Lucene search
K

547 matches found

Cvelist
Cvelist
added yesterday13 views

CVE-2026-50444 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

...

8.8CVSS
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-58319

Name of the Vulnerable Software and Affected Versions Windows Server Update Service affected versions not specified Description An uncaught exception in the Windows Server Update Service allows an unauthorized attacker to perform tampering over a network. Recommendations Deploy the July 14 update...

7.5CVSS6.1AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/15 7:23 p.m.8 views

CVE-2026-26154

Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...

7.5CVSS5.8AI score0.01064EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/14 6:30 p.m.8 views

EUVD-2026-22612

Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...

7CVSS5.7AI score0.00244EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 6:30 p.m.8 views

EUVD-2026-22376

Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...

7.5CVSS5.8AI score0.01064EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 6:17 p.m.7 views

CVE-2026-32224

Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...

7CVSS0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/14 4:57 p.m.27 views

CVE-2026-32224 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

...

7CVSS0.00244EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 4:57 p.m.4 views

CVE-2026-32224 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

...

7CVSS6.2AI score0.00244EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 4:57 p.m.57 views

CVE-2026-26174

CVE-2026-26174 is a race-condition vulnerability in Windows Server Update Services (WSUS) that enables a locally authenticated attacker to achieve elevation of privileges. The issue is described as concurrent execution using a shared resource with improper synchronization. Multiple connected docu...

7CVSS5.9AI score0.00186EPSS
Exploits0References1Affected Software14
GithubExploit
GithubExploit
added 2026/03/09 7:43 a.m.262 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-59287 — WSUS Unauthenticated RCE Purple team exercis...

9.8CVSS7.9AI score0.99962EPSS
Exploits24
Microsoft KB
Microsoft KB
added 2026/01/17 12:0 a.m.18 views

January 17, 2026—KB5077792 (OS Build 25398.2096) Out-of-band

None None...

9.8CVSS7.1AI score0.99962EPSS
Exploits24
CVE
CVE
added 2026/01/13 5:56 p.m.78 views

CVE-2026-20856

CVE-2026-20856 is a Windows Server Update Services (WSUS) remote code execution vulnerability caused by improper input validation. Exploitation is possible over a network with no user interaction; CVSSv3.1 base score 8.1 (High). Public references note this is addressed by January 2026 security up...

8.1CVSS7AI score0.01075EPSS
Exploits0References1Affected Software13
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.18 views

PT-2026-2701

Name of the Vulnerable Software and Affected Versions Windows Server Update Service affected versions not specified Description A flaw in input validation within Windows Server Update Service could allow a remote attacker to execute code on the network. This could lead to arbitrary code execution...

8.1CVSS7.6AI score0.01075EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/01/02 5:21 p.m.222 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-59287 ⚠ This tool is created solely for educatio...

9.8CVSS8.6AI score0.99962EPSS
Exploits24
GithubExploit
GithubExploit
added 2025/11/02 1:56 p.m.184 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-59287 ⚠ This tool is created solely for education...

9.8CVSS8.6AI score0.99962EPSS
Exploits24
GithubExploit
GithubExploit
added 2025/10/28 7:56 p.m.304 views

Exploit for Deserialization of Untrusted Data in Microsoft

🚨 ALERTA CRÍTICA DE CIBERSEGURIDAD: RCE en WSUS CVE-2025-5928...

9.8CVSS9.8AI score0.99962EPSS
Exploits24
GithubExploit
GithubExploit
added 2025/10/25 2:30 a.m.295 views

Exploit for CVE-2025-59287

In this study, we will examine a critical vulnerability CVE-202...

9.8CVSS8.2AI score0.99962EPSS
Exploits24
Packet Storm
Packet Storm
added 2025/10/20 12:0 a.m.222 views

📄 Microsoft Windows Server Update Services Remote Code Execution

This is a proof of concept exploit for Microsoft Windows Server Update Services that leverages an unsafe deserialization of untrusted data in WSUS's AuthorizationCookie handling. This file demonstrates payload generation in C. using System; using System.IO; using System.Security.Cryptography; usi...

9.8CVSS6.9AI score0.99962EPSS
Exploits24
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.8 views

CVE-2025-59287

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network...

9.8CVSS7.3AI score0.99962EPSS
Exploits24References1
EUVD
EUVD
added 2025/10/14 6:30 p.m.9 views

EUVD-2025-34268

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network...

9.8CVSS9.2AI score0.99962EPSS
Exploits24References2
Rows per page
Query Builder