EUVD-2026-2151

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

EUVD-2026-2147

Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally...

EUVD-2026-2165

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privileges locally...

EUVD-2026-2106

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD-2026-2108

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

EUVD-2026-2140

Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD-2026-2143

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally...

EUVD-2026-2130

Heap-based buffer overflow in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

EUVD-2026-2164

Heap-based buffer overflow in Connected Devices Platform Service Cdpsvc allows an authorized attacker to elevate privileges locally...

EUVD-2026-2146

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network...

EUVD-2026-2176

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...

EUVD-2026-2212

Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to disclose information locally...

EUVD-2026-2205

Concurrent execution using shared resource with improper synchronization 'race condition' in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to elevate privileges locally...

EUVD-2026-2208

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to disclose information locally...

EUVD-2026-2188

Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally...

EUVD-2026-2194

Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

EUVD-2026-2197

Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally...

EUVD-2026-2196

Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network...

EUVD-2026-2206

Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network...

EUVD-2026-2189

A vulnerability affecting HPE Networking Instant On Access Points has been identified where a device processing a specially crafted packet could enter a non-responsive state, in some cases requiring a hard reset to re-establish services. A malicious actor could leverage this vulnerability to...