Vulnerability fixed in Microsoft Developer Tools

Microsoft has fixed a vulnerability in Inbox COM Objects. A malicious party could exploit the vulnerability to execute arbitrary code in the context of the vulnerable application without prior authentication. Inbox Component Object Model COM objects is an architecture for developers to develop...

Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

Microsoft Windows SDK < 10.0.26100.7463 Inbox COM Objects (Global Memory) RCE (January 2026)

The version of Microsoft Windows SDK installed on the remote host is prior to 10.0.26100.7463. It is, therefore, affected by a remote code execution vulnerability: - Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. CVE-2026-21219 Note that Nessus has no...

Microsoft Inbox COM Objects Code Execution Vulnerability

Microsoft Inbox COM Objects is a built-in COM component of the Windows operating system from the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Inbox COM Objects, which can be exploited by an attacker to execute arbitrary code on a system...

CVE-2025-58734

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-59282

Concurrent execution using shared resource with improper synchronization 'race condition' in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58738

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58731

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58732

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58734

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58735

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58730

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58730

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58736 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...

CVE-2025-58733

CVE-2025-58733 corresponds to a use-after-free in Inbox COM Objects on Windows that enables local code execution. Connected sources confirm Inbox COM Objects as the vulnerable component and describe the impact as arbitrary code execution by a local attacker. Public advisories from Microsoft and C...

CVE-2025-58734 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...

CVE-2025-58733 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...

CVE-2025-59282

CVE-2025-59282 affects Inbox COM Objects. The vulnerability is a race condition caused by concurrent access to a shared resource, leading to potential local code execution by an authenticated attacker with local access. The score in public metrics lists a CVSS v3.1 base score of 7.0 (HIGH) with l...

CVE-2025-59282 Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...

CVE-2025-58735 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...