2 matches found
CVE-2026-21219
CVE-2026-21219 describes a Use-after-Free in Inbox COM Objects (Global Memory) that allows an unauthenticated attacker to achieve Remote Code Execution by local access. Affected software is the Inbox COM Objects component of Windows apps (notably those handling mail via Outlook/Exchange); the iss...
CVE-2025-47962
CVE-2025-47962 is an elevation-of-privilege vulnerability in Windows SDK caused by improper access control, allowing an authorized local attacker to gain SYSTEM/privilege-level access. A PoC exploit exists in a GitHub repo (CVE-2025-47962-POC) showing local DLL loading and service manipulation (I...