Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22874
Total
1630
Critical
7150
High
7293
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-44799 | HIGH | 7.5 | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-42993 | HIGH | 7.5 | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-42992 | HIGH | 7.5 | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-42991 | HIGH | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42989 | HIGH | 7.8 | Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42987 | HIGH | 8.1 | Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-42986 | HIGH | 7.8 | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42985 | HIGH | 8.8 | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-42984 | HIGH | 7.0 | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42983 | HIGH | 7.8 | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42981 | HIGH | 8.1 | Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-42980 | HIGH | 7.8 | Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42979 | HIGH | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42978 | HIGH | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42977 | HIGH | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42974 | HIGH | 8.1 | Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. | Jun 09, 2026 |
| CVE-2026-42973 | MEDIUM | 5.5 | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 09, 2026 |
| CVE-2026-42972 | MEDIUM | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally. | Jun 09, 2026 |
| CVE-2026-42971 | MEDIUM | 5.5 | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 09, 2026 |
| CVE-2026-42970 | MEDIUM | 5.5 | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 09, 2026 |
| CVE-2026-42969 | MEDIUM | 5.5 | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 09, 2026 |
| CVE-2026-42968 | MEDIUM | 5.5 | Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally. | Jun 09, 2026 |
| CVE-2026-42916 | HIGH | 7.8 | Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-42915 | MEDIUM | 5.7 | Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network. | Jun 09, 2026 |
| CVE-2026-42914 | MEDIUM | 5.3 | Windows Kerberos Denial of Service Vulnerability | Jun 09, 2026 |