127 matches found
CVE-2026-57095
Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an unauthorized attacker to elevate privileges locally...
CVE-2026-50489
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-54986
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-54112
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-54107
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-50325
Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-50297
Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-49805
Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally...
CVE-2026-50687 Windows Win32k Elevation of Privilege Vulnerability
...
CVE-2026-50670
CVE-2026-50670 is a Windows Win32k elevation-of-privilege vulnerability caused by an out-of-bounds read in the Windows kernel. Connected sources confirm local privilege escalation potential and indicate Microsoft has released updates (e.g., KB5099538/KB5099540; MSRC guidance) addressing this issu...
CVE-2026-50416
CVE-2026-50416 is a Win32K information disclosure vulnerability in Windows. The issue allows local disclosure of sensitive data to an attacker with local access (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N, Base score 3.3). Microsoft has released updates to address this vulnerability; apply th...
CVE-2026-50325
Technical details (affected versions, root cause, remediation) are not provided in the supplied documents; monitor for updates.
CVE-2026-49805
CVE-2026-49805 concerns Windows: an improper access control in the Win32K subsystem could allow a locally authenticated attacker to elevate privileges. Affected software is described as Windows Win32K; the root cause cited is access-control issues within that component. The documents provide the ...
CVE-2026-54114
CVE-2026-54114 is a Windows Win32K use-after-free that enables a local privilege elevation for an authenticated user. The vulnerability affects Win32k functionality (Win32k.sys context) and is triggered by an improper handling of freed objects, allowing an attacker to escalate to SYSTEM level on ...
CVE-2026-54112
CVE-2026-54112 affects Windows Win32K. The issue is a race condition caused by concurrent execution on a shared resource due to improper synchronization, enabling a locally authenticated user to elevate privileges. The base score is 7.8 (HIGH) with LOCAL attack vector, requiring LOW privileges an...
CVE-2026-54112 Windows Win32k Elevation of Privilege Vulnerability
...
CVE-2026-54986
NVD reports CVE-2026-54986 as a heap-based buffer overflow in Windows Win32K that enables a locally authenticated attacker to perform privilege escalation. Affected component is Windows Win32K; root cause described as heap overflow within that subsystem. The available sources do not specify vulne...
CVE-2026-54107
The CVE-2026-54107 entry documents a race condition caused by improper synchronization in Windows Win32K, enabling a locally authenticated attacker to achieve privilege escalation. Affected software/component: Windows Win32K. Root cause: concurrent execution with shared resource lacking proper sy...
CVE-2026-54107 Windows Win32k Elevation of Privilege Vulnerability
...
Windows Win32k Elevation of Privilege Vulnerability
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally...