Windows Common Log File System Driver Elevation of Privilege Vulnerability

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability

Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally...

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

Windows Internet (wininet.dll) Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows Internet wininet.dll allows an authorized attacker to elevate privileges locally...

Windows SDK Elevation of Privilege Vulnerability

Use after free in Windows SDK allows an authorized attacker to elevate privileges locally...

Windows DNS Client Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally...

PT-2026-47904

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

PT-2026-47970

Improper authorization in .NET allows an authorized attacker to elevate privileges locally...

PT-2026-48002

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

PT-2026-47990

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

PT-2026-47929

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

PT-2026-47969

Time-of-check time-of-use TOCTOU race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally...

PT-2026-48008

Name of the Vulnerable Software and Affected Versions Microsoft Live Share Canvas SDK affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to elevate privileges over a network...

KB5094126: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (June 2026)

The remote Windows host is missing security update 5094126. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2026-42909, CVE-2026-42913, CVE-2026-42985, CVE-2026-42992,...

PT-2026-47891

Name of the Vulnerable Software and Affected Versions Windows Telephony Service affected versions not specified Description A race condition exists in the Windows Telephony Service due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileg...

EUVD-2026-34809

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...

MediaTek Chipsets Security Vulnerabilities

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...

CVE-2026-23663

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...

Admidio 跨站请求伪造漏洞

Admidio is an open source member management system from the Admidio team. The system supports member lists, event management, guestbooks, photo albums, and downloads. A cross-site request forgery vulnerability exists in Admidio version 3.3.5, which stems from cross-site request forgery and could...

CVE-2026-42901

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...