Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

895 matches found

Microsoft CVE
Microsoft CVEadded 2026/04/23 2:0 p.m.2 views

Microsoft Partner Center Elevation of Privilege Vulnerability

Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network...

9.6CVSS5.8AI score0.00063EPSS
Exploits0
CNVD
CNVDadded 2026/04/21 12:0 a.m.4 views

Microsoft PowerShell Elevation of Privilege Vulnerability

Microsoft PowerShell is a Microsoft-developed cross-platform task automation solution that includes a command-line shell, scripting language, and configuration management framework. An elevation of privilege vulnerability exists in Microsoft PowerShell, which is caused by incorrect input validati...

7.8CVSS5.8AI score0.00086EPSS
Exploits0
CNVD
CNVDadded 2026/04/21 12:0 a.m.3 views

Microsoft Windows Shell Elevation of Privilege Vulnerability

The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. An elevation of privilege...

7CVSS5.8AI score0.00052EPSS
Exploits0
EUVD
EUVDadded 2026/04/16 9:31 a.m.1 views

EUVD-2026-23217

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.3CVSS5.8AI score0.00006EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/16 12:0 a.m.1 views

PT-2026-33299

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.3CVSS5.8AI score0.00006EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/14 6:30 p.m.0 views

EUVD-2026-22390

Double free in Windows Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00057EPSS
Exploits0References2
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.1 views

Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00057EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.1 views

Windows UPnP Device Host Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00057EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.1 views

Windows Kernel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS6.5AI score0.00057EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.2 views

Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS6.4AI score0.00047EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.4 views

Microsoft Brokering File System Elevation of Privilege Vulnerability

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00051EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.2 views

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Function Discovery Service fdwsd.dll allows an authorized attacker to elevate privileges locally...

7CVSS6.4AI score0.00047EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.3 views

Windows Speech Runtime Elevation of Privilege Vulnerability

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00051EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.1 views

Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

7.8CVSS6.3AI score0.00057EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/14 12:0 a.m.0 views

PT-2026-32758

Name of the Vulnerable Software and Affected Versions Microsoft Brokering File System affected versions not specified Description A use after free issue in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. Use after free is a memory corruption flaw that...

7.8CVSS6.1AI score0.00051EPSS
Exploits0References5
CVE
CVEadded 2026/04/01 12:18 p.m.3 views

CVE-2026-22768

Dell AppSync, version 4.6.0, contains an Incorrect Permission Assignment for a Critical Resource vulnerability. A low-privileged attacker with local access could exploit this to achieve Elevation of Privileges. CVSS v3.1 indicates Local attack vector, Low attack complexity, Privileges Required: L...

7.3CVSS5.9AI score0.00005EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2026/03/20 3:31 p.m.3 views

EUVD-2026-13704

OpenClaw versions prior to 2026.3.12 contain an authorization bypass vulnerability in the WebSocket connect path that allows shared-token or password-authenticated connections to self-declare elevated scopes without server-side binding. Attackers can exploit this logic flaw to present unauthorize...

9.9CVSS5.8AI score0.00021EPSS
Exploits0References3
CVE
CVEadded 2026/03/16 5:28 p.m.6 views

CVE-2026-23862

CVE-2026-23862 affects Dell ThinOS 10 versions prior to ThinOS 2602_10.0573. The vulnerability is an Improper Neutralization of Special Elements in a Command (command injection) that could be exploited by a low-privileged local attacker to achieve Elevation of Privileges. The impact is high for c...

7.8CVSS5.8AI score0.00084EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/03/16 5:28 p.m.20 views

CVE-2026-23862

Dell ThinOS 10 versions prior to ThinOS 260210.0573, contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

7.8CVSS0.00084EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/16 12:0 a.m.2 views

PT-2026-25788

Dell ThinOS 10 versions prior to ThinOS 2602 10.0573, contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

7.8CVSS5.8AI score0.00084EPSS
Exploits0References2
Rows per page
Query Builder