Windows · Build corrective
10.0.19045.7417
Advisory MSRC147 CVE corrigées par cette build, déployée sur 1 SKU Windows.
- Publiée le
- 2026-06-09
- SKU couvertes
- 1
- CVE corrigées
- 147
SKU Windows couvertes par cette build
Les SKU ci-dessous partagent ce numéro de build MSRC. Pousser la KB correspondante les sécurise toutes simultanément.
- KEV CISA
- 0
- Critique
- 8
- Élevé
- 119
- En attente NVD
- 0
CVE corrigées par cette build
| CVE | Sévérité | KEV | Publié | Description |
|---|---|---|---|---|
|
CVE-2026-47291
Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. |
CRITICAL 9.8 | — | Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-44815
Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network. |
CRITICAL 9.8 | — | Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-42904
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent net… |
CRITICAL 9.6 | — | Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network. | |
|
CVE-2026-45602
No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network. |
CRITICAL 9.1 | — | No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network. | |
|
CVE-2025-10263
Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X… |
CRITICAL 9.1 | — | Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C… | |
|
CVE-2026-47653
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 8.8 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-47289
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 8.8 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-42985
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 8.8 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-34329
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
HIGH 8.8 | — | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |
|
CVE-2026-40403
Windows Graphics Component Remote Code Execution Vulnerability |
CRITICAL 8.8 | — | Windows Graphics Component Remote Code Execution Vulnerability | |
|
CVE-2026-45641
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. |
HIGH 8.4 | — | Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. | |
|
CVE-2026-45607
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. |
HIGH 8.4 | — | Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. | |
|
CVE-2026-45635
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. |
HIGH 8.1 | — | Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-45599
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. |
HIGH 8.1 | — | Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-40415
Windows TCP/IP Remote Code Execution Vulnerability |
HIGH 8.1 | — | Windows TCP/IP Remote Code Execution Vulnerability | |
|
CVE-2026-48575
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
HIGH 7.9 | — | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-48576
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
HIGH 7.9 | — | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-48578
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
HIGH 7.9 | — | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-48568
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
HIGH 7.9 | — | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-48570
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
HIGH 7.9 | — | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-48573
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
HIGH 7.9 | — | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-47656
Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally. |
HIGH 7.9 | — | Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-45588
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. |
HIGH 7.9 | — | Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-8863
Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative pr… |
HIGH 7.8 | — | Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the bo… | |
|
CVE-2026-48583
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-48574
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. |
HIGH 7.8 | — | Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. | |
|
CVE-2026-45658
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a p… |
HIGH 7.8 | — | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | |
|
CVE-2026-45656
Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally. |
HIGH 7.8 | — | Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally. | |
|
CVE-2026-45636
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. |
HIGH 7.8 | — | Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | |
|
CVE-2026-45638
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loc… |
HIGH 7.8 | — | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45637
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45605
Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45592
Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges lo… |
HIGH 7.8 | — | Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45593
Use after free in Windows SDK allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Windows SDK allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45586
Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an… |
HIGH 7.8 | — | Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileg… | |
|
CVE-2026-45487
Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attac… |
HIGH 7.8 | — | Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-44812
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. |
HIGH 7.8 | — | Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | |
|
CVE-2026-44802
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-44803
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. |
HIGH 7.8 | — | Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | |
|
CVE-2026-42991
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notificatio… |
HIGH 7.8 | — | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elev… | |
|
CVE-2026-42989
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate pri… |
HIGH 7.8 | — | Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42986
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42983
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42980
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges loca… |
HIGH 7.8 | — | Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42978
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notificatio… |
HIGH 7.8 | — | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elev… | |
|
CVE-2026-42977
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notificatio… |
HIGH 7.8 | — | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elev… | |
|
CVE-2026-42979
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notificatio… |
HIGH 7.8 | — | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elev… | |
|
CVE-2026-42916
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges loca… |
