Normal view

There are new articles available, click to refresh the page.
Before yesterdayMain stream

Patch Tuesday - June 2026

✇Rapid7 Cybersecurity Blog
By: Adam Barnett
9 June 2026 at 17:04

Microsoft is publishing 200 vulnerabilities on June 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild for any of these vulnerabilities, and is aware of public disclosure for three. This is similar to last month’s Patch Tuesday, however several of last month’s vulnerabilities ended up on CISA KEV in the days following their publication. So far this month, Microsoft has provided patches to address 360 browser vulnerabilities, which is an order of magnitude more than has been typical in any given month over the past few years. As usual, browser vulns are not included in the Patch Tuesday count above. Indeed, the vast, and presumably sustained, uptick in the number of browser vulnerabilities has led to Microsoft no longer enumerating Chromium CVEs in the Security Update Guide. Other vulnerability categories, especially Linux kernel vulnerabilities, are seeing a similar increase in AI-assisted vulnerability reports.

What's the opposite of coordinated disclosure?

In recent weeks, an independent vulnerability researcher going by the pseudonym Nightmare Eclipse has attracted significant attention by publishing details of six Microsoft vulnerabilities, including elevation of privilege vulnerabilities in Defender, and a Secure Boot disk encryption bypass. The researcher provided full proof-of-concept code for some, and provided  significant-but-incomplete detail around the path to exploitation for others. Microsoft has confirmed that these disclosures were not coordinated, and it is clear that the relationship between this researcher and Microsoft is less than cordial. Two of the disclosures emerged in the hours after last month’s Patch Tuesday, which provides maximum visibility, while limiting Microsoft’s ability to respond without out-of-cycle patches.

At time of writing, Microsoft has provided mitigation advice and patches for CVE-2026-33825, CVE-2026-45585, CVE-2026-45498, and CVE-2026-41091, leaving only two elevation of privilege vulnerabilities unpatched, known as MiniPlasma and GreenPlasma. However, a recent blog post by Nightmare Eclipse with the title “7” has been widely interpreted to mean that there is at least one more vulnerability to come. The post contained no content other than an image of Albert Vesker, a character from the Resident Evil video game series who formerly worked as a researcher for a technology corporation before going rogue. Any inference around the possible meaning of the image is left as an exercise for the reader.

Given the timing of last month’s disclosures in the hours following Patch Tuesday, a further high-friction disclosure today would perhaps be unsurprising. Indeed, a new blog post and a new GitHub account from the same researcher have emerged in the hours following Microsoft’s publication of the June 2026 Patch Tuesday updates. The apparent seventh disclosure is nicknamed RoguePlanet, and appears to describe another elevation of privilege to SYSTEM in Defender.

It is not at all difficult to understand why Microsoft and many blue team practitioners are deeply alarmed by the partial or even full disclosure of proof-of-concept code for an ongoing series of vulnerabilities affecting fully-patched Windows systems. However, multiple leading voices in the broader vulnerability disclosure community have expressed concern that Microsoft’s invocation of the Digital Crimes Unit in a May 27, 2026 blog post may yet prove counterproductive, especially if it causes other researchers to back away from mutually beneficial engagements with MSRC. A few days later, MSRC issued a further statement clarifying that they have no intention of pursuing action against security researchers, but only those who break the law or engage in malicious activity causing real harm. For now, one safe conclusion is that this unusually sensational Microsoft vulnerability management story arc is far from over.

HTTP/2: denial of service

Every so often, a new round of denial of service vulnerabilities emerge which affect web servers implementing HTTP/2 and HTTP/3 standards. This class of vulnerabilities is likely to expand further as researchers, including the discoverers of CVE-2026-49160, use advances in LLM capability to probe not just specific software, but also the standards on which software rests. Microsoft warns that exploitation leads to uncontrolled resource consumption over a network, and expects that exploitation is more likely. The advisory credits both a third-party research firm and OpenAI’s Codex.

Microsoft has not yet directly addressed another HTTP/2 vulnerability which allows trivial denial-of-service against the default HTTP/2 configuration of multiple web server platforms, including Microsoft IIS. CVE-2026-49975, also known as HTTP/2 Bomb, became public knowledge a week ago. This denial of service works by exhausting memory on the target server, and unlike a distributed denial of service attack, there is no requirement that an attacker control a large amount of bandwidth. Patches are available for NGINX and Apache, with IIS presumably to follow at some point. If practically possible, disabling HTTP/2 is a valid mitigation.

PowerToys: SYSTEM EoP

The Microsoft PowerToys utility provides a wide variety of useful control and configuration options for Windows power users which aren’t otherwise easily accessible. It turns out that PowerToys also offers an undocumented extra: local elevation of privilege to SYSTEM via successful exploitation of CVE-2026-42902. It is worth noting that the fix was included in PowerToys v0.99.1 on April 29, 2026, without any apparent mention in the release notes. Attackers with patch-diffing toolkits may well take note of this discrepancy.

Microsoft lifecycle update

There are no significant Microsoft product lifecycle changes this month. SQL Server 2016 moves beyond regular extended support and into the pay-to-play Extended Security Updates (ESU) phase after July 14, 2026. On that same date, SharePoint 2016 and 2019 will also move past extended support, but since there’s no ESU available, the only remaining option for fully-supported self-hosted SharePoint after the middle of next month will be SharePoint Subscription Edition.

Summary charts

2026-06-vuln_count_impact.png

2026-06-vuln_count_component.png

2026-06-vuln_count_impact-component-heatmap.png

Vulnerabilities by Product Family

Apps vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-45650

Microsoft Bing Search Spoofing Vulnerability

Exploitation Less Likely

No

4.3

CVE-2026-49161

Microsoft PC Manager Security Feature Bypass Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42902

Microsoft PowerToys Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45649

Office for Android Spoofing Vulnerability

Exploitation Unlikely

No

7.1

CVE-2026-44803

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-44812

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation More Likely

No

7.8

Azure vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-32193

Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.8

CVE-2026-47643

Azure Stack Edge Remote Code Execution Vulnerability

Exploitation Unlikely

No

9.8

CVE-2026-41098

Azure Stack Edge Spoofing Vulnerability

Exploitation Less Likely

No

8.4

Developer Tools vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-45490

.NET SDK Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45491

.NET Tampering Vulnerability

Exploitation Unlikely

No

6.2

CVE-2026-45591

ASP.NET Core Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-45644

Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.0

CVE-2026-45482

Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-40376

Visual Studio Code Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-47281

Visual Studio Code Elevation of Privilege Vulnerability

Exploitation Unlikely

No

9.6

CVE-2026-47284

Visual Studio Code Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-47292

Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-48569

Visual Studio Code Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.1

CVE-2026-47287

Visual Studio Code Tampering Vulnerability

Exploitation Less Likely

No

6.5

ESU vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2025-10263

ARM: CVE-2025-10263 Completion of affected memory accesses might not be guaranteed by completion of a TLBI [kernel]

Exploitation Less Likely

No

9.3

CVE-2026-44815

DHCP Client Service Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-49160

HTTP.sys Denial of Service Vulnerability

Exploitation More Likely

Yes

7.5

CVE-2026-47291

HTTP.sys Remote Code Execution Vulnerability

Exploitation More Likely

No

9.8

CVE-2026-45642

Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability

Exploitation Less Likely

No

3.9

CVE-2026-45637

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45504

Microsoft Exchange Server Elevation of Privilege Vulnerability

Exploitation Unlikely

No

8.8

CVE-2026-45502

Microsoft Exchange Server Information Disclosure Vulnerability

Exploitation Unlikely

No

5.0

CVE-2026-45503

Microsoft Exchange Server Information Disclosure Vulnerability

Exploitation Unlikely

No

8.1

CVE-2026-45583

Microsoft Exchange Server Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-45500

Microsoft Exchange Server Spoofing Vulnerability

Exploitation Less Likely

No

6.1

CVE-2026-45501

Microsoft Exchange Server Spoofing Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-47631

Microsoft Exchange Server Spoofing Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-42986

Microsoft Graphics Component Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-41092

Microsoft Kinect Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45606

Microsoft UxTheme Library (uxtheme.dll) Denial of Service Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42980

NT OS Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-42916

NT OS Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-47289

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-47653

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.8

CVE-2026-48563

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-42909

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-42992

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-44799

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-44801

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-42985

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation More Likely

No

8.8

CVE-2026-42993

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-45588

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48568

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48570

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48573

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48575

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48576

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48578

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-45656

UEFI Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-8863

UEFI Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34335

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-45601

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45598

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45596

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45638

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45603

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-42911

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45594

Windows Application Identity (AppID) Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-45655

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation Less Likely

No

5.3

CVE-2026-45658

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-50507

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation More Likely

Yes

6.8

CVE-2026-45640

Windows Bluetooth Port Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45605

Windows Bluetooth Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-47656

Windows Boot Manager Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-45586

Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability

Exploitation More Likely

Yes

7.8

CVE-2026-42987

Windows Deployment Services (WDS) Remote Code Execution

Exploitation Less Likely

No

8.1

CVE-2026-33828

Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-45634

Windows DHCP Client Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-45608

Windows DHCP Client Information Disclosure Vulnerability

Exploitation Unlikely

No

6.8

CVE-2026-41108

Windows DNS Client Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-42905

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-42983

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44802

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45602

Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability

Exploitation Less Likely

No

9.1

CVE-2026-42836

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-44803

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-44812

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-42972

Windows Hyper-V Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-45607

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45641

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45592

Windows Internet (wininet.dll) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42903

Windows Kerberos Denial of Service Vulnerability

Exploitation Unlikely

No

6.5

CVE-2026-42914

Windows Kerberos Denial of Service Vulnerability

Exploitation Less Likely

No

5.3

CVE-2026-47288

Windows Kerberos Key Distribution Center (KDC) Remote Code Execution

Exploitation Unlikely

No

7.1

CVE-2026-48583

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45653

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-42984

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-45595

Windows Mark of the Web Security Feature Bypass Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-48574

