CVE-2026-48574 Windows Media Remote Code Execution Vulnerability

...

CVE-2026-48574

CVE-2026-48574 is a Windows Media vulnerability described as a heap-based buffer overflow that allows an unauthorized attacker to execute code locally. The cited CVSS 3.1 vector (LOCAL, HIGH impact on confidentiality, integrity, and availability; user interaction required; no privileges required)...

EUVD-2026-35587

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally...

CVE-2026-47643

CVE-2026-47643 affects Azure Stack Edge, where external control of a file name or path can let an unauthenticated attacker execute code over the network. The NVD/CVE records describe the impact as remote code execution with high severity (CVSS v3.1: 9.8, NETWORK attack vector, no user interaction...

EUVD-2026-35579

External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network...

CVE-2026-47643 Azure Stack Edge Remote Code Execution Vulnerability

...

CVE-2026-45635

CVE-2026-45635 affects Windows UPnP Device Host through a use-after-free in upnp.dll, enabling remote code execution over the network. The issue is tied to the Universal Plug and Play component, with impact described as remote, unauthenticated code execution; CVSSv3.1 base score 8.1 (HIGH). Affec...

EUVD-2026-35563

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

CVE-2026-45635 Windows UPnP Device Host Remote Code Execution Vulnerability

...

CVE-2026-45636 Windows NTFS Remote Code Execution Vulnerability

...

CVE-2026-45636

The CVE-2026-45636 entries describe a heap-based buffer overflow in Windows NTFS that can allow an unauthenticated attacker to achieve local code execution. Affected software is Windows NTFS (filesystem driver). The underlying cause is a heap-based overflow; impact is high (CVE metrics show Local...

EUVD-2026-35559

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally...

CVE-2026-45636 Windows NTFS Remote Code Execution Vulnerability

...

EUVD-2026-35556

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

CVE-2026-45599

The CVE-2026-45599 entry describes a use-after-free in Windows’ Universal Plug and Play component (upnp.dll) that enables a remote attacker to execute code over the network via the UPnP Device Host. The vulnerability is rated CVSSv3.1: 8.1 (HIGH) with Network attack vector, no privileges required...

CVE-2026-45463

CVE-2026-45463 describes a heap-based buffer overflow in Microsoft Office that allows an attacker with local access to execute code on the affected system. The sources identify Microsoft Office and classify the flaw as a heap-based overflow with high impact (CVSSv3.1: 8.4, LOCAL access, no user i...

CVE-2026-45463 Microsoft Office Remote Code Execution Vulnerability

...

CVE-2026-45457

CVE-2026-45457 affects Microsoft Word (Office). The vulnerability is a pointer dereference in Word that can allow a local attacker to execute code on the affected system after user interaction. Root cause is an untrusted pointer dereference in Word’s handling of certain content. The CVSS base met...

CVE-2026-45457 Microsoft Word Remote Code Execution Vulnerability

...

CVE-2026-45454

CVE-2026-45454 affects Microsoft Office SharePoint with a path traversal flaw: improper limitation of a pathname to a restricted directory, enabling an authorized attacker to execute code over a network (RCE). The provided sources describe the vulnerability and its impact but do not include expli...