Windows · Fixed build
10.0.25398.2274
MSRC advisory122 CVEs fixed by this build, deployed across 1 Windows SKUs.
- Published on
- 2019-07-09
- SKUs covered
- 1
- CVEs fixed
- 122
Windows SKUs covered by this build
The SKUs below share this MSRC build number. Deploying the corresponding KB secures all of them at once.
- CISA KEV
- 1
- Critical
- 4
- High
- 117
- NVD pending
- 0
CVEs fixed by this build
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2026-32202
KEV
Windows Shell Spoofing Vulnerability |
HIGH 4.3 | KEV | Windows Shell Spoofing Vulnerability | |
|
CVE-2026-33824
Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability |
CRITICAL 9.8 | — | Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability | |
|
CVE-2026-26167
Windows Push Notifications Elevation of Privilege Vulnerability |
HIGH 8.8 | — | Windows Push Notifications Elevation of Privilege Vulnerability | |
|
CVE-2026-32157
Remote Desktop Client Remote Code Execution Vulnerability |
CRITICAL 8.8 | — | Remote Desktop Client Remote Code Execution Vulnerability | |
|
CVE-2026-26178
Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability |
HIGH 8.8 | — | Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability | |
|
CVE-2026-32225
Windows Shell Security Feature Bypass Vulnerability |
HIGH 8.8 | — | Windows Shell Security Feature Bypass Vulnerability | |
|
CVE-2026-27928
Windows Hello Security Feature Bypass Vulnerability |
HIGH 8.7 | — | Windows Hello Security Feature Bypass Vulnerability | |
|
CVE-2026-32091
Microsoft Brokering File System Elevation of Privilege Vulnerability |
HIGH 8.4 | — | Microsoft Brokering File System Elevation of Privilege Vulnerability | |
|
CVE-2026-32162
Windows COM Elevation of Privilege Vulnerability |
HIGH 8.4 | — | Windows COM Elevation of Privilege Vulnerability | |
|
CVE-2026-33827
Windows TCP/IP Remote Code Execution Vulnerability |
CRITICAL 8.1 | — | Windows TCP/IP Remote Code Execution Vulnerability | |
|
CVE-2026-33826
Windows Active Directory Remote Code Execution Vulnerability |
CRITICAL 8.0 | — | Windows Active Directory Remote Code Execution Vulnerability | |
|
CVE-2026-27912
Windows Kerberos Elevation of Privilege Vulnerability |
HIGH 8.0 | — | Windows Kerberos Elevation of Privilege Vulnerability | |
|
CVE-2026-20930
Windows Management Services Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Management Services Elevation of Privilege Vulnerability | |
|
CVE-2026-26160
Remote Desktop Licensing Service Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Remote Desktop Licensing Service Elevation of Privilege Vulnerability | |
|
CVE-2026-26161
Windows Sensor Data Service Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Sensor Data Service Elevation of Privilege Vulnerability | |
|
CVE-2026-26162
Windows OLE Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows OLE Elevation of Privilege Vulnerability | |
|
CVE-2026-26179
Windows Kernel Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Kernel Elevation of Privilege Vulnerability | |
|
CVE-2026-26180
Windows Kernel Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Kernel Elevation of Privilege Vulnerability | |
|
CVE-2026-26181
Microsoft Brokering File System Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Microsoft Brokering File System Elevation of Privilege Vulnerability | |
|
CVE-2026-26183
Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability | |
|
CVE-2026-27907
Windows Storage Spaces Controller Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Storage Spaces Controller Elevation of Privilege Vulnerability | |
|
CVE-2026-27915
Windows UPnP Device Host Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows UPnP Device Host Elevation of Privilege Vulnerability | |
|
CVE-2026-27918
Windows Shell Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Shell Elevation of Privilege Vulnerability | |
|
CVE-2026-27919
Windows UPnP Device Host Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows UPnP Device Host Elevation of Privilege Vulnerability | |
|
CVE-2026-27924
Desktop Window Manager Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Desktop Window Manager Elevation of Privilege Vulnerability | |
|
CVE-2026-27927
Windows Projected File System Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Projected File System Elevation of Privilege Vulnerability | |
|
CVE-2026-32089
Windows Speech Brokered Api Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Speech Brokered Api Elevation of Privilege Vulnerability | |
|
CVE-2026-32090
Windows Speech Brokered Api Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Speech Brokered Api Elevation of Privilege Vulnerability | |
|
CVE-2026-32152
Desktop Window Manager Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Desktop Window Manager Elevation of Privilege Vulnerability | |
|
CVE-2026-32154
Desktop Window Manager Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Desktop Window Manager Elevation of Privilege Vulnerability | |
|
CVE-2026-32158
Windows Push Notifications Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Push Notifications Elevation of Privilege Vulnerability | |
|
CVE-2026-32159
Windows Push Notifications Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Push Notifications Elevation of Privilege Vulnerability | |
|
CVE-2026-32160
Windows Push Notifications Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Push Notifications Elevation of Privilege Vulnerability | |
|
CVE-2026-32165
Windows User Interface Core Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows User Interface Core Elevation of Privilege Vulnerability | |
|