Windows Media Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45636

Windows NTFS Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-50508

Windows NTLM Spoofing Vulnerability

Exploitation More Likely

No

6.5

CVE-2026-45487

Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42828

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42837

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42969

Windows Push Notification Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-42971

Windows Push Notification Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42970

Windows Push Notification Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42973

Windows Push Notification Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42978

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42977

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42979

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42991

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-45639

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-42908

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-45593

Windows SDK Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42906

Windows Shell Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42907

Windows Shell Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-47648

Windows Storage Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-42915

Windows TCP/IP Denial of Service Vulnerability

Exploitation Less Likely

No

5.7

CVE-2026-42904

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Unlikely

No

9.6

CVE-2026-42968

Windows Telephony Server Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42912

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-40409

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40404

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45599

Windows UPnP Device Host Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-45635

Windows UPnP Device Host Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-42989

Winlogon Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

Mariner vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-40930

LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body

n/a

No

5.4

Microsoft Dynamics vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-40371

Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

Microsoft Office vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-44822

Microsoft Excel Information Disclosure Vulnerability

Exploitation Unlikely

No

8.2

CVE-2026-45455

Microsoft Excel Information Disclosure Vulnerability

Exploitation Less Likely

No

3.3

CVE-2026-45469

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44817

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-44818

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-44820

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44823

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45459

Microsoft Excel Security Feature Bypass Vulnerability

Exploitation Less Likely

No

3.3

CVE-2026-47293

Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45485

Microsoft Office Information Disclosure Vulnerability

Exploitation Less Likely

No

3.3

CVE-2026-44821

Microsoft Office Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-45460

Microsoft Office Information Disclosure Vulnerability

Exploitation Unlikely

No

4.7

CVE-2026-45483

Microsoft Office Project Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-45475

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45472

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45474

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-44819

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44824

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45461

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45645

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45463

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45456

Microsoft Outlook and Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45458

Microsoft Outlook and Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-47635

Microsoft Outlook and Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45484

Microsoft SharePoint Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-45454

Microsoft SharePoint Remote Code Execution Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-47298

Microsoft SharePoint Server Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.0

CVE-2026-45467

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-45468

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-45479

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-45453

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-47636

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-47637

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-47638

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-47639

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Unlikely

No

5.4

CVE-2026-47641

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-33113

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-45462

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-45464

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-45465

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-47634

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation More Likely

No

7.3

CVE-2026-47640

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Unlikely

No

4.6

CVE-2026-45481

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation More Likely

No

7.3

CVE-2026-48560

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-48562

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-42835

Microsoft Teams for Android Information Disclosure Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-45466

Microsoft Word Information Disclosure Vulnerability

Exploitation Unlikely

No

3.3

CVE-2026-45471

Microsoft Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45486

Microsoft Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45643

Microsoft Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45457

Microsoft Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45649

Office for Android Spoofing Vulnerability

Exploitation Unlikely

No

7.1

CVE-2026-44803

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-44812

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation More Likely

No

7.8

Open Source Software vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-11463

USCiLab Cereal Shared Pointer type confusion

n/a

No

7.3

CVE-2026-49975

Apache HTTP Server: mod_http2 denial of service

n/a

No

7.5

CVE-2026-50265

Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292

n/a

No

5.3

CVE-2026-40930

LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body

n/a

No

5.4

CVE-2026-10879

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders

n/a

No

8.6

CVE-2026-50261

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in syncchangecounter()

n/a

No

7.8

CVE-2026-50256

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch

n/a

No

7.8

CVE-2026-50262

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds read/write in glx changedrawableattributes

n/a

No

5.5

CVE-2026-50260

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in freecounter()

n/a

No

6.6

CVE-2026-50259

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb setmap request via mapwidths indexing

n/a

No

7.8

CVE-2026-50257

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in misyncdestroyfence()

n/a

No

6.6

CVE-2026-50258

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb key types due to unchecked shift levels

n/a

No

7.8

CVE-2026-50263

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free information disclosure in createsaverwindow()

n/a

No

5.5

Other vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-45476

Microsoft Azure Network Adapter Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.2

CVE-2026-26142

Nuance PowerScribe Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

Server Software vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-45504

Microsoft Exchange Server Elevation of Privilege Vulnerability

Exploitation Unlikely

No

8.8

CVE-2026-45502

Microsoft Exchange Server Information Disclosure Vulnerability

Exploitation Unlikely

No

5.0

CVE-2026-45503

Microsoft Exchange Server Information Disclosure Vulnerability

Exploitation Unlikely

No

8.1

CVE-2026-45583

Microsoft Exchange Server Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-45500

Microsoft Exchange Server Spoofing Vulnerability

Exploitation Less Likely

No

6.1

CVE-2026-45501

Microsoft Exchange Server Spoofing Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-47631

Microsoft Exchange Server Spoofing Vulnerability

Exploitation Less Likely

No

8.1

System Center vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-45647

Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability

Exploitation Less Likely

No

5.5

Windows vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2025-10263

ARM: CVE-2025-10263 Completion of affected memory accesses might not be guaranteed by completion of a TLBI [kernel]

Exploitation Less Likely

No

9.3

CVE-2026-44815

DHCP Client Service Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-49160

HTTP.sys Denial of Service Vulnerability

Exploitation More Likely

Yes

7.5

CVE-2026-47291

HTTP.sys Remote Code Execution Vulnerability

Exploitation More Likely

No

9.8

CVE-2026-45642

Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability

Exploitation Less Likely

No

3.9

CVE-2026-44810

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45637

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42986

Microsoft Graphics Component Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-41092

Microsoft Kinect Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45606

Microsoft UxTheme Library (uxtheme.dll) Denial of Service Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42980

NT OS Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-42916

NT OS Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-47289

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-47653

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.8

CVE-2026-47654

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-48563

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-42909

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-42913

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-42992

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-44799

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-44801

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-42985

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation More Likely

No

8.8

CVE-2026-42993

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-45588

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48568

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48570

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48573

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48575

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48576

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-48578

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-45654

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-45656

UEFI Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-8863

UEFI Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45648

Windows Active Directory Domain Services Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.8

CVE-2026-42829

Windows Administrator Protection Secure Feature Bypass Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34335

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-45601

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45598

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45596

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45638

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45603

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-42911

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45594

Windows Application Identity (AppID) Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-45655

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation Less Likely

No

5.3

CVE-2026-45658

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-50507

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation More Likely

Yes

6.8

CVE-2026-45640

Windows Bluetooth Port Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45605

Windows Bluetooth Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-47656

Windows Boot Manager Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.9

CVE-2026-45586

Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability

Exploitation More Likely

Yes

7.8

CVE-2026-44809

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42987

Windows Deployment Services (WDS) Remote Code Execution

Exploitation Less Likely

No

8.1

CVE-2026-33828

Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-45634

Windows DHCP Client Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-45608

Windows DHCP Client Information Disclosure Vulnerability

Exploitation Unlikely

No

6.8

CVE-2026-41108

Windows DNS Client Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-42905

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-44811

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44808

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44807

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42983

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44802

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44813

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44804

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-48566

Windows DWM Core Library Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-44814

Windows DWM Core Library Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-45602

Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability

Exploitation Less Likely

No

9.1

CVE-2026-42836

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-44803

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-44812

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-42910

Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42972

Windows Hyper-V Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-45607

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-45641

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-47652

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.2

CVE-2026-45592

Windows Internet (wininet.dll) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42903

Windows Kerberos Denial of Service Vulnerability

Exploitation Unlikely

No

6.5

CVE-2026-42914

Windows Kerberos Denial of Service Vulnerability

Exploitation Less Likely

No

5.3

CVE-2026-47288

Windows Kerberos Key Distribution Center (KDC) Remote Code Execution

Exploitation Unlikely

No

7.1

CVE-2026-48583

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45653

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-42984

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-45657

Windows Kernel Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-45600

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-45604

Windows Managed Installer Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-45595

Windows Mark of the Web Security Feature Bypass Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-48574

Windows Media Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-48565

Windows Narrator Braille Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-44805

Windows Network Controller (NC) Host Agent Denial of Service Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-45636

Windows NTFS Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-50508

Windows NTLM Spoofing Vulnerability

Exploitation More Likely

No

6.5

CVE-2026-42981

Windows Performance Monitor Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-42974

Windows Performance Monitor Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-45487

Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42828

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42837

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42969

Windows Push Notification Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-42971

Windows Push Notification Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42970

Windows Push Notification Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42973

Windows Push Notification Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42978

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42977

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42979

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-42991

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-45639

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-42908

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-45593

Windows SDK Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42906

Windows Shell Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42907

Windows Shell Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-47648

Windows Storage Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-42915

Windows TCP/IP Denial of Service Vulnerability

Exploitation Less Likely

No

5.7

CVE-2026-42904

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Unlikely

No

9.6

CVE-2026-42968

Windows Telephony Server Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-42912

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-45597

Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-40409

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40404

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-45599

Windows UPnP Device Host Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-45635

Windows UPnP Device Host Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-42989

Winlogon Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8


Zero-Day Vulnerabilities: Publicly Disclosed (No known exploitation)

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-49160

HTTP.sys Denial of Service Vulnerability

Exploitation More Likely

Yes

7.5

CVE-2026-50507

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation More Likely

Yes

6.8

CVE-2026-45586

Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability

Exploitation More Likely

Yes

7.8

Critical RCEs

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2025-10263

ARM: CVE-2025-10263 Completion of affected memory accesses might not be guaranteed by completion of a TLBI [kernel]

Exploitation Less Likely

No

9.3

CVE-2026-47643

Azure Stack Edge Remote Code Execution Vulnerability

Exploitation Unlikely

No

9.8

CVE-2026-44815

DHCP Client Service Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-47291

HTTP.sys Remote Code Execution Vulnerability

Exploitation More Likely

No

9.8

CVE-2026-26142

Nuance PowerScribe Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-47281

Visual Studio Code Elevation of Privilege Vulnerability

Exploitation Unlikely

No

9.6

CVE-2026-45602

Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability

Exploitation Less Likely

No

9.1

CVE-2026-45657

Windows Kernel Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-42904

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Unlikely

No

9.6

Patch Tuesday - May 2026

✇Rapid7 Cybersecurity Blog
By: Adam Barnett
12 May 2026 at 20:22

Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the Patch Tuesday count above.