HIGH 7.8 | — | Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42905
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42837
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges loc… |
HIGH 7.8 | — | Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42828
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges loc… |
HIGH 7.8 | — | Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-40409
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | |
|
CVE-2026-40404
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | |
|
CVE-2026-41092
Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-33828
Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-41088
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows a… |
HIGH 7.8 | — | Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privile… | |
|
CVE-2026-40399
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an… |
HIGH 7.8 | — | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileg… | |
|
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges… |
HIGH 7.8 | — | Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-35417
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-34336
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
HIGH 7.8 | — | Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-34330
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX al… |
HIGH 7.8 | — | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate p… | |
|
CVE-2026-33834
Windows Event Logging Service Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Event Logging Service Elevation of Privilege Vulnerability | |
|
CVE-2026-33841
Windows Kernel Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Kernel Elevation of Privilege Vulnerability | |
|
CVE-2026-34333
Windows Win32k Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Win32k Elevation of Privilege Vulnerability | |
|
CVE-2026-34343
Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability | |
|
CVE-2026-34344
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |
|
CVE-2026-34351
Windows TCP/IP Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows TCP/IP Elevation of Privilege Vulnerability | |
|
CVE-2026-35415
Windows Storage Spaces Controller Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Storage Spaces Controller Elevation of Privilege Vulnerability | |
|
CVE-2026-35418
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-35421
Windows GDI Remote Code Execution Vulnerability |
CRITICAL 7.8 | — | Windows GDI Remote Code Execution Vulnerability | |
|
CVE-2026-40377
Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | |
|
CVE-2026-40407
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Common Log File System Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-40408
Windows WAN ARP Driver Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows WAN ARP Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-33835
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-33837
Windows TCP/IP Local Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows TCP/IP Local Elevation of Privilege Vulnerability | |
|
CVE-2026-33838
Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability | |
|
CVE-2026-34334
Windows TCP/IP Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows TCP/IP Elevation of Privilege Vulnerability | |
|
CVE-2026-34337
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |
|
CVE-2026-34338
Windows Telephony Service Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Telephony Service Elevation of Privilege Vulnerability | |
|
CVE-2026-40382
Windows Telephony Service Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Telephony Service Elevation of Privilege Vulnerability | |
|
CVE-2026-40398
Windows Remote Desktop Services Elevation of Privilege Vulnerability |
HIGH 7.8 | — | Windows Remote Desktop Services Elevation of Privilege Vulnerability | |
|
CVE-2026-49160
Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network. |
HIGH 7.5 | — | Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network. | |
|
CVE-2026-48563
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 7.5 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-45639
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. |
HIGH 7.5 | — | Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. | |
|
CVE-2026-42992
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 7.5 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-44799
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 7.5 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-44801
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 7.5 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-42993
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 7.5 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-42908
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. |
HIGH 7.5 | — | Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. | |
|
CVE-2026-42909
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
HIGH 7.5 | — | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | |
|
CVE-2026-35424
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability |
HIGH 7.5 | — | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | |
|
CVE-2026-40406
Windows TCP/IP Information Disclosure Vulnerability |
HIGH 7.5 | — | Windows TCP/IP Information Disclosure Vulnerability | |
|
CVE-2026-32161
Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability |
CRITICAL 7.5 | — | Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability | |
|
CVE-2026-40414
Windows TCP/IP Denial of Service Vulnerability |
HIGH 7.4 | — | Windows TCP/IP Denial of Service Vulnerability | |
|
CVE-2026-40413
Windows TCP/IP Denial of Service Vulnerability |
HIGH 7.4 | — | Windows TCP/IP Denial of Service Vulnerability | |
|
CVE-2026-40401
Windows TCP/IP Denial of Service Vulnerability |
HIGH 7.1 | — | Windows TCP/IP Denial of Service Vulnerability | |
|
CVE-2026-47648
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. |
HIGH 7.0 | — | Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45653
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
HIGH 7.0 | — | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45640
Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. |
HIGH 7.0 | — | Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45601
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loc… |
HIGH 7.0 | — | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45598
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loc… |
HIGH 7.0 | — | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45603
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loc… |
HIGH 7.0 | — | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-45596
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loc… |
HIGH 7.0 | — | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42984
