks sensitive information to local authenticated users, enabling disclosure of confidential data without modifying or disrupting system functionality. This vulnerability is confirmed actively exploited and affects multiple Windows versions with no patch currently available. An authorized attacker can exploit this with minimal complexity to extract sensitive information from the system. | MEDIUM | 5.5 | 4.8% | 82 |
KEV
No patch
|
| CVE-2026-39912 | Authentication bypass in V2Board 1.6.1-1.7.4 and Xboard ≤0.1.9 enables unauthenticated account takeover including admin privileges. When login_with_mail_link_enable is active, attackers POST known email addresses to the loginWithMailLink endpoint, receiving full authentication URLs in HTTP responses. Tokens extracted from these URLs are exchanged at token2Login for valid bearer tokens granting complete account access. Publicly available exploit code exists. CVSS 9.1 critical severity reflects network-accessible attack with no user interaction required. | CRITICAL | 9.1 | 0.1% | 66 |
PoC
|
| CVE-2026-25172 | Remote code execution in Windows Routing and Remote Access Service (RRAS) across Windows Server 2012, 2022, and 2022 23h2 stems from an integer overflow vulnerability that authenticated network attackers can exploit with user interaction. Public exploit code exists for this vulnerability, enabling attackers to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available. | HIGH | 8.0 | 0.1% | 60 |
PoC
No patch
|
| CVE-2026-25173 | Remote code execution in Windows RRAS affects Windows 10 1607 and Windows Server 2022 23h2 through an integer overflow vulnerability exploitable by authenticated network attackers. Public exploit code exists for this vulnerability, enabling authenticated users to execute arbitrary code with high integrity and confidentiality impact. No patch is currently available, making this a critical exposure for affected Windows environments. | HIGH | 8.0 | 0.1% | 60 |
PoC
No patch
|
| CVE-2026-26111 | Remote code execution in Windows RRAS across Server 2016, 2022, and 2025 via an integer overflow vulnerability allows authenticated attackers to execute arbitrary code over the network with high privileges. Public exploit code exists for this vulnerability, and no patch is currently available. Authenticated users with network access can trigger the vulnerability through a simple interaction to gain complete system compromise. | HIGH | 8.0 | 0.1% | 60 |
PoC
No patch
|
| CVE-2017-20218 | Serviio PRO 1.8 and earlier versions contain an unquoted service path vulnerability combined with insecure directory permissions that allows local authenticated users to escalate privileges to SYSTEM level. A public exploit is available, making this vulnerability easily exploitable by any authenticated user on the system. With a CVSS score of 7.8 and multiple proof-of-concept exploits published, this represents a significant risk for organizations running affected versions. | HIGH | 7.8 | 0.0% | 59 |
PoC
No patch
|
| CVE-2026-30302 | CodeRider-Kilo's command auto-approval module fails to correctly parse Windows CMD escape sequences (^), allowing attackers to bypass its Git command whitelist and achieve arbitrary remote code execution. The vulnerability exploits a mismatch between the Unix-based shell-quote parser used for validation and the actual Windows CMD interpreter behavior, enabling attackers to inject malicious commands through crafted payloads such as git log ^" & malicious_command ^". No public exploit code or active exploitation has been confirmed at the time of analysis. | CRITICAL | 10.0 | 0.4% | 50 |
No patch
|
| CVE-2026-32169 | Azure Cloud Shell contains a server-side request forgery vulnerability that allows unauthenticated remote attackers to escalate privileges without user interaction. The vulnerability affects Microsoft products and has a critical CVSS score of 10.0, though no patch is currently available. Attackers can leverage network access to achieve privilege elevation across system boundaries. | CRITICAL | 10.0 | 0.1% | 50 |
No patch
|