CVE-2026-35603

Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable ...

EUVD-2026-23520

Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows...

CVE-2021-28133

Zoom through 5.5.4 sometimes allows attackers to read private information on a participant's screen, even though the participant never attempted to share the private part of their screen. When a user shares a specific application window via the Share Screen functionality, other meeting participan...

Unauthorized Configuration Manipulation

Jupyter Core is vulnerable to Unauthorized Configuration Manipulation. The vulnerability is due to improper access control on the %PROGRAMDATA% directory, allowing unprivileged users to write configuration files that affect other users on shared Windows systems...

PT-2004-3547 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 1.5.0.1 and possibly other versions Description: The issue allows local users who share a Windows profile to view records of user activity after a new installation of Firefox, even if the previous installation was...

May 4, 2021, update for Skype for Business 2016 (KB4493155)

May 4, 2021, update for Skype for Business 2016 KB4493155 Microsoft has released an update for Microsoft Skype for Business 2016. The version number of this update is 16.0.5161.1000.In addition to the release of the new client, this update fixes an issue. Before you install this update, see the...