Lucene search
K

1258584 matches found

CVE
CVE
added yesterday6 views

CVE-2026-57968

The CVE-2026-57968 entry describes a Buffer over-read in Windows Subsystem for Linux (WSL2) that can enable local privilege escalation for an authorized attacker. Connected sources corroborate a kernel-level issue affecting WSL2; the base CVSS vector indicates LOCAL attack, LOW complexity, with H...

7.8CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-57096

CVE-2026-57096 affects Windows Routing and Remote Access Service (RRAS). The issue is a heap-based buffer overflow in RRAS that allows an authorized attacker to elevate privileges locally. The CVSSv3.1 base score is 7.8 (HIGH). Exploitation details are not provided beyond local privilege escalati...

7.8CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-57093

CVE-2026-57093 – Windows Ancillary Function Driver for WinSock is a reported use-after-free vulnerability in the WinSock ancillary function driver that can be exploited locally to achieve privilege escalation. The issue affects the specific Windows driver handling WinSock operations; successful e...

7CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday3 views

CVE-2026-57089

CVE-2026-57089 affects the Windows SMB Server Network Transport Driver (srvnet.sys). It is a use-after-free vulnerability in srvnet.sys that could allow an unauthenticated attacker to execute code remotely over a network (remote code execution). The CVSSv3.1 base score is 7.5 (HIGH) with Network ...

7.5CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-57090

CVE-2026-57090 is a heap-based buffer overflow in Microsoft Windows Media Foundation that enables remote code execution by an unauthenticated attacker over a network. The NVD entry lists a high risk (CVSSv3.1: 8.8) with network attack vector and user interaction not required. Public sources in co...

8.8CVSS6.3AI score
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-56648

CVE-2026-56648 is a Windows Network File System (NFS) server vulnerability described as a time-of-check time-of-use (TOCTOU) race condition that could allow an authorized attacker to elevate privileges over the network. Public sources identify the root cause as a TOCTOU race in NFS and classify t...

7.5CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday27 views

CVE-2026-56188

CVE-2026-56188: A race-condition in the Windows Server Network driver (concurrent access to a shared resource) can allow an unauthenticated attacker to execute code over the network. The vulnerability affects the Windows Server Network driver and is described as a remote code execution flaw with ...

9.8CVSS6.3AI score
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-56186

CVE-2026-56186 is a Windows Schannel vulnerability described as an out-of-bounds read that enables an authorized attacker to disclose information over a network. The CVE affects the Windows Schannel security component and is rated with CVSS v3.1 base score 8.1 (High) and NETWORK attack vector wit...

8.1CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-56184

CVE-2026-56184 describes a local information disclosure in Windows Win32K, enabling an authorized attacker to disclose sensitive information locally. The NVD entry notes a medium severity (CVSS v3.1: 5.5) with local access and low attack complexity but high confidentiality impact. Public details ...

5.5CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-56183

CVE-2026-56183 is a use-after-free vulnerability in the Windows MIDI Service Module that permits a locally authenticated attacker to achieve elevation of privileges. Affected component: Windows MIDI Service Module (CVE-2026-56183) with local attack vector and high impact (CVE described as Elevati...

7CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday19 views

CVE-2026-56190

CVE-2026-56190 is a Windows Remote Desktop Protocol vulnerability described as a use of an uninitialized resource in Windows RDP that allows an unauthenticated attacker to execute code over the network. The CVE has a very high severity (CVSSv3.1 base score 9.8, CRITICAL) and is referenced in Micr...

9.8CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-56182

CVE-2026-56182 is a Windows NTFS elevation-of-privilege vulnerability caused by an integer overflow/wraparound in NTFS operations that can be exploited by an authorized local attacker. Public sources in the connected data corroborate the root cause and the affected component is NTFS on Windows. T...

7.8CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-56175

CVE-2026-56175 describes a heap-based buffer overflow in Windows NTFS that allows an authorized, local attacker to elevate privileges. Connected sources (Microsoft MSRC update, NVD, NTFS/CIRCL sightings) confirm the vulnerability is in Windows NTFS, with local-privilege-escalation potential and a...

7.8CVSS6.1AI score
Exploits0References1
Vulnrichment
Vulnrichment
added yesterday3 views

CVE-2026-50359 Microsoft XML Core Services Elevation of Privilege Vulnerability

...

7CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-56156

CVE-2026-56156 is a heap-based buffer overflow in Microsoft Office Excel that enables local code execution. The affected software is Microsoft Office Excel (component of Office). Root cause described as a heap-based buffer overflow allowing an attacker to run code locally; exploitation requires l...

7.8CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday3 views

CVE-2026-55947

CVE-2026-55947 is a Microsoft Excel vulnerability described as a heap-based buffer overflow in Microsoft Office Excel that enables local code execution. Affected product: Microsoft Office Excel (Office suite). Root cause: heap-based buffer overflow in Excel components, leading to arbitrary code e...

7.8CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-55145

CVE-2026-55145 : Outlook Copilot is affected by a command-injection vulnerability due to improper neutralization of special elements in a command. An authorized attacker can tamper over a network, with network access, low privileges, and user interaction required; confidentiality impact is High, ...

6.3CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-55142

Microsoft Word within Office is affected by CVE-2026-55142 due to a numeric truncation error that can disclose information locally. Exploitation is local with required user interaction; the advisory notes a security update from Microsoft as remediation. References to July 2026 Office advisories c...

5.5CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-55140

CVE-2026-55140 is a Microsoft Office remote code execution vulnerability caused by a heap-based buffer overflow in Office components. An unauthorized attacker could exploit this locally to run arbitrary code on a vulnerable system, as described in multiple security sources. Connected documents co...

7.8CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday3 views

CVE-2026-55051

CVE-2026-55051 is a Server-Side Request Forgery (SSRF) vulnerability in Microsoft Office SharePoint that allows an authorized attacker to disclose information over a network. The CVE is documented with CVSS v3.1 base score 6.5 (MEDIUM), network attack vector, low attack complexity, privileges req...

6.5CVSS6.1AI score
Exploits0References1
Rows per page
Query Builder