Lucene search
+L

506 matches found

NVD
NVD
added 5 days ago5 views

CVE-2026-50434

Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-50430

Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-50363

Heap-based buffer overflow in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-50339

Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally...

5.5CVSS0.00362EPSS
Exploits0References1
CVE
CVE
added 5 days ago7 views

CVE-2026-50363

CVE-2026-50363 is a Windows Push Notifications elevation-of-privilege vulnerability characterized by a heap-based buffer overflow. An authorized, local attacker could escalate privileges. Microsoft has released updates addressing this (e.g., KB5095051 and MSRC/MSVC advisories) and recommends appl...

7.8CVSS6.1AI score0.00318EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago27 views

CVE-2026-50363 Windows Push Notifications Elevation of Privilege Vulnerability

...

7.8CVSS0.00318EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 5 days ago8 views

CVE-2026-50363 Windows Push Notifications Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.00318EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-44800 Windows Push Notifications Elevation of Privilege Vulnerability

...

7.8CVSS0.00153EPSS
Exploits0References1
CVE
CVE
added 5 days ago9 views

CVE-2026-44800

CVE-2026-44800 concerns a race condition in Windows Push Notifications caused by improper synchronization of a shared resource. This vulnerability enables an authorized, local attacker to achieve privilege elevation. Documented impact is Local, with Confidentiality, Integrity, and Availability al...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References1Affected Software5
Vulnrichment
Vulnrichment
added 5 days ago6 views

CVE-2026-44800 Windows Push Notifications Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 5 days ago5 views

Windows Push Notifications Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00318EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 5 days ago5 views

Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00153EPSS
Exploits0
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-58346

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A heap-based buffer overflow exists in Windows Push Notifications. This flaw allows an authorized attacker to elevate privileges locally. A heap-based buffer overflow occur...

7.8CVSS6.1AI score0.00318EPSS
Exploits0References3
Kaspersky
Kaspersky
added 5 days ago9 views

KLA91153 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface. Below is a complete list of...

7.5AI score
Exploits0References432
Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-58328

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description Windows Push Notifications contain a flaw that allows an authorized attacker to locally disclose sensitive information. This issue results in the exposure of push-notification data to...

5.5CVSS6.1AI score0.00362EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 5 days ago7 views

PT-2026-58126

Name of the Vulnerable Software and Affected Versions Windows Push Notifications affected versions not specified Description A race condition exists in Windows Push Notifications, where concurrent execution using a shared resource with improper synchronization allows an authorized attacker to...

7.8CVSS6.2AI score0.00153EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 9:8 p.m.5 views

CVE-2026-55762

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint REST endpoint enforces authentication authRequired: true but performs no authorization check. Any authenticated user —...

8.1CVSS5.9AI score0.00323EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/24 9:8 p.m.22 views

CVE-2026-55762 Rocket.Chat: Any Authenticated User Can Permanently Deregister Workspace from Rocket.Chat Cloud via Unprotected `/api/v1/fingerprint` Endpoint

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint REST endpoint enforces authentication authRequired: true but performs no authorization check. Any authenticated user —...

8.1CVSS0.00323EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 9:8 p.m.22 views

CVE-2026-55762

Rocket.Chat CVE-2026-55762 concerns an unauthenticated mis-authorization on POST /api/v1/fingerprint. Prior to fixed versions, authenticated users could call the endpoint with {"setDeploymentAs": "new-workspace"} to permanently deregister the workspace from Rocket.Chat Cloud, wiping cloud credent...

8.1CVSS5.9AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 9:8 p.m.4 views

CVE-2026-55762 Rocket.Chat: Any Authenticated User Can Permanently Deregister Workspace from Rocket.Chat Cloud via Unprotected `/api/v1/fingerprint` Endpoint

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, the POST /api/v1/fingerprint REST endpoint enforces authentication authRequired: true but performs no authorization check. Any authenticated user —...

8.1CVSS6AI score0.00323EPSS
Exploits0References3
Rows per page
Query Builder