CVE-2026-20794

Buffer overflow for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This...

CVE-2026-20794

Intel Data Center Graphics Driver for VMware ESXi prior to 2.0.2 contains a buffer overflow in Ring 1: Device Drivers that can allow a local privilege escalation. A system software adversary with a privileged user and low attack complexity could potentially execute code locally with no user inter...

CVE-2026-20794

Buffer overflow for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This...

CVE-2026-20753

Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements a...

CVE-2026-20753

The connected documents confirm a concrete CVE: an integer overflow in the UEFI firmware for the Slim Bootloader. A system software adversary with privileged access and low attack complexity could trigger a local code execution via local access with no user interaction, potentially impacting conf...

CVE-2026-20753

Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements a...

Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

PT-2026-40087

Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements a...

PT-2026-40093

Name of the Vulnerable Software and Affected Versions IntelR Data Center Graphics Driver for VMware ESXi versions prior to 2.0.2 Description A buffer overflow in the Ring 1: Device Drivers may allow a privileged local attacker to escalate privileges and execute arbitrary code. This issue can be...

PT-2026-40198

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

PT-2026-40199

Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...

PT-2026-40217

Name of the Vulnerable Software and Affected Versions Windows Win32K - GRFX affected versions not specified Description A heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally. This issue can potentially be used to escape a virtual machine...

PT-2026-40193

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

PT-2026-40247

Name of the Vulnerable Software and Affected Versions Visual Studio Code affected versions not specified Description Improper neutralization of script-related HTML tags in a web page leads to a basic cross-site scripting XSS issue. This lack of data sanitization at the control level allows an...

PT-2026-40256

Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description A heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. A heap-based buffer overflow occurs when an application writes more data to ...

PT-2026-40197

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

PT-2026-40182

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A heap-based buffer overflow in the Windows GDI Graphics Device Interface, which is the graphics subsystem of Windows, allows an unauthorized attacker to execute code locally. Recommendations...

Security Updates for Microsoft Office Online Server (May 2026)

The Microsoft Office Online Server or Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-40359 -...