4798 matches found
EUVD-2026-35527
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...
EUVD-2026-35657
Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally...
CVE-2026-48583
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-45476
Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-44811
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-42902
Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally...
EUVD-2026-35761
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2026-42983
CVE-2026-42983 is a Windows vulnerability described across multiple sources as a use-after-free in the DWM Core Library that allows an authorized, local attacker to elevate privileges. The issue is identified consistently in Microsoft’s MSRC page and NVD records; no public exploit details or defa...
CVE-2026-44811
CVE-2026-44811 refers to a use-after-free in the Windows DWM Core Library that enables a locally authenticated attacker to elevate privileges. Confirmed across multiple sources (NVD/MSRC/CVE listings). The vulnerability is described as a local, high-impact elevation of privilege with a CVSS v3.1 ...
CVE-2026-44805
CVE-2026-44805: Use-after-free in Windows Network Controller (NC) Host Agent enables an authorized local attacker to cause denial of service. Affected component is the Windows Network Controller Host Agent; underlying cause is use-after-free. CVSSv3.1 base score 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I...
CVE-2026-42977
CVE-2026-42977 describes a race condition in Windows Push Notifications caused by improper synchronization of a shared resource. This vulnerability enables an authorized, local attacker to elevate privileges. The CVSS 3.1 base score is 7.8 (HIGH) with Local attack vector, high complexity, and req...
CVE-2026-42916
The CVE-2026-42916 entry describes an Integer underflow in the Windows NT OS Kernel that enables local privilege escalation for an authorized attacker. Affected: Windows NT OS Kernel (kernel-level component). Root cause: wrap/underflow during arithmetic in the kernel. Impact: high across confiden...
EUVD-2026-35569
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-45637
CVE-2026-45637 is a use-after-free vulnerability in Windows DWM Core Library that permits a locally authenticated attacker to achieve elevation of privileges. The underlying flaw is a use-after-free condition in the DWM Core Library, enabling an attacker with low privileges and no user interactio...
EUVD-2026-35561
Access of resource using incompatible type 'type confusion' in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...
EUVD-2026-35547
Improper limitation of a pathname to a restricted directory 'path traversal' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-47648
CVE-2026-47648 — Windows Storage contains an untrusted search path vulnerability that enables a locally authenticated attacker to perform privilege escalation. The issue arises from a trusted component loading an untrusted search path, potentially elevating privileges with high impact (C/H/I/H/A/...
CVE-2026-41092
CVE-2026-41092 describes an improper access control in Microsoft Kinect that enables a locally authenticated attacker to elevate privileges. The CVSS 3.1 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with a base score of 7.8 (HIGH). Affected component: Kinect functionality; root cause is insuffic...
CVE-2026-45606
CVE-2026-45606 concerns an out-of-bounds read in the Microsoft UxTheme Library (uxtheme.dll) that allows an authorized, low-privilege user to cause a local denial of service. The NVD/NIST and CVE records concur on the impact as a local DoS; attack vector is LOCAL, with LOW prerequisites and NONE ...
CVE-2026-45490
CVE-2026-45490 : In .NET, improper authorization could allow an authorized local attacker to elevate privileges. Documents indicate a local attack with low privileges required and high impact on confidentiality, integrity, and availability. Exploitation details, affected versions, and a concrete ...