Windows Netlogon: critical RCE

Anyone responsible for securing a domain controller should prioritize remediation of CVE-2026-41089, which is a critical stack-based buffer overflow in Windows Netlogon with a CVSS v3 base score of 9.8. Exploitation leads to execution in the context of the Netlogon service, so that’s SYSTEM privileges on the domain controller. For most pentesters, that’s the point at which the customer report more or less writes itself. No privileges or user interaction are required, and attack complexity is low, which suggests that creation of a reliable exploit might not be especially difficult for anyone with knowledge of the specific mechanism.

Microsoft assesses exploitation as less likely, but since those exploitability assessments are provided without an accompanying explanation, it’s not clear how much reassurance defenders should take. Anyone who remembers the much-discussed CVE-2020-1472 (aka ZeroLogon) back in 2020 will note that CVE-2026-41089 offers an attacker more immediate control of a domain controller. Patches are available for all versions of Windows Server from 2012 onwards.

Windows DNS Client: critical RCE

An attacker looking for a master key for Windows assets will pay attention to CVE-2026-41096, a critical RCE in the Windows DNS client implementation. A modern computer talks to DNS the way a child in the back of a car asks “are we there yet?” The variable and complex structure of DNS responses means that DNS client implementations are also complex and thus prone to flaws. Microsoft assesses exploitation as less likely, and we can hope that modern mitigations such as heap address randomization and optional-but-recommended encrypted channel DNS will make weaponization significantly more challenging by putting barriers across specific paths to exploitation. The DNS client on Windows runs as the NetworkService role, rather than SYSTEM, but a foothold is a foothold, and skilled attackers expect to chain exploits together.

JIRA/Confluence Entra ID auth plugin: critical EoP

If you’re still self-hosting Atlassian JIRA or Confluence and relying on the Microsoft Entra ID authentication plugin, you’ll want to know about CVE-2026-41103. This critical elevation of privilege vulnerability allows an unauthorized attacker to impersonate an existing user by presenting forged credentials, thus bypassing Entra ID. Microsoft expects that exploitation is more likely. Even if you can’t always find what you want on the corporate Confluence, a motivated attacker probably will. Curiously, the patch links on the advisory lead to older versions of the plugins published in 2024.

Microsoft WARP team

Microsoft’s WARP team is credited with multiple critical vulnerabilities today, after making their first appearance in MSRC advisory acknowledgements in last month’s Patch Tuesday. We can speculate that they likely know a great deal about the current state of AI-powered vulnerability research as it applies to Microsoft products.

Microsoft lifecycle update

There are no significant Microsoft product lifecycle changes this month. Microsoft .NET 9 STS (Standard Term Support, as distinct from Long Term Support) was originally scheduled to move past the end of support in May 2026, but late last year, Microsoft granted a six-month extension, so that .NET 9 STS now reaches end of support on November 10, 2026.

Summary charts

A bar chart showing vulnerability count by impact for Microsoft Patch Tuesday 2026-May
A bar chart showing vulnerability count by impact for Microsoft Patch Tuesday 2026-May

A heatmap showing distribution of impact type by component for Microsoft Patch Tuesday 2026-May

Summary tables

Apps vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-26129

M365 Copilot Information Disclosure Vulnerability

N/A

No

7.5

CVE-2026-26164

M365 Copilot Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-41614

M365 Copilot for Desktop Spoofing Vulnerability

Exploitation Less Likely

No

6.2

CVE-2026-41100

Microsoft 365 Copilot for Android Spoofing Vulnerability

Exploitation Unlikely

No

4.4

CVE-2026-42832

Microsoft Office Spoofing Vulnerability

Exploitation Unlikely

No

7.7

CVE-2026-41101

Microsoft Word for Android Spoofing Vulnerability

Exploitation Unlikely

No

7.1

Azure vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-35435

Azure AI Foundry Elevation of Privilege Vulnerability

Exploitation More Likely

No

8.6

CVE-2026-35428

Azure Cloud Shell Spoofing Vulnerability

N/A

No

9.6

CVE-2026-32207

Azure Machine Learning Notebook Spoofing Vulnerability

n/a

No

8.8

CVE-2026-33109

Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability

N/A

No

9.9

CVE-2026-33844

Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability

N/A

No

9.0

CVE-2026-41105

Azure Monitor Action Group Notification System Elevation of Privilege Vulnerability

N/A

No

8.1

CVE-2026-40379

Microsoft Enterprise Security Token Service (ESTS) Spoofing Vulnerability

N/A

No

9.3

CVE-2026-34327

Microsoft Partner Center Spoofing Vulnerability

N/A

No

8.2

CVE-2026-40381

Azure Connected Machine Agent Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42823

Azure Logic Apps Elevation of Privilege Vulnerability

Exploitation Less Likely

No

9.9

CVE-2026-33833

Azure Machine Learning Notebook Spoofing Vulnerability

Exploitation Less Likely

No

8.2

CVE-2026-32204

Azure Monitor Agent Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42830

Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-33117

Azure SDK for Java Security Feature Bypass Vulnerability

Exploitation Unlikely

No

9.1

CVE-2026-41103

Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability

Exploitation More Likely

No

9.1

CVE-2026-41086

Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

Browser vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-7898

Chromium: CVE-2026-7898 Use after free in Chromoting

n/a

No

CVE-2026-7899

Chromium: CVE-2026-7899 Out of bounds read and write in V8

n/a

No

CVE-2026-7900

Chromium: CVE-2026-7900 Heap buffer overflow in ANGLE

n/a

No

CVE-2026-7901

Chromium: CVE-2026-7901 Use after free in ANGLE

n/a

No

CVE-2026-7902

Chromium: CVE-2026-7902 Out of bounds memory access in V8

n/a

No

CVE-2026-7903

Chromium: CVE-2026-7903 Integer overflow in ANGLE

n/a

No

CVE-2026-7904

Chromium: CVE-2026-7904 Out of bounds read in Fonts

n/a

No

CVE-2026-7906

Chromium: CVE-2026-7906 Use after free in SVG

n/a

No

CVE-2026-7907

Chromium: CVE-2026-7907 Use after free in DOM

n/a

No

CVE-2026-7908

Chromium: CVE-2026-7908 Use after free in Fullscreen

n/a

No

CVE-2026-7909

Chromium: CVE-2026-7909 Inappropriate implementation in ServiceWorker

n/a

No

CVE-2026-7910

Chromium: CVE-2026-7910 Use after free in Views

n/a

No

CVE-2026-7911

Chromium: CVE-2026-7911 Use after free in Aura

n/a

No

CVE-2026-7914

Chromium: CVE-2026-7914 Type Confusion in Accessibility

n/a

No

CVE-2026-7916

Chromium: CVE-2026-7916 Insufficient data validation in InterestGroups

n/a

No

CVE-2026-7917

Chromium: CVE-2026-7917 Use after free in Fullscreen

n/a

No

CVE-2026-7918

Chromium: CVE-2026-7918 Use after free in GPU

n/a

No

CVE-2026-7919

Chromium: CVE-2026-7919 Use after free in Aura

n/a

No

CVE-2026-7920

Chromium: CVE-2026-7920 Use after free in Skia

n/a

No

CVE-2026-7921

Chromium: CVE-2026-7921 Use after free in Passwords

n/a

No

CVE-2026-7922

Chromium: CVE-2026-7922 Use after free in ServiceWorker

n/a

No

CVE-2026-7923

Chromium: CVE-2026-7923 Out of bounds write in Skia

n/a

No

CVE-2026-7924

Chromium: CVE-2026-7924 Uninitialized Use in Dawn

n/a

No

CVE-2026-7925

Chromium: CVE-2026-7925 Use after free in Chromoting

n/a

No

CVE-2026-7926

Chromium: CVE-2026-7926 Use after free in PresentationAPI

n/a

No

CVE-2026-7927

Chromium: CVE-2026-7927 Type Confusion in Runtime

n/a

No

CVE-2026-7928

Chromium: CVE-2026-7928 Use after free in WebRTC

n/a

No

CVE-2026-7929

Chromium: CVE-2026-7929 Use after free in MediaRecording

n/a

No

CVE-2026-7930

Chromium: CVE-2026-7930 Insufficient validation of untrusted input in Cookies

n/a

No

CVE-2026-7932

Chromium: CVE-2026-7932 Insufficient policy enforcement in Downloads

n/a

No

CVE-2026-7933

Chromium: CVE-2026-7933 Out of bounds read in WebCodecs

n/a

No

CVE-2026-7934

Chromium: CVE-2026-7934 Insufficient validation of untrusted input in Popup Blocker

n/a

No

CVE-2026-7935

Chromium: CVE-2026-7935 Inappropriate implementation in Speech

n/a

No

CVE-2026-7936

Chromium: CVE-2026-7936 Object lifecycle issue in V8

n/a

No

CVE-2026-7937

Chromium: CVE-2026-7937 Insufficient policy enforcement in DevTools

n/a

No

CVE-2026-7938

Chromium: CVE-2026-7938 Use after free in CSS

n/a

No

CVE-2026-7939

Chromium: CVE-2026-7939 Inappropriate implementation in SanitizerAPI

n/a

No

CVE-2026-7940

Chromium: CVE-2026-7940 Use after free in V8

n/a

No

CVE-2026-7942

Chromium: CVE-2026-7942 Integer overflow in ANGLE

n/a

No

CVE-2026-7943

Chromium: CVE-2026-7943 Insufficient validation of untrusted input in ANGLE

n/a

No

CVE-2026-7944

Chromium: CVE-2026-7944 Insufficient validation of untrusted input in Persistent Cache

