331 matches found
CVE-2026-40410
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...
CVE-2026-33682 Streamlit on Windows has Unauthenticated SSRF Vulnerability (NTLM Credential Exposure)
Streamlit is a data oriented application development framework for python. Streamlit Open Source versions prior to 1.54.0 running on Windows hosts have an unauthenticated Server-Side Request Forgery SSRF vulnerability. The vulnerability arises from improper validation of attacker-supplied...
CVE-2026-24294
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally...
Server-side Request Forgery (SSRF)
Overview streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to improper validation of filesystem paths in the ComponentRequestHandler process. An attacker can trigger outbound SMB authentication...
CVE-2026-26128
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally...
CVE-2026-24294
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally...
CVE-2026-26128
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally...
CVE-2026-24294
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally...
PT-2026-24331
Name of the Vulnerable Software and Affected Versions Windows SMB Server affected versions not specified Description An improper authentication mechanism exists in Windows SMB Server. Successful exploitation could allow an attacker to elevate privileges locally. The issue relates to flaws in the...
📄 Windows SMB Client Privilege Escalation
This Metasploit module exploits CVE-2025-33073 in Windows SMB clients through a complex attack chain involving DNS record injection, NTLM relay attacks, and RPC coercion. The vulnerability allows privilege escalation and remote code execution on affected Windows systems including Windows 11,...
CVE-2026-20919
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-20934
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-20926
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-20848
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-20848 Windows SMB Server Elevation of Privilege Vulnerability
...
CVE-2026-20934
Technical details about CVE-2026-20934 are not publicly provided in the supplied connected documents. Monitor for updates from Microsoft and security advisories.
CVE-2026-20927
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to deny service over a network...
CVE-2026-20927
CVE-2026-20927 affects Windows SMB Server and is described as a race-condition in a shared resource that can allow an authorized attacker to cause a denial of service over the network. The connected Nessus NASL entries list this CVE under Windows SMB Server with a 5.3 base score (Denial-of-Servic...
CVE-2026-20919
CVE-2026-20919 is a race-condition vulnerability in Windows SMB Server that allows an authorized network attacker to elevate privileges. The issue concerns concurrent access to a shared resource without proper synchronization. Public documentation in the connected sources confirms Windows SMB Ser...
CVE-2026-20919
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...