CVE-2026-3564 ScreenConnect Instance Level Cryptographic Material Exposure

A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios...

CVE-2026-3841 Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400

A command injection vulnerability has been identified in the Telnet command-line interface CLI of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. An authenticated attacker with elevated privileges may be able to execute...

About Elevation of Privilege - Windows RDS (CVE-2026-21533) vulnerability

About Elevation of Privilege - Windows RDS CVE-2026-21533 vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Remote Desktop Services RDS is a component of Microsoft Windows that allows a user to initiate and control an interactive session on a remote computer or virtua...

Zoom Clients for Windows 安全漏洞

Zoom Clients for Windows is a video conferencing software developed by the American company Zoom. There is a security vulnerability in Zoom Clients for Windows, which stems from improper version checking in the update function. This vulnerability could allow authenticated users to gain elevated...

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions. An attacker can gain elevated privileges by exploiting these permissions locally. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 10.0.4 or higher. References - Vulnerability Advis...

EUVD-2026-10659

Improper link resolution before file access 'link following' in Winlogon allows an authorized attacker to elevate privileges locally...

EUVD-2026-10612

Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally...

EUVD-2026-10606

External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-26132

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-25178

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2026-25170

Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

CVE-2026-25165

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally...

CVE-2026-24296

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...

CVE-2026-24293

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2026-24289

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...

CVE-2026-24283

Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...

CVE-2026-20967

Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network...

CVE-2026-26115

Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network...

CVE-2026-25189

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

CVE-2026-25179 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...