CVE-2026-42974

CVE-2026-42974 affects Windows Performance Monitor. The issue is an Integer underflow (wrap/wraparound) in a component used by Performance Monitor, enabling a remote attacker to execute code over a network. Exploitation details are not provided in the documents; the CVSS base score is 8.1 (Networ...

EUVD-2026-35600

Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-42916

The CVE-2026-42916 entry describes an Integer underflow in the Windows NT OS Kernel that enables local privilege escalation for an authorized attacker. Affected: Windows NT OS Kernel (kernel-level component). Root cause: wrap/underflow during arithmetic in the kernel. Impact: high across confiden...

CVE-2026-42980

The CVE-2026-42980 entry describes an integer underflow (wrap or wraparound) in the Windows NT OS Kernel that allows an authorized, local attacker to elevate privileges. Affected component: Windows NT OS Kernel; root cause: numeric underflow leading to improper bounds/flow control, enabling privi...

EUVD-2026-35598

Integer underflow wrap or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally...

EUVD-2026-35550

Integer overflow or wraparound in Windows Internet wininet.dll allows an authorized attacker to elevate privileges locally...

CVE-2026-45592

CVE-2026-45592 describes an integer overflow/wraparound in Windows Internet (wininet.dll) that enables local privilege escalation for an authorized attacker. The CVSS 3.1 metrics indicate a HIGH impact across confidentiality, integrity, and availability, with a LOCAL attack vector, LOW privileges...

CVE-2026-47288

CVE-2026-47288 affects Windows Kerberos Key Distribution Center (KDC). The vulnerability is an integer overflow/wraparound in the Kerberos code, enabling an authorized attacker on an adjacent network to execute code. The CVE has a CVSSv3.1 score of 7.1 ( HIGH ) with attack vector Adjacent, high i...

CVE-2026-44823

The CVE-2026-44823 entry concerns an integer underflow (wrap or wraparound) in Microsoft Office Excel that could allow an attacker to execute code locally. Affected product: Microsoft Excel within Microsoft Office. The vulnerability is described as enabling local code execution with attack vector...

CVE-2026-44820

CVE-2026-44820 affects Microsoft Excel in Office. An integer underflow (wrap/wraparound) in Excel can allow a local attacker to execute code on the affected host. Exploitation requires local access and user interaction; no remote vector is indicated. The CVSS 3.1 base score is 7.8 (HIGH) with imp...

CVE-2026-44818

CVE-2026-44818 affects Microsoft Excel. A integer underflow (wrap/wraparound) in Excel is described as allowing an unauthorized attacker to execute code locally. The associated CVSS 3.1 vector indicates Local attack vector, high impact on confidentiality, integrity, and availability, with High pr...

CVE-2026-44817

CVE-2026-44817 is an Excel vulnerability: an integer underflow (wrap/wraparound) in Microsoft Excel could allow a local attacker to execute code. Exploitation details in the public metrics show local access with user interaction required and high impact on confidentiality, integrity, and availabi...

CVE-2026-44817

Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2026-45469

CVE-2026-45469 affects Microsoft Excel (Office) and is caused by an integer underflow/wraparound in Excel. The vulnerability can allow a local attacker to execute code on the affected system; the CVSS indicates LOCAL access, required user interaction, and high impact to confidentiality, integrity...

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

CVE-2026-7383

The CVE concerns OpenSSL’s ASN1 mbstring handling (functions ASN1_mbstring_copy() and ASN1_mbstring_ncopy()). A signed integer overflow in sizing the destination buffer for Unicode output can cause a heap buffer overflow, potentially crashing a process or enabling attacker-controlled code executi...

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

CVE-2026-7383

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service

Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion. The version parser converts numeric version components major, minor, patch and numeric...

CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service

Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory exhaustion. The version parser converts numeric version components major, minor, patch and numeric...