EUVD-2026-29696

Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

CVE-2026-40370

External control of file name or path in SQL Server allows an authorized attacker to execute code over a network...

CVE-2026-42899

Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network...

CVE-2026-40415

Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network...

CVE-2026-40406

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...

CVE-2026-40405

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network...

Windows TCP/IP Information Disclosure Vulnerability

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...

Visual Studio Code Elevation of Privilege Vulnerability

Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

Windows Kernel-Mode Driver Remote Code Execution Vulnerability

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network...

Windows Storport Miniport Driver Denial of Service Vulnerability

Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to deny service over a network...

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...

Windows DNS Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network...

PT-2026-40219

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...

PT-2026-40138

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Deserialization of untrusted data allows an authorized attacker to execute code over a network. Recommendations At the moment, there is no information about a newer versio...

PT-2026-40249

Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

PT-2026-40137

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...

PT-2026-40237

Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS Client affected versions not specified Description A heap-based buffer overflow exists in the Windows DNS Client, specifically within the dnsapi.dll component which processes DNS answers. This flaw allows an unauthorized...

CVE-2026-43653

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service...

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

PT-2026-40259

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper neutralization of special elements in output used by a downstream component injection allows an unauthorized attacker to elevate privileges over a network...