CVE-2026-28426

CVE-2026-28426 affects Statamic (a Laravel/Git‑based CMS). A stored cross‑site scripting (XSS) flaw exists in the svg and icon related components prior to versions 5.73.11 and 6.4.0, enabling an authenticated user with certain permissions to inject malicious JavaScript that executes for higher‑pr...

Microsoft Patch Tuesday for January 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for January 2026, which includes 112 vulnerabilities affecting a range of products, including 8 that Microsoft marked as "critical". In this month's release, Microsoft observed one of the included "important" vulnerabilities, CVE-2026-20805, as...

Microsoft Windows Graphic Component Privilege Escalation Vulnerability

Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation...

VulnCheck KEV: CVE-2023-21823

Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation...

Windows Graphics Component Information Disclosure Vulnerability

...

CVE-2015-2364

The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that...