Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10557
Total
721
Critical
3059
High
3365
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-34347 | HIGH | 7.0 | Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34345 | HIGH | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34344 | HIGH | 7.8 | Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34343 | HIGH | 7.8 | Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34342 | HIGH | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34341 | HIGH | 7.0 | Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34340 | HIGH | 7.0 | Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34339 | MEDIUM | 5.5 | Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally. | May 12, 2026 |
| CVE-2026-34338 | HIGH | 7.8 | Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34337 | HIGH | 7.8 | Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34336 | HIGH | 7.8 | Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally. | May 12, 2026 |
| CVE-2026-34334 | HIGH | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34333 | HIGH | 7.8 | Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34332 | HIGH | 8.0 | Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network. | May 12, 2026 |
| CVE-2026-34331 | HIGH | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34330 | HIGH | 7.8 | Integer overflow or wraparound in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-34329 | HIGH | 8.8 | Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network. | May 12, 2026 |
| CVE-2026-33841 | HIGH | 7.8 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-33840 | HIGH | 7.8 | Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-33839 | HIGH | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-33838 | HIGH | 7.8 | Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-33837 | HIGH | 7.8 | Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-33835 | HIGH | 7.8 | Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-33834 | HIGH | 7.8 | Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally. | May 12, 2026 |
| CVE-2026-33833 | HIGH | 8.2 | Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over … | May 12, 2026 |