n/a

No

CVE-2026-7945

Chromium: CVE-2026-7945 Insufficient validation of untrusted input in COOP

n/a

No

CVE-2026-7946

Chromium: CVE-2026-7946 Insufficient policy enforcement in WebUI

n/a

No

CVE-2026-7947

Chromium: CVE-2026-7947 Insufficient validation of untrusted input in Network

n/a

No

CVE-2026-7948

Chromium: CVE-2026-7948 Race in Chromoting

n/a

No

CVE-2026-7949

Chromium: CVE-2026-7949 Out of bounds read in Skia

n/a

No

CVE-2026-7950

Chromium: CVE-2026-7950 Out of bounds read and write in GFX

n/a

No

CVE-2026-7951

Chromium: CVE-2026-7951 Out of bounds write in WebRTC

n/a

No

CVE-2026-7952

Chromium: CVE-2026-7952 Insufficient policy enforcement in Extensions

n/a

No

CVE-2026-7953

Chromium: CVE-2026-7953 Insufficient validation of untrusted input in Omnibox

n/a

No

CVE-2026-7954

Chromium: CVE-2026-7954 Race in Shared Storage

n/a

No

CVE-2026-7955

Chromium: CVE-2026-7955 Uninitialized Use in GPU

n/a

No

CVE-2026-7956

Chromium: CVE-2026-7956 Use after free in Navigation

n/a

No

CVE-2026-7957

Chromium: CVE-2026-7957 Out of bounds write in Media

n/a

No

CVE-2026-7958

Chromium: CVE-2026-7958 Inappropriate implementation in ServiceWorker

n/a

No

CVE-2026-7959

Chromium: CVE-2026-7959 Inappropriate implementation in Navigation

n/a

No

CVE-2026-7960

Chromium: CVE-2026-7960 Race in Speech

n/a

No

CVE-2026-7961

Chromium: CVE-2026-7961 Insufficient validation of untrusted input in Permissions

n/a

No

CVE-2026-7962

Chromium: CVE-2026-7962 Insufficient policy enforcement in DirectSockets

n/a

No

CVE-2026-7963

Chromium: CVE-2026-7963 Inappropriate implementation in ServiceWorker

n/a

No

CVE-2026-7964

Chromium: CVE-2026-7964 Insufficient validation of untrusted input in FileSystem

n/a

No

CVE-2026-7965

Chromium: CVE-2026-7965 Insufficient validation of untrusted input in DevTools

n/a

No

CVE-2026-7966

Chromium: CVE-2026-7966 Insufficient validation of untrusted input in SiteIsolation

n/a

No

CVE-2026-7967

Chromium: CVE-2026-7967 Insufficient validation of untrusted input in Navigation

n/a

No

CVE-2026-7968

Chromium: CVE-2026-7968 Insufficient validation of untrusted input in CORS

n/a

No

CVE-2026-7969

Chromium: CVE-2026-7969 Integer overflow in Network

n/a

No

CVE-2026-7970

Chromium: CVE-2026-7970 Use after free in TopChrome

n/a

No

CVE-2026-7971

Chromium: CVE-2026-7971 Inappropriate implementation in ORB

n/a

No

CVE-2026-7972

Chromium: CVE-2026-7972 Uninitialized Use in GPU

n/a

No

CVE-2026-7973

Chromium: CVE-2026-7973 Integer overflow in Dawn

n/a

No

CVE-2026-7974

Chromium: CVE-2026-7974 Use after free in Blink

n/a

No

CVE-2026-7975

Chromium: CVE-2026-7975 Use after free in DevTools

n/a

No

CVE-2026-7976

Chromium: CVE-2026-7976 Use after free in Views

n/a

No

CVE-2026-7977

Chromium: CVE-2026-7977 Inappropriate implementation in Canvas

n/a

No

CVE-2026-7978

Chromium: CVE-2026-7978 Inappropriate implementation in Companion

n/a

No

CVE-2026-7979

Chromium: CVE-2026-7979 Inappropriate implementation in Media

n/a

No

CVE-2026-7980

Chromium: CVE-2026-7980 Use after free in WebAudio

n/a

No

CVE-2026-7981

Chromium: CVE-2026-7981 Out of bounds read in Codecs

n/a

No

CVE-2026-7982

Chromium: CVE-2026-7982 Uninitialized Use in WebCodecs

n/a

No

CVE-2026-7983

Chromium: CVE-2026-7983 Out of bounds read in Dawn

n/a

No

CVE-2026-7984

Chromium: CVE-2026-7984 Use after free in ReadingMode

n/a

No

CVE-2026-7985

Chromium: CVE-2026-7985 Use after free in GPU

n/a

No

CVE-2026-7986

Chromium: CVE-2026-7986 Insufficient policy enforcement in Autofill

n/a

No

CVE-2026-7987

Chromium: CVE-2026-7987 Use after free in WebRTC

n/a

No

CVE-2026-7988

Chromium: CVE-2026-7988 Type Confusion in WebRTC

n/a

No

CVE-2026-7989

Chromium: CVE-2026-7989 Insufficient data validation in DataTransfer

n/a

No

CVE-2026-7990

Chromium: CVE-2026-7990 Insufficient validation of untrusted input in Updater

n/a

No

CVE-2026-7991

Chromium: CVE-2026-7991 Use after free in UI

n/a

No

CVE-2026-7992

Chromium: CVE-2026-7992 Insufficient validation of untrusted input in UI

n/a

No

CVE-2026-7994

Chromium: CVE-2026-7994 Inappropriate implementation in Chromoting

n/a

No

CVE-2026-7995

Chromium: CVE-2026-7995 Out of bounds read in AdFilter

n/a

No

CVE-2026-7996

Chromium: CVE-2026-7996 Insufficient validation of untrusted input in SSL

n/a

No

CVE-2026-7997

Chromium: CVE-2026-7997 Insufficient validation of untrusted input in Updater

n/a

No

CVE-2026-7998

Chromium: CVE-2026-7998 Insufficient validation of untrusted input in Dialog

n/a

No

CVE-2026-7999

Chromium: CVE-2026-7999 Inappropriate implementation in V8

n/a

No

CVE-2026-8000

Chromium: CVE-2026-8000 Insufficient validation of untrusted input in ChromeDriver

n/a

No

CVE-2026-8001

Chromium: CVE-2026-8001 Use after free in Printing

n/a

No

CVE-2026-8002

Chromium: CVE-2026-8002 Use after free in Audio

n/a

No

CVE-2026-8003

Chromium: CVE-2026-8003 Insufficient validation of untrusted input in TabGroups

n/a

No

CVE-2026-8004

Chromium: CVE-2026-8004 Insufficient policy enforcement in DevTools

n/a

No

CVE-2026-8005

Chromium: CVE-2026-8005 Insufficient validation of untrusted input in Cast

n/a

No

CVE-2026-8006

Chromium: CVE-2026-8006 Insufficient policy enforcement in DevTools

n/a

No

CVE-2026-8007

Chromium: CVE-2026-8007 Insufficient validation of untrusted input in Cast

n/a

No

CVE-2026-8008

Chromium: CVE-2026-8008 Inappropriate implementation in DevTools

n/a

No

CVE-2026-8009

Chromium: CVE-2026-8009 Inappropriate implementation in Cast

n/a

No

CVE-2026-8010

Chromium: CVE-2026-8010 Insufficient validation of untrusted input in SiteIsolation

n/a

No

CVE-2026-8011

Chromium: CVE-2026-8011 Insufficient policy enforcement in Search

n/a

No

CVE-2026-8012

Chromium: CVE-2026-8012 Inappropriate implementation in MHTML

n/a

No

CVE-2026-8013

Chromium: CVE-2026-8013 Insufficient validation of untrusted input in FedCM

n/a

No

CVE-2026-8014

Chromium: CVE-2026-8014 Inappropriate implementation in Preload

n/a

No

CVE-2026-8015

Chromium: CVE-2026-8015 Inappropriate implementation in Media

n/a

No

CVE-2026-8016

Chromium: CVE-2026-8016 Use after free in WebRTC

n/a

No

CVE-2026-8017

Chromium: CVE-2026-8017 Side-channel information leakage in Media

n/a

No

CVE-2026-8018

Chromium: CVE-2026-8018 Insufficient policy enforcement in DevTools

n/a

No

CVE-2026-8019

Chromium: CVE-2026-8019 Insufficient policy enforcement in WebApp

n/a

No

CVE-2026-8021

Chromium: CVE-2026-8021 Script injection in UI

n/a

No

CVE-2026-8022

Chromium: CVE-2026-8022 Inappropriate implementation in MHTML

n/a

No

CVE-2026-33111

Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-7896

Chromium: CVE-2026-7896 Integer overflow in Blink

n/a

No

CVE-2026-7897

Chromium: CVE-2026-7897 Use after free in Mobile

n/a

No

CVE-2026-7905

Chromium: CVE-2026-7905 Insufficient validation of untrusted input in Media

n/a

No

CVE-2026-7912

Chromium: CVE-2026-7912 Integer overflow in GPU

n/a

No

CVE-2026-7913

Chromium: CVE-2026-7913 Insufficient policy enforcement in DevTools

n/a

No

CVE-2026-7915

Chromium: CVE-2026-7915 Insufficient data validation in DevTools

n/a

No

CVE-2026-7931

Chromium: CVE-2026-7931 Insufficient validation of untrusted input in iOS

n/a

No

CVE-2026-7941

Chromium: CVE-2026-7941 Insufficient validation of untrusted input in Mobile

n/a

No

CVE-2026-7993

Chromium: CVE-2026-7993 Insufficient validation of untrusted input in Payments

n/a

No

CVE-2026-8020

Chromium: CVE-2026-8020 Uninitialized Use in GPU

n/a

No

CVE-2026-42838

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

5.4

CVE-2026-42891

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

Exploitation Unlikely

No

6.5

CVE-2026-35429

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

Exploitation Unlikely

No

4.3

CVE-2026-40416

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

Exploitation Unlikely

No

4.3

CVE-2026-41107

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Exploitation Less Likely

No

7.4

Developer Tools vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-42826

Azure DevOps Information Disclosure Vulnerability

N/A

No

10.0

CVE-2026-32175

.NET Core Tampering Vulnerability

Exploitation Less Likely

No

4.3

CVE-2026-32177

.NET Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.3

CVE-2026-35433

.NET Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.3

CVE-2026-42899

ASP.NET Core Denial of Service Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-41109

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-41094

Microsoft Data Formulator Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-41613

