EUVD-2026-31006

Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...

CVE-2026-35419

Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally...

Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017656)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017656 advisory. A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that...

OSK ATBroker Registry Security Scanner

This program is a defensive Windows security scanner designed to inspect registry locations related to On-Screen Keyboard osk.exe and Accessibility/ATBroker configuration, which are sometimes abused in privilege escalation or persistence attacks...

Windows/x86 (XP SP3) (English) calc.exe Shellcode

15 bytes small Windows/x86 XP SP3 English calc.exe shellcode...

CVE-2026-34527

CVE-2026-34527 affects Sandboxie-Plus for Windows (versions 1.17.2 and earlier). The vulnerability arises in SbieIniServer::HashPassword, where the high nibble of each SHA-1 digest byte is extracted incorrectly (shifted by 8 instead of 4). This causes the stored EditPassword hash to preserve only...

CVE-2025-50328

A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web MotW protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the 'Zone.Identifier' alternate dat...

PT-2026-34742

TRC analysis shows attackers exploiting CVE-2026-3893 in Carlson VASCO-B GNSS receivers to gain unauthenticated access, then escalating privileges and moving laterally through manufacturing networks. Runtime segmentation could help contain post-compromise activity in critical infrastructure...

ATBroker Registry Security Scanner

This code is a defensive Windows security scanner designed to audit potentially sensitive Registry paths related to ATBroker Accessibility Technology Broker and core system hives. It only checks for the presence of certain registry keys to see if they're protected or accessible...

CVE-2026-26152 Microsoft Cryptographic Services Elevation of Privilege Vulnerability

...

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

Microsoft Windows Local Security Authority Subsystem Service 安全漏洞

The Microsoft Windows Local Security Authority Subsystem Service is an internal program of the American company Microsoft, responsible for implementing Windows system security policies. It verifies user identities when a computer or server is logged in, manages user password changes, and generate...

CVE-2026-23674

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...

CVE-2026-32912

...

CVE-2026-32310

Cryptomator encrypts data being stored on cloud infrastructure. From version 1.6.0 to before version 1.19.1, vault configuration is parsed before its integrity is verified, and the masterkeyfile loader uses the unverified keyId as a filesystem path. The loader resolves keyId.getSchemeSpecificPart...

CVE-2026-24297

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network...

Hackers Abuse ScreenConnect to Hijack PCs via Fake Social Security Emails

Forcepoint X-labs reveals how hackers use fake SSA emails and hijacked ScreenConnect tools to bypass Windows security to target UK, US, and Canadian organisations...

Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility

Introduction If you received an email with the subject “I LOVE YOU” and an attachment called “LOVE-LETTER-FOR-YOU.TXT”, would you open it? Probably not, but back in the year 2000, plenty of people did exactly that. The internet learned a hard lesson about the disproportionate power available to a...

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities...

CVE-2026-20871

CVE-2026-20871 refers to a Desktop Window Manager (dwm.exe) use-after-free vulnerability that enables local privilege escalation to SYSTEM. The connected exploit report and advisories describe a DWM-related attack path (Visual‑Field Singularity) affecting the DWM compositor, with PoC/claims of in...