1573 matches found
CVE-2026-58628
CVE-2026-58628 affects Windows Wireless Networking and is described as a race condition in concurrent access to a shared resource, allowing an authenticated local attacker to elevate privileges. The underlying issue is improper synchronization that leads to elevation of privileges on Windows syst...
CVE-2026-58617
Technical details about CVE-2026-58617 are not publicly available in the provided documents. Monitor for updates from sources (Microsoft, NVD, CIRCL, EUVD, CVE Catalog) for affected components, impact, and fixes.
CVE-2026-58531
CVE-2026-58531 is a Windows SMB elevation-of-privilege vulnerability caused by a race condition in a shared resource. It affects Windows SMB components and enables an authorized attacker to elevate privileges over the network. CVSS v3.1 base score 7.5 (NETWORK, HIGH impact), per Microsoft’s advis...
CVE-2026-58540
CVE-2026-58540 is a Windows Installer elevation-of-privilege vulnerability. The issue arises from improper authorization in Windows Installer, enabling a locally authenticated attacker to gain elevated privileges. CVSSv3.1 metrics (Microsoft-supplied) indicate a local attack vector, low attack co...
CVE-2026-58538
CVE-2026-58538 describes a heap-based buffer overflow in the Windows Bluetooth Service that enables an authorized, local attacker to elevate privileges. The vulnerability is evidenced in multiple sources (NVD/NCSC/CIRCL) with consistent wording: heap-based overflow in the Bluetooth service leads ...
CVE-2026-58277
CVE-2026-58277 is a Microsoft SharePoint elevation-of-privilege vulnerability (Office SharePoint). The entry cites improper authorization that lets an authenticated attacker elevate privileges over the network. CVSS 3.1 base score 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and ...
CVE-2026-57968
The CVE-2026-57968 entry describes a Buffer over-read in Windows Subsystem for Linux (WSL2) that can enable local privilege escalation for an authorized attacker. Connected sources corroborate a kernel-level issue affecting WSL2; the base CVSS vector indicates LOCAL attack, LOW complexity, with H...
CVE-2026-57096
CVE-2026-57096 affects Windows Routing and Remote Access Service (RRAS). The issue is a heap-based buffer overflow in RRAS that allows an authorized attacker to elevate privileges locally. The CVSSv3.1 base score is 7.8 (HIGH). Exploitation details are not provided beyond local privilege escalati...
CVE-2026-56650
CVE-2026-56650 is a Windows Network File System (NFS) vulnerability. A heap-based buffer overflow in NFS allows an authenticated local attacker to escalate privileges. The CVE entry is supported by multiple sources (NVD/MSRC/CIRCL/NCSC) with consistent description and references. Microsoft has re...
CVE-2026-56647
CVE-2026-56647 is a Windows vulnerability in the Windows Remote Access Service Infrastructure where an integer overflow/wraparound can let an authorized attacker elevate privileges over a network. The affected component is the Windows Remote Access Service Infrastructure, and the root cause is an...
CVE-2026-56194
CVE-2026-56194 : Heap-based buffer overflow in Windows Network File System (NFS) can allow an authorized attacker to elevate privileges over a network. Affected component is Windows NFS Server; root cause described as a heap-based overflow in the NFS networking path. The CVE entry indicates privi...
CVE-2026-56173
CVE-2026-56173 is a use-after-free vulnerability in Windows WebView that allows an authorized local attacker to escalate privileges. The issue is tied to the Windows WebView component and is listed with a high impact (local elevation of privileges) in the CVE entry. Connected sources corroborate ...
CVE-2026-50359
CVE-2026-50359 is a Microsoft XML Core Services elevation-of-privilege vulnerability described as a use-after-free issue. The NVD/NCSC/CIRCL entries confirm local privilege escalation for an authorized user. No exploit vectors are provided in the documents. Microsoft has released updates addressi...
CVE-2026-54125
CVE-2026-54125 affects Windows Runtime and describes a race-condition vulnerability in concurrent execution on a shared resource that enables local privilege elevation for an authenticated attacker. The CVE is rated with CVSSv3.1 base metrics: AV Local, AC Low, PR Low, UI None, S unchanged, C/H/I...
CVE-2026-50683 Windows DHCP Client Elevation of Privilege Vulnerability
...
CVE-2026-50680 Windows Hyper-V Elevation of Privilege Vulnerability
...
CVE-2026-50680
CVE-2026-50680 is a heap-based buffer overflow in Windows Hyper-V that enables local privilege escalation by an authorized attacker. The issue affects Hyper-V and is exploitable locally with high privileges required and no user interaction, per the CVE description and details in connected documen...
CVE-2026-54115 Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability
...
CVE-2026-50677
CVE-2026-50677 is a Windows Media use-after-free vulnerability that enables an authorized, local attacker to elevate privileges. Affected: Windows Media components; root cause: use-after-free in the Windows Media stack. Impact: local privilege escalation (CVSS 3.1/3.1 7.8 HIGH). Mitigation: apply...
CVE-2026-50676
CVE-2026-50676 describes a race condition in Windows Media where concurrent access to a shared resource allows an authorized local attacker to elevate privileges. The initial description and multiple connected sources confirm the vulnerability context and the local, privilege-escalation impact. P...