Visual Studio Code Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-41612

Visual Studio Code Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-41611

Visual Studio Code Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-41610

Visual Studio Code Security Feature Bypass Vulnerability

Exploitation Less Likely

No

6.3

ESU vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2025-54518

AMD: CVE-2025-54518 CPU OP Cache Corruption

Exploitation Unlikely

No

CVE-2026-41095

Data Deduplication Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-35424

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-40377

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34329

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-41097

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

6.7

CVE-2026-33839

Win32k Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-34330

Win32k Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-34331

Win32k Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-35423

Windows 11 Telnet Client Information Disclosure Vulnerability

Exploitation Unlikely

No

5.4

CVE-2026-34344

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34345

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-35416

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-41088

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-34343

Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-35418

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-33835

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-34337

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40407

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-40397

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-34336

Windows DWM Core Library Information Disclosure Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-33834

Windows Event Logging Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32209

Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability

Exploitation Unlikely

No

4.4

CVE-2026-35421

Windows GDI Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-40403

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-33841

Windows Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-35420

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34339

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-34341

Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-33838

Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32161

Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-41089

Windows Netlogon Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-34342

Windows Print Spooler Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-34340

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-40398

Windows Remote Desktop Services Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-21530

Windows Rich Text Edit Elevation of Privilege Vulnerability

Exploitation Less Likely

No

6.7

CVE-2026-32170

Windows Rich Text Edit Elevation of Privilege Vulnerability

Exploitation Less Likely

No

6.7

CVE-2026-40410

Windows SMB Client Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-35415

Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40414

Windows TCP/IP Denial of Service Vulnerability

Exploitation Unlikely

No

7.4

CVE-2026-40401

Windows TCP/IP Denial of Service Vulnerability

Exploitation Unlikely

No

7.1

CVE-2026-40413

Windows TCP/IP Denial of Service Vulnerability

Exploitation Less Likely

No

7.4

CVE-2026-35422

Windows TCP/IP Driver Security Feature Bypass Vulnerability

Exploitation Unlikely

No

6.5

CVE-2026-34351

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40399

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34334

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-40406

Windows TCP/IP Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-33837

Windows TCP/IP Local Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-40415

Windows TCP/IP Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.1

CVE-2026-42825

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-34338

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40382

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40380

Windows Volume Manager Extension Driver Remote Code Execution Vulnerability

Exploitation Less Likely

No

6.2

CVE-2026-40408

Windows WAN ARP Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34333

Windows Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34347

Windows Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-35417

Windows Win32k Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

Mariner vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-7598

libssh2 userauth.c userauth_password integer overflow

n/a

No

7.3

CVE-2026-43870

Apache Thrift: Node.js web_server.js multi-vulnerability

n/a

No

7.3

CVE-2026-43868

Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern

n/a

No

5.3

CVE-2026-43869

Apache Thrift: TSSLTransportFactory.java hostname verification

n/a

No

7.3

Microsoft Dynamics vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-33821

Microsoft Dynamics 365 Customer Insights Elevation of Privilege Vulnerability

N/A

No

7.7

CVE-2026-40417

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-42898

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Exploitation Unlikely

No

9.9

CVE-2026-42833

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.1

CVE-2026-40374

Microsoft Power Automate Desktop Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

Open Source Software vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-31706

ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl()

n/a

No

8.8

CVE-2026-31723

usb: gadget: f_subset: Fix net_device lifecycle with device_move

n/a

No

7.8

CVE-2026-31724

usb: gadget: f_eem: Fix net_device lifecycle with device_move

n/a

No

7.8

CVE-2026-43053

xfs: close crash window in attr dabtree inactivation

n/a

No

5.5

CVE-2026-43048

HID: core: Mitigate potential OOB by removing bogus memset()

n/a

No

8.8

CVE-2026-31777

ALSA: ctxfi: Check the error for index mapping

n/a

No

7.0

CVE-2026-31722

usb: gadget: f_rndis: Fix net_device lifecycle with device_move

n/a

No

7.8

CVE-2026-43036

net: use skb_header_pointer() for TCPv4 GSO frag_off check

n/a

No

5.5

CVE-2026-31769

gpib: fix use-after-free in IO ioctl handlers

n/a

No

CVE-2026-31707

ksmbd: validate response sizes in ipc_validate_msg()

n/a

No

7.1

CVE-2026-31725

usb: gadget: f_ecm: Fix net_device lifecycle with device_move

n/a

No

7.8

CVE-2026-43049

HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure

n/a

No

7.0

CVE-2026-43022

Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists

n/a

No

CVE-2026-43042

mpls: add seqcount to protect the platform_label{,s} pair

n/a

No

7.1

CVE-2026-31771

Bluetooth: hci_event: move wake reason storage into validated event handlers

n/a

No

8.1

CVE-2026-43052

wifi: mac80211: check tdls flag in ieee80211_tdls_oper

n/a

No

7.0

CVE-2026-31709

smb: client: validate the whole DACL before rewriting it in cifsacl

n/a

No

8.8

CVE-2026-43021

Bluetooth: hci_sync: fix leaks when hci_cmd_sync_queue_once fails

n/a

No

CVE-2026-31712

ksmbd: require minimum ACE size in smb_check_perm_dacl()

n/a

No

8.3

CVE-2026-43010

bpf: Reject sleepable kprobe_multi programs at attach time

n/a

No

5.5

CVE-2026-43019

Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync

n/a

No

7.8

CVE-2026-31729

usb: typec: ucsi: validate connector number in ucsi_notify_common()

n/a

No

7.0

CVE-2026-43045

mshv: Fix error handling in mshv_region_pin

n/a

No

CVE-2026-43009

bpf: Fix incorrect pruning due to atomic fetch precision tracking

n/a

No

7.8

CVE-2026-31715

f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()

n/a

No

5.5

CVE-2026-31697

crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed

n/a

No

7.1

CVE-2026-31721

usb: gadget: f_hid: move list and spinlock inits from bind to alloc

n/a

No

7.8

CVE-2026-31711

smb: server: fix active_num_conn leak on transport allocation failure

n/a

No

7.5

CVE-2026-31699

crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed

n/a

No

7.1

CVE-2026-31694

fuse: reject oversized dirents in page cache

n/a

No

7.8

CVE-2026-31705

ksmbd: fix out-of-bounds write in smb2_get_ea() EA alignment

n/a

No

9.8

CVE-2026-43033

crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption

n/a

No

7.8

CVE-2026-31696

rxrpc: Fix missing validation of ticket length in non-XDR key preparsing

n/a

No

5.5

CVE-2026-31698

crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed

n/a

No

7.1

CVE-2026-31704

ksmbd: use check_add_overflow() to prevent u16 DACL size overflow

n/a

No

7.5

CVE-2026-31702

f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()

n/a

No

7.8

CVE-2026-31708

smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path

n/a

No

8.1

CVE-2026-31700

net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()

n/a

No

7.8

CVE-2026-7598

libssh2 userauth.c userauth_password integer overflow

n/a

No

7.3

CVE-2026-43058

media: vidtv: fix pass-by-value structs causing MSAN warnings

n/a

No

7.1

CVE-2026-37457

n/a

No

7.5

CVE-2026-43964

n/a

No

3.7

CVE-2026-43037

ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

n/a

No

7.0

CVE-2026-33190

CoreDNS TSIG authentication bypass on encrypted DNS transports

n/a

No

CVE-2026-33489

CoreDNS transfer plugin subzone ACL bypass via lexicographic zone comparison

n/a

No

CVE-2026-32936

CoreDNS DoH GET path missing size validation causes CPU and memory amplification

n/a

No

CVE-2026-32934

CoreDNS DNS-over-QUIC unbounded goroutine growth leads to denial of service

n/a

No

CVE-2026-35579

CoreDNS TSIG authentication bypass on gRPC, QUIC, DoH, and DoH3 transports

n/a

No

CVE-2026-43073

x86-64: rename misleadingly named '__copy_user_nocache()' function

n/a

No

2.5

CVE-2026-42151

Prometheus Azure AD remote write OAuth client secret exposed via config API

n/a

No

7.5

CVE-2026-42154

Prometheus: remote read endpoint allows denial of service via crafted snappy payload

n/a

No

7.5

CVE-2026-43125

dlm: validate length in dlm_search_rsb_tree

n/a

No

7.8

CVE-2026-43248

vhost: move vdpa group bound check to vhost_vdpa

n/a

No

7.1

CVE-2026-43176

wifi: rtw89: pci: validate release report content before using for RTL8922DE

n/a

No

7.0

CVE-2026-43204

ASoC: qcom: q6asm: drop DSP responses for closed data streams

n/a

No

5.5

CVE-2026-43131

drm/amd/pm: Fix null pointer dereference issue

n/a

No

5.5

CVE-2026-43126

ALSA: mixer: oss: Add card disconnect checkpoints

n/a

No

5.5

CVE-2026-43127

ntfs3: fix circular locking dependency in run_unpack_ex

n/a

No

5.5

CVE-2026-43161

iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode

n/a

No

5.5

CVE-2026-43198

tcp: fix potential race in tcp_v6_syn_recv_sock()

n/a

No

4.8

CVE-2026-43245

ntfs: ->d_compare() must not block

n/a

No

7.1

CVE-2025-71290

misc: ti_fpc202: fix a potential memory leak in probe function

n/a

No

5.5

CVE-2026-43137

ASoC: SOF: Intel: hda: Fix NULL pointer dereference

n/a

No

5.5

CVE-2026-43115

srcu: Use irq_work to start GP in tiny SRCU

n/a

No

5.5

CVE-2026-43234

team: avoid NETDEV_CHANGEMTU event when unregistering slave

n/a

No

5.5

CVE-2025-71293

drm/amdgpu/ras: Move ras data alloc before bad page check

n/a

No

5.5

CVE-2026-43172

wifi: iwlwifi: fix 22000 series SMEM parsing

n/a

No

5.3

CVE-2025-71285

net: qrtr: Drop the MHI auto_queue feature for IPCR DL channels

n/a

No

4.7

CVE-2026-43197

netconsole: avoid OOB reads, msg is not nul-terminated

n/a

No

5.5

CVE-2026-43185

ksmbd: fix signededness bug in smb_direct_prepare_negotiation()

