124 matches found
CVE-2026-32220
Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...
CVE-2026-23670
CVE-2026-23670 affects Windows Virtualization-Based Security (VBS) security feature. The issue is a local, high-privilege bypass of VBS protections, with no user interaction required (UI: NONE). Exploitation is possible with local access and may impact confidentiality and integrity (both HIGH), w...
CVE-2026-23670 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
...
UEFI Secure Boot Security Feature Bypass Vulnerability
Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...
Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
SCTT-2026-33-0002: DWM Visual-Field Singularity 📡 Theoret...
CVE-2026-21223
Improper privilege management in Microsoft Edge Chromium-based allows an authorized attacker to bypass a security feature locally...
EUVD-2026-3111
Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the privileges of the calling process. A standard non‑administrator local user can invoke the IElevatorEdge interface method LaunchUpdateCmdElevatedAndWait, causing the service to execute privileged...
CVE-2026-21223
Improper privilege management in Microsoft Edge Chromium-based allows an authorized attacker to bypass a security feature locally...
PT-2026-3326
Name of the Vulnerable Software and Affected Versions Microsoft Edge affected versions not specified Description The Microsoft Edge Elevation Service has a design flaw where a privileged COM interface does not properly check the permissions of the process making the request. A standard local user...
CVE-2026-20935
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an unauthorized attacker to disclose information locally...
CVE-2026-20938
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
CVE-2026-20938
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
CVE-2026-20876
Heap-based buffer overflow in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...
CVE-2026-20935 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
...
CVE-2026-20935 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
...
CVE-2026-20938
CVE-2026-20938 is a local elevation-of-privilege in Windows VBS Enclave caused by an untrusted pointer dereference. Affected: Windows 11 VBS Enclave implementations. Impact per sources: local privilege escalation with high confidentiality/integrity/availability impact (CVSS 7.8). Remediation: Mic...
CVE-2026-20938 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
...
CVE-2026-20876 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
...
CVE-2026-20876 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
...