Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22832
Total
1629
Critical
7118
High
7284
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-47281 | CRITICAL | 9.6 | Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. | Jun 09, 2026 |
| CVE-2026-46492 | HIGH | 7.2 | md-fileserver allows for local viewing of markdown files in a browser. Prior to version 1.10.3, a cross-site scripting (XSS) vulnerability exists in the application’s Markdown … | Jun 09, 2026 |
| CVE-2026-45771 | HIGH | 7.5 | FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … | Jun 09, 2026 |
| CVE-2026-45658 | HIGH | 7.8 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | Jun 09, 2026 |
| CVE-2026-45657 | CRITICAL | 9.8 | Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-45656 | HIGH | 7.8 | Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally. | Jun 09, 2026 |
| CVE-2026-45655 | MEDIUM | 5.3 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | Jun 09, 2026 |
| CVE-2026-45654 | HIGH | 7.9 | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | Jun 09, 2026 |
| CVE-2026-45653 | HIGH | 7.0 | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-45650 | MEDIUM | 4.3 | User interface (ui) misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network. | Jun 09, 2026 |
| CVE-2026-45649 | HIGH | 7.1 | Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally. | Jun 09, 2026 |
| CVE-2026-45648 | HIGH | 8.8 | Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-45647 | MEDIUM | 5.5 | Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-45645 | HIGH | 7.8 | Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | Jun 09, 2026 |
| CVE-2026-45644 | HIGH | 8.0 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Live Share Canvas SDK allows an authorized attacker to elevate privileges over a … | Jun 09, 2026 |
| CVE-2026-45643 | HIGH | 7.8 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | Jun 09, 2026 |
| CVE-2026-45642 | LOW | 3.9 | Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack. | Jun 09, 2026 |
| CVE-2026-45641 | HIGH | 8.4 | Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. | Jun 09, 2026 |
| CVE-2026-45640 | HIGH | 7.0 | Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-45639 | HIGH | 7.5 | Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. | Jun 09, 2026 |
| CVE-2026-45638 | HIGH | 7.8 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-45637 | HIGH | 7.8 | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-45636 | HIGH | 7.8 | Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | Jun 09, 2026 |
| CVE-2026-45635 | HIGH | 8.1 | Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-45634 | MEDIUM | 5.5 | Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally. | Jun 09, 2026 |