CVE-2026-48565 Windows Narrator Braille Elevation of Privilege Vulnerability

...

CVE-2026-10217

A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/ttsconfig.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The...

CVE-2026-40381 Azure Connected Machine Agent Elevation of Privilege Vulnerability

...

CVE-2026-33837 Windows TCP/IP Local Elevation of Privilege Vulnerability

...

CVE-2026-33837

CVE-2026-33837 is a heap-based buffer overflow in Windows TCP/IP that could allow an authenticated local attacker to elevate privileges. The entry notes a local, low-attack-complexity vector with no user interaction required and HIGH impact to confidentiality, integrity, and availability, yieldin...

CVE-2026-34345

CVE-2026-34345 describes a race condition in the Windows Ancillary Function Driver for WinSock that allows local privilege escalation when a shared resource is improperly synchronized. Connected sources confirm the vulnerability affects Windows components and has been addressed by the May 2026 up...

PT-2026-35508

Dell Alienware Command Center AWCC, versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

PT-2026-33284

A Critical Remote Elevation of Privilege vulnerability CVE-2026-32179 affects MsQuic. Organizations should identify usage and monitor for updates. MsQuic ElevationOfPrivilege infosec https://t.co/NfNpj6XuC3...

CVE-2026-27914 Microsoft Management Console Elevation of Privilege Vulnerability

...

EUVD-2026-21654

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

Koha 安全漏洞

Koha is a library automation management system developed by the Koha organization. There is a security vulnerability in Koha, which stems from improper validation of the displayby parameter in the /cgi-bin/koha/suggestion/suggestion.pl endpoint. This vulnerability could allow users with low...

CVE-2026-26115 SQL Server Elevation of Privilege Vulnerability

...

CVE-2026-25174 Windows Extensible File Allocation Table Elevation of Privilege Vulnerability

...

KB5077473 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: March 10, 2026

KB5077473 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: March 10, 2026 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

CVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege Vulnerability

...

CVE-2026-21236 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

CVE-2026-21242 Windows Subsystem for Linux Elevation of Privilege Vulnerability

...

Oracle Solaris security vulnerabilities

Oracle Solaris is a UNIX operating system developed by Oracle Corporation in the United States. Version 11 of Oracle Solaris contains a security vulnerability. This vulnerability allows high-privilege attackers to attack through login into the infrastructure, potentially leading to unauthorized...

MiracleLinux 8 : krb5-1.18.2-25.el8 (AXEA:2023-6164:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXEA:2023-6164:06 advisory. - Windows Kerberos Elevation of Privilege Vulnerability CVE-2022-37967 Note that Nessus has not tested for this issue but has instead relied only on the...

WordPress Aplazo Payment Gateway plugin missing privileges vulnerability

WordPress Aplazo Payment Gateway plugin is a payment gateway plugin for WooCommerce stores that allows customers to choose "buy now, pay later" payment method at the time of purchase. A lack of privileges vulnerability exists in WordPress Aplazo Payment Gateway plugin, which can be exploited by a...