Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22874
Total
1630
Critical
7150
High
7293
Medium
CVE ID Severity Score Description Published
CVE-2026-45447 HIGH 8.8 Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in … Jun 09, 2026
CVE-2026-45446 MEDIUM 4.8 Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing … Jun 09, 2026
CVE-2026-45445 HIGH 7.5 Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: … Jun 09, 2026
CVE-2026-44824 HIGH 7.8 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-44823 HIGH 7.8 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-44822 HIGH 8.2 Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. Jun 09, 2026
CVE-2026-44821 MEDIUM 5.5 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. Jun 09, 2026
CVE-2026-44820 HIGH 7.8 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-44819 HIGH 7.8 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-44818 HIGH 7.0 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-44817 HIGH 7.8 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-44815 CRITICAL 9.8 Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network. Jun 09, 2026
CVE-2026-44814 MEDIUM 5.5 Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally. Jun 09, 2026
CVE-2026-44813 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-44812 HIGH 7.8 Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-44811 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-44810 HIGH 8.4 Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-44809 HIGH 7.8 Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-44808 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-44807 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-44805 MEDIUM 5.5 Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally. Jun 09, 2026
CVE-2026-44804 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-44803 HIGH 7.8 Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. Jun 09, 2026
CVE-2026-44802 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-44801 HIGH 7.5 Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. Jun 09, 2026