EUVD-2026-2072

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-2052

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...

EUVD-2026-2103

Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

EUVD-2026-2112

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD-2026-2151

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

EUVD-2026-2147

Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally...

EUVD-2026-2165

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privileges locally...

EUVD-2026-2108

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

EUVD-2026-2106

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD-2026-2140

Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD-2026-2143

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...

EUVD-2026-2130

Heap-based buffer overflow in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

EUVD-2026-2164

Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...

EUVD-2026-2146

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network...

EUVD-2026-2176

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...

EUVD-2026-2212

Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to disclose information locally...

EUVD-2026-2205

Concurrent execution using shared resource with improper synchronization 'race condition' in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to elevate privileges locally...

EUVD-2026-2208

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to disclose information locally...

EUVD-2026-2188

Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally...

EUVD-2026-2194

Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...