CVE-2026-48574 Windows Media Remote Code Execution Vulnerability

...

CVE-2026-48574

creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...

CVE-2025-48574

creationtimestamp| type| source ---|---|--- 2026-03-03 08:00:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mg5ch2v6px2c...

CVE-2025-48574

In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48574

In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-48574

creationtimestamp| type| source ---|---|--- 2024-01-06 11:26:14+00:00| seen| https://t.me/ctinow/163911...

CVE-2023-48574

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

CVE-2023-48574

CVE-2023-48574 concerns Adobe Experience Manager (AEM) versions 6.5.18 and earlier. The issue is a stored Cross-Site Scripting (XSS) vulnerability that a low-privileged attacker could exploit by injecting malicious scripts into vulnerable form fields, leading to malicious JavaScript execution in ...