CVE-2026-0081

In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48643

In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0063

CVE-2026-0063 affects the Android framework component PhoneInterfaceManager.java, where a logic error in setAllowedCarriers could disable carrier restrictions, enabling local privilege escalation with no additional privileges and no user interaction required. The issue is cataloged as an Elevatio...

CVE-2026-0083

In Nfc::eventCallback of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48617

CVE-2025-48617 affects Android’s CarrierConfigLoader.java, specifically overrideConfig, enabling a permissions/UID check bypass that could cause local privilege escalation with no additional execution privileges required and no user interaction. The vulnerability is tied to a local attack vector ...

CVE-2026-0150

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

CVE-2026-0137

In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-10262

Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privileges...

CVE-2026-36213

An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to escalate privileges via the MemuService.exe component...

FreeBSD : FreeBSD -- Use-after-free bug in the IPV6_MSFILTER socket option handler (c5b7ac13-6473-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c5b7ac13-6473-11f1-958d-bc241121aa0a advisory. The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list...

CVE-2026-45605

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...

CVE-2026-53694 Potential local privileges escalation through argument injection in the nxchmod.sh script

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

CVE-2026-24067

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's process identifier and...

CVE-2026-42837

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

EUVD-2026-35741

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

Winlogon Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Winlogon allows an authorized attacker to elevate privileges locally...

Windows DWM Core Library Elevation of Privilege Vulnerability

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in UI Automation Manager uiamanager.dll allows an authorized attacker to elevate privileges locally...

EUVD-2026-35385

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...

PT-2026-48150

Improper link resolution before file access 'link following' in Microsoft PC Manager allows an authorized attacker to elevate privileges locally...