n/a

No

5.5

CVE-2025-71273

wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band()

n/a

No

5.3

CVE-2026-43118

btrfs: fix zero size inode with non-zero size after log replay

n/a

No

3.3

CVE-2026-43109

x86: shadow stacks: proper error handling for mmap lock

n/a

No

7.1

CVE-2026-43153

xfs: remove xfs_attr_leaf_hasname

n/a

No

7.1

CVE-2026-43129

ima: verify the previous kernel's IMA buffer lies in addressable RAM

n/a

No

5.5

CVE-2026-43116

netfilter: ctnetlink: ensure safe access to master conntrack

n/a

No

7.1

CVE-2026-43274

mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq()

n/a

No

7.1

CVE-2026-43244

kcm: fix zero-frag skb in frag_list on partial sendmsg error

n/a

No

5.5

CVE-2026-43191

drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35

n/a

No

5.5

CVE-2026-43258

alpha: fix user-space corruption during memory compaction

n/a

No

5.5

CVE-2025-71289

fs/ntfs3: handle attr_set_size() errors when truncating files

n/a

No

7.1

CVE-2026-43107

xfrm: account XFRMA_IF_ID in aevent size calculation

n/a

No

5.5

CVE-2026-43243

drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src

n/a

No

5.5

CVE-2025-71294

drm/amdgpu: fix NULL pointer issue buffer funcs

n/a

No

5.5

CVE-2026-43250

usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke()

n/a

No

7.1

CVE-2026-43237

drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4

n/a

No

5.5

CVE-2026-43201

APEI/GHES: ARM processor Error: don't go past allocated memory

n/a

No

5.5

CVE-2026-43219

net: cpsw_new: Fix potential unregister of netdev that has not been registered yet

n/a

No

7.1

CVE-2026-43165

hwmon: (nct7363) Fix a resource leak in nct7363_present_pwm_fanin

n/a

No

5.5

CVE-2026-43088

net: af_key: zero aligned sockaddr tail in PF_KEY exports

n/a

No

7.1

CVE-2026-43195

drm/amdgpu: validate user queue size constraints

n/a

No

7.1

CVE-2025-71272

most: core: fix resource leak in most_register_interface error paths

n/a

No

5.5

CVE-2026-43213

wifi: rtw89: pci: validate sequence number of TX release report

n/a

No

7.0

CVE-2026-43228

hfs: Replace BUG_ON with error handling for CNID count checks

n/a

No

7.1

CVE-2026-43216

net: Drop the lock in skb_may_tx_timestamp()

n/a

No

5.5

CVE-2026-43119

Bluetooth: hci_sync: annotate data-races around hdev->req_status

n/a

No

5.3

CVE-2026-43267

wifi: rtw89: fix potential zero beacon interval in beacon tracking

n/a

No

7.0

CVE-2026-43101

ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()

n/a

No

7.0

CVE-2026-43199

net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query

n/a

No

7.0

CVE-2026-43083

net: ioam6: fix OOB and missing lock

n/a

No

7.0

CVE-2026-43870

Apache Thrift: Node.js web_server.js multi-vulnerability

n/a

No

7.3

CVE-2026-43868

Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern

n/a

No

5.3

CVE-2026-33523

Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status line

n/a

No

6.5

CVE-2026-23918

Apache HTTP Server: http2: double free and possible RCE on early reset

n/a

No

8.8

CVE-2026-34059

Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data()

n/a

No

7.5

CVE-2026-34032

Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)

n/a

No

5.3

CVE-2026-24072

Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr

n/a

No

8.8

CVE-2026-33006

Apache HTTP Server: mod_auth_digest timing attack

n/a

No

4.8

CVE-2026-33007

Apache HTTP Server: mod_authn_socache crash

n/a

No

5.3

CVE-2026-29169

Apache HTTP Server: mod_dav_lock indirect lock crash

n/a

No

7.5

CVE-2026-29168

Apache HTTP Server: mod_md unrestricted OCSP response

n/a

No

7.3

CVE-2026-33857

Apache HTTP Server: Off-by-one OOB reads in AJP getter functions

n/a

No

5.3

CVE-2026-41672

xmldom: XML node injection through unvalidated comment serialization

n/a

No

CVE-2026-41674

xmldom: XML injection through unvalidated DocumentType serialization

n/a

No

CVE-2026-41675

xmldom: XML node injection through unvalidated processing instruction serialization

n/a

No

CVE-2026-41673

xmldom: Denial of service via uncontrolled recursion in XML serialization

n/a

No

CVE-2026-25243

redis-server RESTORE invalid memory access may allow remote code execution

n/a

No

CVE-2026-23631

redis-server Lua use-after-free may allow remote code execution

n/a

No

CVE-2026-31717

ksmbd: validate owner of durable handle on reconnect

n/a

No

8.8

CVE-2026-31718

ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger

n/a

No

9.8

CVE-2026-23479

redis-server use-after-free in unblock client flow may allow remote code execution

n/a

No

CVE-2026-25588

RedisTimeSeries RESTORE invalid memory access may allow remote code execution

n/a

No

CVE-2026-25589

RedisBloom RESTORE invalid memory access may allow remote code execution

n/a

No

CVE-2026-43474

fs: init flags_valid before calling vfs_fileattr_get

n/a

No

CVE-2026-43338

btrfs: reserve enough transaction items for qgroup ioctls

n/a

No

CVE-2025-71302

drm/panthor: fix for dma-fence safe access rules

n/a

No

CVE-2026-43318

drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify

n/a

No

7.1

CVE-2026-43309

md raid: fix hang when stopping arrays with metadata through dm-raid

n/a

No

5.5

CVE-2026-43416

powerpc, perf: Check that current->mm is alive before getting user callchain

n/a

No

CVE-2025-71299

spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing

n/a

No

5.5

CVE-2026-43284

xfrm: esp: avoid in-place decrypt on shared skb frags

n/a

No

7.8

CVE-2026-43352

i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue

n/a

No

5.5

CVE-2026-43300

drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()

n/a

No

5.5

CVE-2026-43331

x86/kexec: Disable KCOV instrumentation after load_segments()

n/a

No

CVE-2026-43320

drm/amd/display: Fix dsc eDP issue

n/a

No

CVE-2026-43306

bpf: crypto: Use the correct destructor kfunc type

n/a

No

7.0

CVE-2026-43443

ASoC: amd: acp-mach-common: Add missing error check for clock acquisition

n/a

No

CVE-2026-43317

most: core: fix leak on early registration failure

n/a

No

CVE-2026-43319

spi: spidev: fix lock inversion between spi_lock and buf_lock

n/a

No

CVE-2026-43303

mm/page_alloc: clear page->private in free_pages_prepare()

n/a

No

7.0

CVE-2026-43344

perf/x86/intel/uncore: Fix die ID init and look up bugs

n/a

No

CVE-2026-43321

bpf: Properly mark live registers for indirect jumps

n/a

No

7.8

CVE-2026-43456

bonding: fix type confusion in bond_setup_by_slave()

n/a

No

5.5

CVE-2026-43305

drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path

n/a

No

5.5

CVE-2026-43298

drm/amdgpu: Skip vcn poison irq release on VF

n/a

No

7.8

CVE-2026-43299

btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure()

n/a

No

5.5

CVE-2026-43400

drm/amdgpu: add upper bound check on user inputs in signal ioctl

n/a

No

CVE-2026-43310

media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC

n/a

No

5.5

CVE-2026-43294

drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels

n/a

No

5.5

CVE-2026-43353

i3c: mipi-i3c-hci: Fix race in DMA ring dequeue

n/a

No

7.8

CVE-2026-43292

mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node

n/a

No

5.5

CVE-2026-43398

drm/amdgpu: add upper bound check on user inputs in wait ioctl

n/a

No

CVE-2026-43311

soc/tegra: pmc: Fix unsafe generic_handle_irq() call

n/a

No

5.5

CVE-2026-43421

usb: gadget: f_ncm: Fix net_device lifecycle with device_move

n/a

No

CVE-2026-43308

btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()

n/a

No

5.5

CVE-2026-37458

n/a

No

6.5

CVE-2026-37459

n/a

No

7.5

CVE-2026-33846

Gnutls: gnutls: denial of service via heap buffer overflow in dtls handshake fragment reassembly

n/a

No

7.5

CVE-2026-6664

PgBouncer integer overflow in PgBouncer network packet parsing

n/a

No

7.5

CVE-2026-6665

PgBouncer buffer overflow in SCRAM

n/a

No

8.1

CVE-2026-6667

PgBouncer missing authorization check in KILL_CLIENT admin command

n/a

No

4.3

CVE-2026-6666

PgBouncer crash in kill_pool_logins_server_error

n/a

No

5.9

CVE-2026-45130

Vim: Heap Buffer Overflow in spell file loading

n/a

No

6.6

CVE-2026-44656

Vim: OS Command Injection via 'path' completion

n/a

No

CVE-2026-33811

Crash when handling long CNAME response in net

n/a

No

7.5

CVE-2026-33814

Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net

n/a

No

7.5

CVE-2026-39817

Invoking "go tool pack" does not sanitize output paths in cmd/go

n/a

No

5.9

CVE-2026-39819

Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go

n/a

No

5.3

CVE-2026-39820

Quadratic string concatentation in consumeComment in net/mail

n/a

No

7.5

CVE-2026-39823

Bypass of meta content URL escaping causes XSS in html/template

n/a

No

6.1

CVE-2026-39825

ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil

n/a

No

5.3

CVE-2026-39826

Escaper bypass leads to XSS in html/template

n/a

No

6.1

CVE-2026-39836

Panic in Dial and LookupPort when handling NUL byte on Windows in net

n/a

No

7.5

CVE-2026-42499

Quadratic string concatenation in consumePhrase in net/mail

n/a

No

7.5

CVE-2026-42501

Malicious module proxy can bypass checksum database in cmd/go

n/a

No

7.5

CVE-2026-33079

Mistune ReDoS in LINK_TITLE_RE allows denial of service with crafted Markdown titles

