EUVD-2026-22388

Access of resource using incompatible type 'type confusion' in Windows OLE allows an authorized attacker to elevate privileges locally...

PT-2026-32740

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A type confusion issue in Windows OLE allows an authorized attacker to access resources using an incompatible type, which can lead to local privilege escalation. Recommendations At the moment...

CVE-2025-60714

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally...

CVE-2025-60714

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally...

Exploit for Use After Free in Microsoft

LetsDefend-SOC336-Windows-OLE-Zero-Click-RCE-Exploitation-Dete...

EUVD-2024-28014

Malicious code in bioql PyPI...

EUVD-2024-19084

Malicious code in bioql PyPI...

EUVD-2024-19144

Malicious code in bioql PyPI...

EUVD-2023-39326

Malicious code in bioql PyPI...

EUVD-2024-37125

Malicious code in bioql PyPI...

CVE-2020-1281

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'...

About Remote Code Execution – Windows OLE (CVE-2025-21298) vulnerability

About Remote Code Execution - Windows OLE CVE-2025-21298 vulnerability. The vulnerability is from the January Microsoft Patch Tuesday. OLE Object Linking and Embedding is a technology for linking and embedding objects into other documents and objects, developed by Microsoft. A common use of this...

Exploit for Use After Free in Microsoft

content This is a proof-of-concept for CVE-2025-21298 - Wind...

CVE-2025-21298

Windows OLE Remote Code Execution Vulnerability...

CVE-2025-21298 Windows OLE Remote Code Execution Vulnerability

...

CVE-2025-21298

CVE-2025-21298 is a Windows OLE use-after-free memory corruption vulnerability in ole32.dll (UtOlePresStmToContentsStm) that enables remote code execution via specially crafted RTF, including zero-click scenarios when previews are shown in Outlook. The issue arises from a double-free of the CONTE...

Windows OLE Remote Code Execution Vulnerability

...

PT-2025-1193

Name of the Vulnerable Software and Affected Versions Microsoft Outlook versions prior to the fixed version Description The vulnerability is a zero-click remote code execution RCE flaw in Microsoft Outlook, caused by a memory corruption issue in the UtOlePresStmToContentsStm function of the...

KB5039260: Windows Server 2012 Security Update (June 2024)

The remote Windows host is missing security update 5039260. It is, therefore, affected by multiple vulnerabilities - Microsoft Message Queuing MSMQ Remote Code Execution Vulnerability CVE-2024-30080 - DHCP Server Service Denial of Service Vulnerability CVE-2024-30070 - Windows OLE Remote Code...

PT-2024-2288 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an uncontrolled search path element in the Windows OLE mechanism. It allows a remote attacker to execute arbitrary code. There is no information about the estimated...