439 matches found
Microsoft - NTLMv2 Hash Capture
Titles: Microsoft - NTLMv2 Hash Capture Author: nu11secur1ty Date: 2026-05-27 Vendor: Microsoft Software: Windows Shell File Explorer Reference: https://nvd.nist.gov/vuln/detail/CVE-2026-32202 Description: A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv...
📄 Windows Shell LNK Spoofing / NTLMv2 Hash Capture
A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv2 hashes without user interaction. By crafting a malicious .lnk shortcut file with a UNC path pointing to an attacker-controlled SMB server, the target's Windows system automatically sends an NTLMv2...
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerabilities are listed below -...
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 CVSS score: 4.3, a spoofing vulnerability that could allow an attacker to...
Microsoft Windows Protection Mechanism Failure Vulnerability
Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network...
Microsoft Windows Shell Security Feature Bypass Vulnerability
The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. A security feature bypass...
Microsoft Windows Shell Elevation of Privilege Vulnerability (CNVD-2026-20175)
The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. An elevation of privilege...
Microsoft Windows Shell Elevation of Privilege Vulnerability (CNVD-2026-20176)
The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. An elevation of privilege...
Microsoft Windows Shell Spoofing Vulnerability
The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. A spoofing vulnerability exists in...
Microsoft Windows Shell Elevation of Privilege Vulnerability
The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. An elevation of privilege...
Microsoft Windows Shell Information Disclosure Vulnerability
The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft USA.Easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. On some versions of Windows, featur...
CVE-2026-32202
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-32151
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network...
CVE-2026-32225
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-27918
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Shell allows an authorized attacker to elevate privileges locally...
CVE-2026-26166
Double free in Windows Shell allows an authorized attacker to elevate privileges locally...
CVE-2026-26165
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally...
EUVD-2026-22613
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...
EUVD-2026-22589
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-22536
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network...