2937 matches found
July 14, 2026—KB5099539 (OS Builds 19045.7548 and 19044.7548)
None None...
July 14, 2026—KB5099536 (OS Build 26100.33158)
None None...
PT-2026-58422
Name of the Vulnerable Software and Affected Versions Windows Server Update Service affected versions not specified Description A missing authentication check for a critical function in the Windows Server Update Service allows an authorized attacker to elevate privileges over a network...
Stable Channel Update for Desktop
The Stable channel has been updated to 150.0.7871.124/.125 for Windows and Mac and 150.0.7871.124 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...
CVE-2026-58583
CVE-2026-58583 affects FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, enabling local privilege escalation for a standard user via arbitrary physical memory mapping at \Device\PhysicalMemory. Root cause: memory mapping vulnerability in the driver. Impact: potential elevation of pri...
EUVD-2026-42094
FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...
CVE-2026-58583
FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...
PT-2026-56256
Name of the Vulnerable Software and Affected Versions FluxInk Color Management Driver versions 1.0.7.2 through 1.0.7.5 Description The Color Management Driver TcnPeripheral64.sys allows a standard user account to achieve local privilege escalation. This is possible through arbitrary physical memo...
KLA91131 PE vulnerability in Microsoft Server Software
Privilege escalation vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-54998 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Exchange-Online CVE list...
KLA91128 PE vulnerability in Microsoft Apps
Privilege escalation vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-41106 Exploitation Related products Microsoft-365 CVE list CVE-2026-41106 unknown Solution Install necessary updates from the KB section,...
KLA91116 SUI vulnerability in Microsoft Dynamics
A spoofing vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2026-47646 Exploitation CVE list CVE-2026-47646 high KB list Solution Install necessary updates from the KB section, that are listed in your...
KLA91102 PE vulnerability in Microsoft System Center
Privilege escalation vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-50656 Exploitation Public exploits exist for this vulnerability. CVE list CVE-2026-50656 high KB list Solution Install necessary...
June 9, 2026—KB5094128 (OS Build 20348.5256)
None None...
Update Chrome: Google patches actively exploited vulnerability and 73 others
Google has issued updates for the Chrome browser, patching a number of high‑severity vulnerabilities. The update includes fixes for 74 vulnerabilities, including one that is being actively exploited in the wild. The stable channel has been updated to 149.0.7827.102/.103 for Windows/Mac, and...
KB5094126: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (June 2026)
The remote Windows host is missing security update 5094126. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVE-2026-42909, CVE-2026-42913, CVE-2026-42985, CVE-2026-42992,...
CVE-2026-42248
Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is performed before stagin...
Your Windows PC has a security deadline in June 2026
A Secure Boot certificate refresh is rolling out across supported Windows devices through Windows Update. In June 2026, the Secure Boot certificates that have shipped inside Windows since 2011 begin to expire, and Microsoft is replacing them with new 2023-dated certificates. The good news: If you...
KLA91072 Multiple vulnerabilities in Microsoft Apps
Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in M365 Copilot can be exploited remotely to obta...
KLA91071 OSI vulnerability in Microsoft Device
An information disclosure vulnerability was found in Microsoft Planetary Computer Pro. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-41104 Exploitation CVE list CVE-2026-41104 critical Solution Install necessary updates from the KB...
KLA91063 SB vulnerability in Microsoft Browser
A security feature bypass vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service, bypass security restrictions. Original advisories CVE-2026-45585 Exploitation Public exploits exist for this vulnerability. Related products...