Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22832
Total
1629
Critical
7118
High
7284
Medium
CVE ID Severity Score Description Published
CVE-2026-47281 CRITICAL 9.6 Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. Jun 09, 2026
CVE-2026-46492 HIGH 7.2 md-fileserver allows for local viewing of markdown files in a browser. Prior to version 1.10.3, a cross-site scripting (XSS) vulnerability exists in the application’s Markdown … Jun 09, 2026
CVE-2026-45771 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. … Jun 09, 2026
CVE-2026-45658 HIGH 7.8 Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. Jun 09, 2026
CVE-2026-45657 CRITICAL 9.8 Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network. Jun 09, 2026
CVE-2026-45656 HIGH 7.8 Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally. Jun 09, 2026
CVE-2026-45655 MEDIUM 5.3 Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. Jun 09, 2026
CVE-2026-45654 HIGH 7.9 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. Jun 09, 2026
CVE-2026-45653 HIGH 7.0 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-45650 MEDIUM 4.3 User interface (ui) misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45649 HIGH 7.1 Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally. Jun 09, 2026
CVE-2026-45648 HIGH 8.8 Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network. Jun 09, 2026
CVE-2026-45647 MEDIUM 5.5 Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-45645 HIGH 7.8 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45644 HIGH 8.0 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Live Share Canvas SDK allows an authorized attacker to elevate privileges over a … Jun 09, 2026
CVE-2026-45643 HIGH 7.8 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45642 LOW 3.9 Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack. Jun 09, 2026
CVE-2026-45641 HIGH 8.4 Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45640 HIGH 7.0 Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-45639 HIGH 7.5 Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. Jun 09, 2026
CVE-2026-45638 HIGH 7.8 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-45637 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-45636 HIGH 7.8 Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45635 HIGH 8.1 Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. Jun 09, 2026
CVE-2026-45634 MEDIUM 5.5 Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally. Jun 09, 2026