CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

Packet Storm News•added 2026/05/06 12:0 a.m.•4 views

Agentic Vulnerability Reasoning on Windows COM Binaries

Windows Component Object Model COM services run with elevated privileges and are widely accessible to authenticated users, making race conditions in these binaries a critical surface for local privilege escalation. We present SLYP, an end-to-end agentic pipeline that discovers race condition...

5.7AI score

Exploits0

RedhatCVE•added 2026/04/15 7:22 p.m.•2 views

CVE-2026-20806

Access of resource using incompatible type 'type confusion' in Windows COM allows an authorized attacker to disclose information locally...

5.5CVSS5.7AI score0.00121EPSS

Exploits0References1

NVD•added 2026/04/14 6:17 p.m.•0 views

CVE-2026-32162

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally...

8.4CVSS0.00042EPSS

Exploits0References1

CNNVD•added 2026/04/14 12:0 a.m.•3 views

Microsoft Windows COM 安全漏洞

Microsoft Windows COM is a technology developed by Microsoft Corporation in the United States, aimed at software reuse. COM is described as a platform-independent, distributed, object-oriented system used for creating interactive binary software components. There are security vulnerabilities in...

5.5CVSS5.8AI score0.00121EPSS

Exploits0References1

RedhatCVE•added 2025/10/15 5:44 p.m.•1 views

CVE-2025-58725

Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally...

7CVSS7.4AI score0.00045EPSS

Exploits0References1

OSV•added 2025/10/14 5:15 p.m.•0 views

CVE-2025-58725

Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally...

7CVSS6AI score0.00045EPSS

Exploits0References1

NVD•added 2025/10/14 5:15 p.m.•1 views

CVE-2025-58725

Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally...

7CVSS0.00045EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-1322

Malware in sbrugna...

8.8CVSS8.6AI score0.01086EPSS

Exploits2References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-0580

Malware in sbrugna...

7CVSS6.3AI score0.0139EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-2337

Malicious code in bioql PyPI...

6.5CVSS8.9AI score0.00184EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-44278

Malicious code in bioql PyPI...

7.8CVSS8.7AI score0.01737EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-2353

Malicious code in bioql PyPI...

6.5CVSS8.9AI score0.00184EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:7 p.m.•5 views

CVE-2020-0685

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

7.8CVSS6.9AI score0.00397EPSS

Exploits0References1

NVD•added 2025/01/14 6:15 p.m.•11 views

CVE-2025-21288

Windows COM Server Information Disclosure Vulnerability...

6.5CVSS0.00184EPSS

Exploits0References1

OSV•added 2025/01/14 6:15 p.m.•0 views

CVE-2025-21281

Microsoft COM for Windows Elevation of Privilege Vulnerability...

7.8CVSS7.3AI score0.00277EPSS

Exploits0References1

NVD•added 2025/01/14 6:15 p.m.•9 views

CVE-2025-21272

Windows COM Server Information Disclosure Vulnerability...

6.5CVSS0.00184EPSS

Exploits0References1

CVE•added 2025/01/14 6:3 p.m.•81 views

CVE-2025-21288

Technical details about CVE-2025-21288 are not publicly provided in the supplied connected documents; the record notes a Windows COM Server information disclosure vulnerability but lacks specifics on affected products/versions or mitigations. Monitor for official disclosures.

6.5CVSS6.3AI score0.00184EPSS

Exploits0References1Affected Software15

CVE•added 2025/01/14 6:3 p.m.•77 views

CVE-2025-21272

CVE-2025-21272 affects Windows COM, specifically the COM Server component, described as an Information Disclosure vulnerability. The issue is exploitable locally with low privileges and low attack complexity, with confidentiality impact rated High. Connected sources corroborate Windows COM as aff...

6.5CVSS6.3AI score0.00184EPSS

Exploits0References1Affected Software15