n/a

No

CVE-2026-41889

pgx: SQL Injection via placeholder confusion with dollar quoted string literals

n/a

No

CVE-2026-42257

net-imap: Command Injection via "raw" arguments to multiple commands

n/a

No

CVE-2026-42258

net-imap: Command Injection via unvalidated Symbol inputs

n/a

No

CVE-2026-42256

net-imap: Denial of service via high iteration count for `SCRAM-*` authentication

n/a

No

CVE-2026-42246

net-imap vulnerable to STARTTLS stripping via invalid response timing

n/a

No

CVE-2026-45186

n/a

No

2.9

CVE-2026-7261

SoapServer session-persisted object use-after-free via SOAP header fault

n/a

No

CVE-2026-7258

Out-of-bounds read in urldecode() on NetBSD

n/a

No

CVE-2026-6722

Use-After-Free in SOAP using Apache map

n/a

No

CVE-2026-6735

XSS within PHP-FPM status endpoint

n/a

No

CVE-2026-7262

NULL pointer dereference in SOAP apache:Map decoder with missing <value>

n/a

No

CVE-2025-14179

SQL injection in pdo_firebird via NUL bytes in quoted strings

n/a

No

CVE-2026-7568

Signed integer overflow in metaphone()

n/a

No

CVE-2026-7259

Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

n/a

No

CVE-2026-43500

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

n/a

No

7.8

SQL Server vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-40370

SQL Server Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

Windows vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2025-54518

AMD: CVE-2025-54518 CPU OP Cache Corruption

Exploitation Unlikely

No

CVE-2026-41095

Data Deduplication Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-35424

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-40377

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34329

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-41097

Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

6.7

CVE-2026-33839

Win32k Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-33840

Win32k Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-34330

Win32k Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-34331

Win32k Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-35423

Windows 11 Telnet Client Information Disclosure Vulnerability

Exploitation Unlikely

No

5.4

CVE-2026-35438

Windows Admin Center Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.3

CVE-2026-34344

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34345

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-35416

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-41088

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-34343

Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-35418

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-33835

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-34337

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40407

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-40397

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-41096

Windows DNS Client Remote Code Execution Vulnerability

Exploitation Unlikely

No

9.8

CVE-2026-42896

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-35419

Windows DWM Core Library Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-34336

Windows DWM Core Library Information Disclosure Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-33834

Windows Event Logging Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32209

Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability

Exploitation Unlikely

No

4.4

CVE-2026-35421

Windows GDI Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-40403

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-40402

Windows Hyper-V Elevation of Privilege Vulnerability

Exploitation Less Likely

No

9.3

CVE-2026-33841

Windows Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-35420

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40369

Windows Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-34332

Windows Kernel-Mode Driver Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.0

CVE-2026-34339

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-34341

Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-33838

Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32161

Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-41089

Windows Netlogon Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-34342

Windows Print Spooler Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-34340

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-40398

Windows Remote Desktop Services Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-21530

Windows Rich Text Edit Elevation of Privilege Vulnerability

Exploitation Less Likely

No

6.7

CVE-2026-32170

Windows Rich Text Edit Elevation of Privilege Vulnerability

Exploitation Less Likely

No

6.7

CVE-2026-40410

Windows SMB Client Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-35415

Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34350

Windows Storport Miniport Driver Denial of Service Vulnerability

Exploitation Unlikely

No

6.5

CVE-2026-40405

Windows TCP/IP Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-40414

Windows TCP/IP Denial of Service Vulnerability

Exploitation Unlikely

No

7.4

CVE-2026-40401

Windows TCP/IP Denial of Service Vulnerability

Exploitation Unlikely

No

7.1

CVE-2026-40413

Windows TCP/IP Denial of Service Vulnerability

Exploitation Less Likely

No

7.4

CVE-2026-35422

Windows TCP/IP Driver Security Feature Bypass Vulnerability

Exploitation Unlikely

No

6.5

CVE-2026-34351

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40399

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34334

Windows TCP/IP Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-40406

Windows TCP/IP Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-33837

Windows TCP/IP Local Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-40415

Windows TCP/IP Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.1

CVE-2026-42825

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-34338

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40382

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-40380

Windows Volume Manager Extension Driver Remote Code Execution Vulnerability

Exploitation Less Likely

No

6.2

CVE-2026-40408

Windows WAN ARP Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34333

Windows Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-34347

Windows Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-35417

Windows Win32k Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

Critical RCEs and EoPs

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-33109

Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability

N/A

No

9.9

CVE-2026-33844

Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability

N/A

No

9.0

CVE-2026-42823

Azure Logic Apps Elevation of Privilege Vulnerability

Exploitation Less Likely

No

9.9

CVE-2026-42898

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Exploitation Unlikely

No

9.9

CVE-2026-42833

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.1

CVE-2026-41103

Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability

Exploitation More Likely

No

9.1

CVE-2026-41096

Windows DNS Client Remote Code Execution Vulnerability

Exploitation Unlikely

No

9.8

CVE-2026-40402

Windows Hyper-V Elevation of Privilege Vulnerability

Exploitation Less Likely

No

9.3

CVE-2026-41089

Windows Netlogon Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

Patch Tuesday - April 2026

✇Rapid7 Cybersecurity Blog
By: Adam Barnett
14 April 2026 at 17:48

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation. So far this month, Microsoft has provided patches to address 80 browser vulnerabilities, which are not included in the Patch Tuesday count above.

Increasing volumes of vulnerabilities

Regular Patch Tuesday watchers will know that these vulnerability totals are significantly higher than usual, especially the browser numbers. Late last week, Microsoft published patches to resolve more than 60 browser vulnerabilities in a single day, which is a new record in that very specific category.

A bar chart showing the number of Microsoft browser advisories per day from 2017 to 2026. A significant spike is visible in April 2026.

It might be tempting to imagine that this sudden spike was tied to the buzz around the announcement a week ago today of Project Glasswing, but this is not the case. Edge is based on the Chromium engine, and the Chromium maintainers acknowledge a wide range of researchers for the vulnerabilities which Microsoft republished last Friday. This reflects a significant industry-wide uptick in the volume of vulnerability reports over the past few weeks. A safe conclusion is that this increase in volume is driven by ever-expanding AI capabilities. We should expect to see further increases in vulnerability reporting volume as the impact of AI models extend further, both in terms of capability and availability.

SharePoint: zero-day spoofing

When everything is changing rapidly, it can be tempting to look to familiar things for comfort. SharePoint admins should start by addressing CVE-2026-32201, an exploited-in-the-wild spoofing vulnerability. The advisory doesn’t offer much detail, but does mention CWE-20: Improper Input Validation and low impact to confidentiality and integrity, with no impact to availability. Of course, the greatest attacker impact is typically achieved by chaining together multiple vulnerabilities that by themselves might not seem so bad.

Ever-increasing novel AI capabilities in offensive cybersecurity now appear to provide real competition for all but the most elite human researchers; if it was ever valid to suppose that a vulnerability with a CVSS v3 base score of 6.5 was unlikely to cause much pain, it’s certainly not a safe defensive assumption in 2026. Patches are available for all supported versions of SharePoint, including SharePoint 2016, which moves beyond extended support on July 14, 2026.

Defender: zero-day elevation of privilege

Microsoft Defender receives a patch today for CVE-2026-33825, a local privilege escalation vulnerability for which Microsoft is aware of public disclosure. Successful exploitation leads to SYSTEM privileges, so this is certainly worth patching sooner rather than later. Microsoft points out that no action should be required to install this update, since the Microsoft Defender Antimalware Platform automatically updates by default. A further silver lining is that systems that have disabled Microsoft Defender are not in an exploitable state. Hopefully, any such system is running a suitable third-party replacement for Defender’s capabilities.

Windows [I don’t like] IKE: zero-day pre-auth RCE

The Windows Internet Key Exchange (IKE) Services Extensions is the site of CVE-2026-33824, a critical unauthenticated remote code execution vulnerability. Exploitation requires an attacker to send specially crafted packets to a Windows machine with IKE v2 enabled, which could enable remote code execution. Vulnerabilities leading to unauthenticated RCE against modern Windows assets are relatively rare, or we’d see more wormable vulnerabilities self-propagating across the internet. However, since IKE provides secure tunnel negotiation services, for instance for VPNs, it is necessarily exposed to untrusted networks and reachable in a pre-authorization context. It’s hard to imagine this turning into a rampaging internet-wide worm, but there’s plenty of scope for initial access abuse, so this IKE vulnerability is still yikes.

The advisory does contain a section with potential mitigations for anyone unable to patch immediately, which center on least-privilege restriction of relevant UDP traffic. This same portion of the advisory also furnishes a helpful link to the definition of the word “mitigations” in the MSDN glossary. All versions of Windows back as far as Server 2016 and Windows 10 1607 LTSC receive patches.

The advisory credits both the WARP and MORSE (Microsoft Offensive Research & Security Engineering) teams at Microsoft. MORSE appears in Acknowledgements over the past few years, but today marks the first explicit mention of WARP in a Microsoft security advisory Acknowledgements section; we can speculate that WARP is an internal designator for the Microsoft Windows Enterprise Security Team.

Microsoft lifecycle update

In Microsoft lifecycle news, extended support ends April 14, 2026 for a wide range of Microsoft product legacy enterprise tools, including Dynamics C5 2016, Dynamics NAV 2016, App-V 5.0 and App-V 5.1, UE-V 2.1, and BitLocker Administration and Monitoring 2.5 SP1. Microsoft .NET 9 STS (Standard Term Support, as distinct from Long Term Support) was originally scheduled to move past the end of support in May 2026, but late last year, Microsoft granted a six-month extension, so that .NET 9 STS now reaches end of support on November 10, 2026.

