Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10338
Total
705
Critical
2973
High
3268
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-35439 | HIGH | 8.8 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | May 12, 2026 |
| CVE-2026-35438 | HIGH | 8.3 | Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network. | May 12, 2026 |
| CVE-2026-35436 | HIGH | 8.8 | Insufficient granularity of access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-35433 | HIGH | 7.3 | Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-35429 | MEDIUM | 4.3 | User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. | May 12, 2026 |
| CVE-2026-35424 | HIGH | 7.5 | Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network. | May 12, 2026 |
| CVE-2026-35423 | MEDIUM | 5.4 | Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network. | May 12, 2026 |
| CVE-2026-35422 | MEDIUM | 6.5 | Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feature over a network. | May 12, 2026 |
| CVE-2026-35421 | HIGH | 7.8 | Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally. | May 12, 2026 |
| CVE-2026-35420 | HIGH | 7.8 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-35419 | MEDIUM | 5.5 | Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally. | May 12, 2026 |
| CVE-2026-35418 | HIGH | 7.8 | Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-35417 | HIGH | 7.8 | Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-35416 | HIGH | 7.0 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-35415 | HIGH | 7.8 | Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34687 | HIGH | 7.8 | Illustrator versions 29.8.6, 30.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of … | May 12, 2026 |
| CVE-2026-34676 | HIGH | 7.8 | Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … | May 12, 2026 |
| CVE-2026-34675 | HIGH | 7.8 | Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … | May 12, 2026 |
| CVE-2026-34663 | MEDIUM | 5.5 | Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage … | May 12, 2026 |
| CVE-2026-34662 | MEDIUM | 5.5 | Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit … | May 12, 2026 |
| CVE-2026-34661 | HIGH | 7.8 | Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the … | May 12, 2026 |
| CVE-2026-34644 | HIGH | 7.8 | After Effects versions 26.0, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the … | May 12, 2026 |
| CVE-2026-34643 | HIGH | 7.8 | After Effects versions 26.0, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … | May 12, 2026 |
| CVE-2026-34642 | HIGH | 7.8 | After Effects versions 26.0, 25.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … | May 12, 2026 |
| CVE-2026-34640 | HIGH | 7.8 | Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the … | May 12, 2026 |