15337 matches found
CVE-2026-50526
CVE-2026-50526 describes an issue in .NET where improper link resolution before file access ("link following") can allow an authorized local attacker to tamper with files. Multiple sources document the same description and note a local attack vector with high impact on confidentiality, integrity,...
CVE-2026-50526 .NET Tampering Vulnerability
...
CVE-2026-57973
Time-of-check time-of-use toctou race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally...
CVE-2026-50495
Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally...
CVE-2026-50465
Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally...
CVE-2026-50328
Uncaught exception in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network...
CVE-2026-4018
TOCTOU Race Condition in specific trace commands of the TraceEvent system call could allow an attacker with local access and with the PROCMGRAIDTRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel...
CVE-2026-4017
Buffer Overflow in the entry handler of the TraceEvent system call could allow an attacker with local access to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel...
CVE-2026-4018 TOCTOU race condition in the QNX Neutrino kernel impacts versions of the QNX Software Development Platform and QNX OS for Safety
TOCTOU Race Condition in specific trace commands of the TraceEvent system call could allow an attacker with local access and with the PROCMGRAIDTRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel...
CVE-2026-4018
CVE-2026-4018 describes a TOCTOU race condition in specific trace commands of the TraceEvent() system call in the QNX Neutrino kernel, affecting versions of the QNX Software Development Platform and QNX OS for Safety. The vulnerability could allow a local attacker with PROCMGR_AID_TRACE privilege...
CVE-2026-4017
The CVE-2026-4017 entry concerns a buffer overflow in the TraceEvent() system call entry handler for the QNX Neutrino kernel (affecting QNX Software Development Platform and QNX OS for Safety). The underlying issue, a buffer overflow in the entry handler, could enable a local attacker to cause in...
CVE-2026-55144
Missing cryptographic step in Windows CryptoAPI allows an authorized attacker to perform tampering locally...
CVE-2026-49174
Missing authentication for critical function in Microsoft Windows DNS allows an authorized attacker to perform tampering locally...
CVE-2026-57973 Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability
...
CVE-2026-57973
CVE-2026-57973 describes a Time-of-check Time-of-use (TOCTOU) race condition in Windows Subsystem for Linux (WSL2) kernel. The issue allows an authorized attacker to perform local tampering. Affected component is the WSL2 kernel; impact per sources is local, with confidentiality and integrity aff...
CVE-2026-57973 Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability
...
CVE-2026-55145 Outlook Copilot Tampering Vulnerability
...
CVE-2026-55145
CVE-2026-55145 : Outlook Copilot is affected by a command-injection vulnerability due to improper neutralization of special elements in a command. An authorized attacker can tamper over a network, with network access, low privileges, and user interaction required; confidentiality impact is High, ...
CVE-2026-55145 Outlook Copilot Tampering Vulnerability
...
CVE-2026-50495 DNS Client Tampering Vulnerability
...