CVE-2026-33098
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-26153
Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability | |
|
CVE-2026-26156
Windows Hyper-V Remote Code Execution Vulnerability |
HIGH 7.8 | — | Windows Hyper-V Remote Code Execution Vulnerability | |
|
CVE-2026-26159
Remote Desktop Licensing Service Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Remote Desktop Licensing Service Elevation of Privilege Vulnerability | |
|
CVE-2026-26163
Windows Kernel Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Kernel Elevation of Privilege Vulnerability | |
|
CVE-2026-26170
PowerShell Elevation of Privilege Vulnerability |
HIGH 7.8 | — | PowerShell Elevation of Privilege Vulnerability | |
|
CVE-2026-26172
Windows Push Notifications Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Push Notifications Elevation of Privilege Vulnerability | |
|
CVE-2026-26176
Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability | |
|
CVE-2026-26184
Windows Projected File System Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Projected File System Elevation of Privilege Vulnerability | |
|
CVE-2026-27909
Windows Search Service Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Search Service Elevation of Privilege Vulnerability | |
|
CVE-2026-27910
Windows Installer Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Installer Elevation of Privilege Vulnerability | |
|
CVE-2026-27911
Windows User Interface Core Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows User Interface Core Elevation of Privilege Vulnerability | |
|
CVE-2026-27914
Microsoft Management Console Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Microsoft Management Console Elevation of Privilege Vulnerability | |
|
CVE-2026-27916
Windows UPnP Device Host Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows UPnP Device Host Elevation of Privilege Vulnerability | |
|
CVE-2026-27920
Windows UPnP Device Host Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows UPnP Device Host Elevation of Privilege Vulnerability | |
|
CVE-2026-27923
Desktop Window Manager Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Desktop Window Manager Elevation of Privilege Vulnerability | |
|
CVE-2026-32069
Windows Projected File System Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Projected File System Elevation of Privilege Vulnerability | |
|
CVE-2026-32074
Windows Projected File System Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Projected File System Elevation of Privilege Vulnerability | |
|
CVE-2026-32076
Windows Storage Spaces Controller Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Storage Spaces Controller Elevation of Privilege Vulnerability | |
|
CVE-2026-32077
Windows UPnP Device Host Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows UPnP Device Host Elevation of Privilege Vulnerability | |
|
CVE-2026-32155
Desktop Window Manager Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Desktop Window Manager Elevation of Privilege Vulnerability | |
|
CVE-2026-32163
Windows User Interface Core Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows User Interface Core Elevation of Privilege Vulnerability | |
|
CVE-2026-32164
Windows User Interface Core Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows User Interface Core Elevation of Privilege Vulnerability | |
|
CVE-2026-33101
Windows Print Spooler Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Print Spooler Elevation of Privilege Vulnerability | |
|
CVE-2026-32078
Windows Projected File System Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Projected File System Elevation of Privilege Vulnerability | |
|
CVE-2026-32183
Windows Snipping Tool Remote Code Execution Vulnerability |
HIGH 7.8 | — | Windows Snipping Tool Remote Code Execution Vulnerability | |
|
CVE-2026-26168
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-27913
Windows BitLocker Security Feature Bypass Vulnerability |
HIGH 7.7 | — | Windows BitLocker Security Feature Bypass Vulnerability | |
|
CVE-2026-26154
Windows Server Update Service (WSUS) Tampering Vulnerability |
HIGH 7.5 | — | Windows Server Update Service (WSUS) Tampering Vulnerability | |
|
CVE-2026-32071
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
HIGH 7.5 | — | Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | |
|
CVE-2026-33096
HTTP.sys Denial of Service Vulnerability |
HIGH 7.5 | — | HTTP.sys Denial of Service Vulnerability | |
|
CVE-2026-32156
Windows UPnP Device Host Remote Code Execution Vulnerability |
HIGH 7.4 | — | Windows UPnP Device Host Remote Code Execution Vulnerability | |
|
CVE-2026-32149
Windows Hyper-V Remote Code Execution Vulnerability |
HIGH 7.3 | — | Windows Hyper-V Remote Code Execution Vulnerability | |
|
CVE-2026-26151
Remote Desktop Spoofing Vulnerability |
HIGH 7.1 | — | Remote Desktop Spoofing Vulnerability | |
|
CVE-2025-65018
LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` |
HIGH 7.1 | — | LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` | |
|
CVE-2025-64720
LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication |
HIGH 7.1 | — | LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication | |
|
CVE-2026-25184
Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability | |
|
CVE-2026-26165
Windows Shell Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Shell Elevation of Privilege Vulnerability | |
|
CVE-2026-26166
Windows Shell Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Shell Elevation of Privilege Vulnerability | |
|
CVE-2026-26174
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | |
|
CVE-2026-27908
Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability | |
|
CVE-2026-27917
Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability | |
|
CVE-2026-27921
Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability | |
|
CVE-2026-27926
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-27929
Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-32073
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-32075
Windows UPnP Device Host Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows UPnP Device Host Elevation of Privilege Vulnerability | |
|
CVE-2026-32082
Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability | |
|
CVE-2026-32083
Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability | |
|
CVE-2026-32087
Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability | |
|
CVE-2026-32093
Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability | |
|
CVE-2026-26152
Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | |
|
CVE-2026-26173
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-26177
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-26182
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-27922
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-32068
Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability | |
|
CVE-2026-32070
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Common Log File System Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-32080
Windows WalletService Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows WalletService Elevation of Privilege Vulnerability | |
|
CVE-2026-32086
Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability | |
|
CVE-2026-32150
Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability | |
|
CVE-2026-33099
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-33100
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-33104
Win32k Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Win32k Elevation of Privilege Vulnerability | |
|
CVE-2026-26155
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability |
HIGH 6.5 | — | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | |
|
CVE-2026-27925
Windows UPnP Device Host Information Disclosure Vulnerability |
HIGH 6.5 | — | Windows UPnP Device Host Information Disclosure Vulnerability | |
|
CVE-2026-32151
Windows Shell Information Disclosure Vulnerability |
HIGH 6.5 | — | Windows Shell Information Disclosure Vulnerability | |
|
CVE-2026-32072
Active Directory Spoofing Vulnerability |
HIGH 6.2 | — | Active Directory Spoofing Vulnerability | |
|
CVE-2026-26169
Windows Kernel Memory Information Disclosure Vulnerability |
HIGH 6.1 | — | Windows Kernel Memory Information Disclosure Vulnerability | |
|
CVE-2026-32088
Windows Biometric Service Security Feature Bypass Vulnerability |
HIGH 6.1 | — | Windows Biometric Service Security Feature Bypass Vulnerability | |
|
CVE-2026-25250
MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix |
HIGH 6.0 | — | MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix | |
|
CVE-2026-23670
Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability |
HIGH 5.7 | — | Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | |
|
CVE-2026-27931
Windows GDI Information Disclosure Vulnerability |
HIGH 5.5 | — | Windows GDI Information Disclosure Vulnerability | |
|
CVE-2026-32081
Package Catalog Information Disclosure Vulnerability |
HIGH 5.5 | — | Package Catalog Information Disclosure Vulnerability | |
|
CVE-2026-32085
Remote Procedure Call Information Disclosure Vulnerability |
HIGH 5.5 | — | Remote Procedure Call Information Disclosure Vulnerability | |
|
CVE-2026-32181
Connected User Experiences and Telemetry Service Denial of Service Vulnerability |
HIGH 5.5 | — | Connected User Experiences and Telemetry Service Denial of Service Vulnerability | |
|
CVE-2026-32215
Windows Kernel Information Disclosure Vulnerability |
HIGH 5.5 | — | Windows Kernel Information Disclosure Vulnerability | |
|
CVE-2026-32217
Windows Kernel Information Disclosure Vulnerability |
HIGH 5.5 | — | Windows Kernel Information Disclosure Vulnerability | |
|
CVE-2026-32218
Windows Kernel Information Disclosure Vulnerability |
HIGH 5.5 | — | Windows Kernel Information Disclosure Vulnerability | |
|
CVE-2026-32212
Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability |
HIGH 5.5 | — | Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability | |
|
CVE-2026-20806
Windows COM Server Information Disclosure Vulnerability |
HIGH 5.5 | — | Windows COM Server Information Disclosure Vulnerability | |
|
CVE-2026-27930
Windows GDI Information Disclosure Vulnerability |
HIGH 5.5 | — | Windows GDI Information Disclosure Vulnerability | |
|
CVE-2026-32079
Web Account Manager Information Disclosure Vulnerability |
HIGH 5.5 | — | Web Account Manager Information Disclosure Vulnerability | |
|
CVE-2026-32084
Windows Print Spooler Information Disclosure Vulnerability |
HIGH 5.5 | — | Windows Print Spooler Information Disclosure Vulnerability | |
|
CVE-2026-32214
Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability |
HIGH 5.5 | — | Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability | |
|
CVE-2026-26175
Windows Boot Manager Security Feature Bypass Vulnerability |
HIGH 4.6 | — | Windows Boot Manager Security Feature Bypass Vulnerability | |
|
CVE-2026-20928
Windows Recovery Environment Security Feature Bypass Vulnerability |
HIGH 4.6 | — | Windows Recovery Environment Security Feature Bypass Vulnerability | |
|
CVE-2026-33829
Windows Snipping Tool Spoofing Vulnerability |
MEDIUM 4.3 | — | Windows Snipping Tool Spoofing Vulnerability |