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
HIGH 7.0 | — | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42911
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loc… |
HIGH 7.0 | — | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-42912
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Servic… |
HIGH 7.0 | — | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to eleva… | |
|
CVE-2026-42836
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Servi… |
HIGH 7.0 | — | Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized atta… | |
|
CVE-2026-41108
Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally. |
HIGH 7.0 | — | Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-34335
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loc… |
HIGH 7.0 | — | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-35416
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows a… |
HIGH 7.0 | — | Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privile… | |
|
CVE-2026-34345
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows a… |
HIGH 7.0 | — | Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privile… | |
|
CVE-2026-33839
Win32k Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Win32k Elevation of Privilege Vulnerability | |
|
CVE-2026-34331
Win32k Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Win32k Elevation of Privilege Vulnerability | |
|
CVE-2026-34342
Windows Print Spooler Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Print Spooler Elevation of Privilege Vulnerability | |
|
CVE-2026-34347
Windows Win32k Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Win32k Elevation of Privilege Vulnerability | |
|
CVE-2026-40410
Windows SMB Client Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows SMB Client Elevation of Privilege Vulnerability | |
|
CVE-2026-42825
Windows Telephony Service Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Telephony Service Elevation of Privilege Vulnerability | |
|
CVE-2026-34340
Windows Projected File System Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Projected File System Elevation of Privilege Vulnerability | |
|
CVE-2026-34341
Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability |
HIGH 7.0 | — | Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability | |
|
CVE-2026-50507
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a p… |
MEDIUM 6.8 | — | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | |
|
CVE-2026-45608
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally. |
MEDIUM 6.8 | — | Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally. | |
|
CVE-2026-32170
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally. |
MEDIUM 6.7 | — | Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally. | |
|
CVE-2026-21530
Windows Rich Text Edit Elevation of Privilege Vulnerability |
HIGH 6.7 | — | Windows Rich Text Edit Elevation of Privilege Vulnerability | |
|
CVE-2026-41097
Secure Boot Security Feature Bypass Vulnerability |
HIGH 6.7 | — | Secure Boot Security Feature Bypass Vulnerability | |
|
CVE-2026-42907
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose i… |
MEDIUM 6.5 | — | Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally. | |
|
CVE-2026-42903
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network. |
MEDIUM 6.5 | — | Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network. | |
|
CVE-2026-35422
Windows TCP/IP Driver Security Feature Bypass Vulnerability |
HIGH 6.5 | — | Windows TCP/IP Driver Security Feature Bypass Vulnerability | |
|
CVE-2026-40380
Windows Volume Manager Extension Driver Remote Code Execution Vulnerability |
HIGH 6.2 | — | Windows Volume Manager Extension Driver Remote Code Execution Vulnerability | |
|
CVE-2026-42915
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent n… |
MEDIUM 5.7 | — | Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network. | |
|
CVE-2026-45606
Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally. |
MEDIUM 5.5 | — | Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally. | |
|
CVE-2026-45634
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally. |
MEDIUM 5.5 | — | Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally. | |
|
CVE-2026-45594
Exposure of sensitive information to an unauthorized actor in Windows Application Identity (AppID) Subsystem allows an … |
MEDIUM 5.5 | — | Exposure of sensitive information to an unauthorized actor in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose informat… | |
|
CVE-2026-42973
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information local… |
MEDIUM 5.5 | — | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | |
|
CVE-2026-42968
Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally. |
MEDIUM 5.5 | — | Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally. | |
|
CVE-2026-42972
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose… |
MEDIUM 5.5 | — | Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally. | |
|
CVE-2026-42969
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information local… |
MEDIUM 5.5 | — | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | |
|
CVE-2026-42971
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information local… |
MEDIUM 5.5 | — | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | |
|
CVE-2026-42970
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information local… |
MEDIUM 5.5 | — | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | |
|
CVE-2026-42906
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose i… |
MEDIUM 5.5 | — | Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally. | |
|
CVE-2026-34339
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability |
HIGH 5.5 | — | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | |
|
CVE-2026-45595
Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security fea… |
MEDIUM 5.4 | — | Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network. | |
|
CVE-2026-35423
Windows 11 Telnet Client Information Disclosure Vulnerability |
HIGH 5.4 | — | Windows 11 Telnet Client Information Disclosure Vulnerability | |
|
CVE-2026-45655
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a p… |
MEDIUM 5.3 | — | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | |
|
CVE-2026-42914
Windows Kerberos Denial of Service Vulnerability |
MEDIUM 5.3 | — | Windows Kerberos Denial of Service Vulnerability | |
|
CVE-2026-32209
Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability |
HIGH 4.4 | — | Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability | |
|
CVE-2026-45642
Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an author… |
LOW 3.9 | — | Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a… | |
|
CVE-2025-54518
AMD: CVE-2025-54518 CPU OP Cache Corruption |
HIGH | — | AMD: CVE-2025-54518 CPU OP Cache Corruption |