433 matches found
CVE-2026-50495
Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally...
CVE-2026-50487
Use after free in Microsoft Windows DNS allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-50465
Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally...
CVE-2026-50295
Improper privilege management in Microsoft Windows DNS allows an authorized attacker to bypass a security feature locally...
CVE-2026-49174
Missing authentication for critical function in Microsoft Windows DNS allows an authorized attacker to perform tampering locally...
CVE-2026-49175
Heap-based buffer overflow in Windows DNS allows an authorized attacker to elevate privileges locally...
CVE-2026-50487
CVE-2026-50487 is a Windows DNS Client elevation-of-privilege vulnerability described as a use-after-free in the Windows DNS component. Exploitation is network-based (no user interaction) with a high impact, enabling privilege escalation on affected systems. The CVE is tracked across multiple sou...
CVE-2026-50465 Windows DNS Client Tampering Vulnerability
...
CVE-2026-50426
CVE-2026-50426 : Windows DNS Server contains a relative path traversal vulnerability that could allow an authorized attacker on an adjacent network to execute code. Root cause is traversal of relative paths in DNS Server handling, enabling remote code execution. Reported impact is arbitrary code ...
CVE-2026-50295
Technical details about CVE-2026-50295 are not publicly provided in the supplied documents. Monitor for updates from official sources.
CVE-2026-49174
CVE-2026-49174 describes a vulnerability in Microsoft Windows DNS where missing authentication for a critical function could allow a locally authorized attacker to tamper with DNS behavior. The NVD entry notes a CVSS v3.1 base score of 6.1 (Medium) with a LOCAL attack vector, LOW attack complexit...
CVE-2026-49175 Windows DNS Client Elevation of Privilege Vulnerability
...
CVE-2026-49169 Windows DNS Server Remote Code Execution Vulnerability
...
Windows DNS Client Tampering Vulnerability
Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally...
Windows DNS Server Remote Code Execution Vulnerability
Relative path traversal in DNS Server allows an authorized attacker to execute code over an adjacent network...
PT-2026-58469
Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS affected versions not specified Description Improper access control in the Windows DNS Client allows an authorized, logged-in attacker to perform local tampering. Recommendations At the moment, there is no information abo...
CVE-2026-41108
Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally...
CVE-2026-41108 Windows DNS Client Elevation of Privilege Vulnerability
...
KB5094122: Windows 10 Version 1607 / Windows Server 2016 Security Update (June 2026)
The remote Windows host is missing security update 5094122. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...
KB5094125: Windows Server 2025 Security Update (June 2026)
The remote Windows host is missing security update 5094125. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...