Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22832
Total
1629
Critical
7118
High
7284
Medium
CVE ID Severity Score Description Published
CVE-2026-45500 MEDIUM 6.1 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45491 MEDIUM 6.2 Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally. Jun 09, 2026
CVE-2026-45490 HIGH 7.8 Improper authorization in .NET allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-45487 HIGH 7.8 Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-45486 HIGH 7.8 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45485 LOW 3.3 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. Jun 09, 2026
CVE-2026-45484 HIGH 8.8 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. Jun 09, 2026
CVE-2026-45483 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45482 HIGH 8.4 Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a … Jun 09, 2026
CVE-2026-45481 HIGH 7.3 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45479 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45476 HIGH 8.2 Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-45475 HIGH 7.8 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45474 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45472 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45471 HIGH 7.8 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45469 HIGH 7.8 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45468 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45467 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45466 LOW 3.3 Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally. Jun 09, 2026
CVE-2026-45465 MEDIUM 5.4 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45464 MEDIUM 5.4 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45463 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-45462 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Jun 09, 2026
CVE-2026-45461 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Jun 09, 2026