CVE-2026-42978 Windows Push Notifications Elevation of Privilege Vulnerability

...

EUVD-2026-35739

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

EUVD-2026-35738

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

CVE-2026-42978 Windows Push Notifications Elevation of Privilege Vulnerability

...

CVE-2026-42977 Windows Push Notifications Elevation of Privilege Vulnerability

...

CVE-2026-42978

CVE-2026-42978: A race condition due to improper synchronization in Windows Push Notifications leads to local privilege escalation for an authorized attacker. The CVSSv3.1 base score is 7.8 (LOCAL, HIGH impact on confidentiality, integrity, and availability) with HIGH attack complexity and LOW pr...

CVE-2026-42977 Windows Push Notifications Elevation of Privilege Vulnerability

...

CVE-2026-42977

CVE-2026-42977 describes a race condition in Windows Push Notifications caused by improper synchronization of a shared resource. This vulnerability enables an authorized, local attacker to elevate privileges. The CVSS 3.1 base score is 7.8 (HIGH) with Local attack vector, high complexity, and req...

CVE-2026-42974 Windows Performance Monitor Remote Code Execution Vulnerability

...

CVE-2026-42981 Windows Performance Monitor Remote Code Execution Vulnerability

...

EUVD-2026-35736

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

CVE-2026-42981 Windows Performance Monitor Remote Code Execution Vulnerability

...

CVE-2026-42974 Windows Performance Monitor Remote Code Execution Vulnerability

...

CVE-2026-42974

CVE-2026-42974 affects Windows Performance Monitor. The issue is an Integer underflow (wrap/wraparound) in a component used by Performance Monitor, enabling a remote attacker to execute code over a network. Exploitation details are not provided in the documents; the CVSS base score is 8.1 (Networ...

CVE-2026-42981

The provided documents identify CVE-2026-42981 as a Windows Performance Monitor remote code execution vulnerability caused by an integer underflow (wrap/wraparound). The issue is exploitable over the network without user interaction and with no privileges required (AV:N/PR:N/UI:N), as indicated b...

EUVD-2026-35735

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

CVE-2026-42973 Windows Push Notification Information Disclosure Vulnerability

...

CVE-2026-42973 Windows Push Notification Information Disclosure Vulnerability

...

CVE-2026-42984 Windows Kernel Elevation of Privilege Vulnerability

...

EUVD-2026-35734

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...