Summary charts

A bar chart showing vulnerability count by component for Microsoft Patch Tuesday 2026-Apr

A bar chart showing vulnerability count by impact for Microsoft Patch Tuesday 2026-Apr

A bar chart showing distribution of impact type by component for Microsoft Patch Tuesday 2026-Apr

Summary tables

Azure vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-32171

Azure Logic Apps Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-32168

Azure Monitor Agent Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32192

Azure Monitor Agent Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32184

Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

Developer Tools vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-32203

.NET and Visual Studio Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-26171

.NET Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-32226

.NET Framework Denial of Service Vulnerability

Exploitation Less Likely

No

5.9

CVE-2026-23666

.NET Framework Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-32178

.NET Spoofing Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-33116

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-23653

GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability

Exploitation Less Likely

No

5.7

CVE-2026-32631

GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashes

Exploitation Less Likely

No

7.4

CVE-2026-21637

HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers

N/A

No

7.5

CVE-2026-26143

Microsoft PowerShell Security Feature Bypass Vulnerability

Exploitation Less Likely

No

7.8

ESU vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-32072

Active Directory Spoofing Vulnerability

Exploitation Less Likely

No

6.2

CVE-2026-32181

Connected User Experiences and Telemetry Service Denial of Service Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-27924

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32154

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-27923

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32155

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32091

Microsoft Brokering File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-26152

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26155

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-27914

Microsoft Management Console Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-25250

MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix

Exploitation Less Likely

No

6.0

CVE-2026-32081

Package Catalog Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-26170

PowerShell Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26183

Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32157

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-26160

Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26159

Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26151

Remote Desktop Spoofing Vulnerability

Exploitation More Likely

No

7.1

CVE-2026-32085

Remote Procedure Call Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-0390

UEFI Secure Boot Security Feature Bypass Vulnerability

Exploitation More Likely

No

6.7

CVE-2026-32212

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32214

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32079

Web Account Manager Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-33104

Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-33826

Windows Active Directory Remote Code Execution Vulnerability

Exploitation More Likely

No

8.0

CVE-2026-26178

Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-32073

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26168

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26173

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26177

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26182

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-27922

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-33099

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-33100

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32088

Windows Biometric Service Security Feature Bypass Vulnerability

Exploitation Less Likely

No

6.1

CVE-2026-27913

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation More Likely

No

7.7

CVE-2026-26175

Windows Boot Manager Security Feature Bypass Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-26176

Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27926

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32162

Windows COM Elevation of Privilege Vulnerability

Exploitation More Likely

No

8.4

CVE-2026-20806

Windows COM Server Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-32070

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-33098

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-26153

Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32087

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32093

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-32086

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32150

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-27931

Windows GDI Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-27930

Windows GDI Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-27906

Windows Hello Security Feature Bypass Vulnerability

Exploitation More Likely

No

4.4

CVE-2026-26156

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32149

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.3

CVE-2026-27910

Windows Installer Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33824

Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-27912

Windows Kerberos Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.0

CVE-2026-26180

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26163

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32215

Windows Kernel Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32217

Windows Kernel Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32218

Windows Kernel Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-26169

Windows Kernel Memory Information Disclosure Vulnerability

Exploitation More Likely

No

6.1

CVE-2026-32071

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-27929

Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-20930

Windows Management Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26162

Windows OLE Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32084

Windows Print Spooler Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-27927

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26184

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32069

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32074

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32078

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26167

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-32158

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32159

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32160

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-26172

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-20928

Windows Recovery Environment Security Feature Bypass Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-27909

Windows Search Service Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-26161

Windows Sensor Data Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26174

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26154

Windows Server Update Service (WSUS) Tampering Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-27918

Windows Shell Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32151

Windows Shell Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-32225

Windows Shell Security Feature Bypass Vulnerability

Exploitation More Likely

No

8.8

CVE-2026-32202

Windows Shell Spoofing Vulnerability

Exploitation More Likely

No

4.3

CVE-2026-32082

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32083

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32068

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-32183

Windows Snipping Tool Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33829

Windows Snipping Tool Spoofing Vulnerability

Exploitation Unlikely

No

4.3

CVE-2026-32089

Windows Speech Brokered Api Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32090

Windows Speech Brokered Api Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32153

Windows Speech Runtime Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33827

Windows TCP/IP Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-27908

Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-27921

Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-27915

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27919

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32075

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-27916

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27920

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32077

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27925

Windows UPnP Device Host Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-32156

Windows UPnP Device Host Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.4

CVE-2026-32165

Windows User Interface Core Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27911

Windows User Interface Core Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32163

Windows User Interface Core Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32164

Windows User Interface Core Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-23670

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Exploitation Less Likely

No

5.7

CVE-2026-27917

Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

Microsoft Dynamics vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-33103

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-26149

Microsoft Power Apps Security Feature Bypass

Exploitation Less Likely

No

9.0

Microsoft Office vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-32188

Microsoft Excel Information Disclosure Vulnerability

Exploitation Less Likely

No

7.1

CVE-2026-32189

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32197

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32198

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32199

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32190

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-32200

Microsoft PowerPoint Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-20945

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-32201

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Detected

No

6.5

CVE-2026-33822

Microsoft Word Information Disclosure Vulnerability

Exploitation Less Likely

No

6.1

CVE-2026-33095

Microsoft Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-23657

Microsoft Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33114

Microsoft Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-33115

Microsoft Word Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

Open Source Software vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-40386

n/a

No

4.0

CVE-2026-40385

n/a

No

4.0

CVE-2026-40393

n/a

No

8.1

CVE-2026-31416

netfilter: nfnetlink_log: account for netlink header size

n/a

No

8.1

CVE-2026-31423

net/sched: sch_hfsc: fix divide-by-zero in rtsc_min()

n/a

No

5.5

CVE-2026-31424

netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP

n/a

No

5.5

CVE-2026-31417

net/x25: Fix overflow when accumulating packets

n/a

No

8.1

CVE-2026-31422

net/sched: cls_flow: fix NULL pointer dereference on shared blocks

n/a

No

5.5

CVE-2026-31414

netfilter: nf_conntrack_expect: use expect->helper

n/a

No

8.1

CVE-2026-31427

netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp

n/a

No

7.8

CVE-2026-31426

ACPI: EC: clean up handlers on probe failure in acpi_ec_setup()

n/a

No

5.5

CVE-2026-31419

net: bonding: fix use-after-free in bond_xmit_broadcast()

n/a

No

7.1

CVE-2026-31420

bridge: mrp: reject zero test interval to avoid OOM panic

n/a

No

5.5

CVE-2026-31421

net/sched: cls_fw: fix NULL pointer dereference on shared blocks

n/a

No

5.5

CVE-2026-31428

netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD

n/a

No

5.5

CVE-2026-31418

netfilter: ipset: drop logically empty buckets in mtype_del

n/a

No

8.1

SQL Server vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-33120

Microsoft SQL Server Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-32167

SQL Server Elevation of Privilege Vulnerability

Exploitation Less Likely

No

6.7

CVE-2026-32176

SQL Server Elevation of Privilege Vulnerability

Exploitation Less Likely

No

6.7

System Center vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-33825

Microsoft Defender Elevation of Privilege Vulnerability

Exploitation More Likely

Yes

7.8

Windows vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-32072

Active Directory Spoofing Vulnerability

Exploitation Less Likely

No

6.2

CVE-2023-20585

AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability

Exploitation Less Likely

No

5.3

CVE-2026-25184

Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32181

Connected User Experiences and Telemetry Service Denial of Service Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-27924

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32152

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-32154

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-27923

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32155

Desktop Window Manager Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33096

HTTP.sys Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-26181

Microsoft Brokering File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32219

Microsoft Brokering File System Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-32091

Microsoft Brokering File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-26152

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26155

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-27914

Microsoft Management Console Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-25250

MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix

Exploitation Less Likely

No

6.0

CVE-2026-32081

Package Catalog Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-26170

PowerShell Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26183

Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32157

Remote Desktop Client Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-26160

Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26159

Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26151

Remote Desktop Spoofing Vulnerability

Exploitation More Likely

No

7.1

CVE-2026-32085

Remote Procedure Call Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-0390

UEFI Secure Boot Security Feature Bypass Vulnerability

Exploitation More Likely

No

6.7

CVE-2026-32220

UEFI Secure Boot Security Feature Bypass Vulnerability

Exploitation Less Likely

No

4.4

CVE-2026-32212

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32214

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32079

Web Account Manager Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-33104

Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-33826

Windows Active Directory Remote Code Execution Vulnerability

Exploitation More Likely

No

8.0

CVE-2026-32196

Windows Admin Center Spoofing Vulnerability

Exploitation Less Likely

No

6.1

CVE-2026-26178

Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-32073

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26168

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26173

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26177

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26182

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-27922

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-33099

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-33100

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32088

Windows Biometric Service Security Feature Bypass Vulnerability

Exploitation Less Likely

No

6.1

CVE-2026-27913

Windows BitLocker Security Feature Bypass Vulnerability

Exploitation More Likely

No

7.7

CVE-2026-26175

Windows Boot Manager Security Feature Bypass Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-26176

Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27926

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32162

Windows COM Elevation of Privilege Vulnerability

Exploitation More Likely

No

8.4

CVE-2026-20806

Windows COM Server Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-32070

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-33098

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-26153

Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32087

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32093

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-32086

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32150

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-27931

Windows GDI Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-27930

Windows GDI Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32221

Windows Graphics Component Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-27906

Windows Hello Security Feature Bypass Vulnerability

Exploitation More Likely

No

4.4

CVE-2026-27928

Windows Hello Security Feature Bypass Vulnerability

Exploitation Less Likely

No

8.7

CVE-2026-26156

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32149

Windows Hyper-V Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.3

CVE-2026-27910

Windows Installer Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33824

Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

CVE-2026-27912

Windows Kerberos Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.0

CVE-2026-26179

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26180

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32195

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26163

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32215

Windows Kernel Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32217

Windows Kernel Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-32218

Windows Kernel Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-26169

Windows Kernel Memory Information Disclosure Vulnerability

Exploitation More Likely

No

6.1

CVE-2026-32071

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-27929

Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-20930

Windows Management Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26162

Windows OLE Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33101

Windows Print Spooler Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32084

Windows Print Spooler Information Disclosure Vulnerability

Exploitation Unlikely

No

5.5

CVE-2026-27927

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26184

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32069

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32074

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32078

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26167

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-32158

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32159

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32160

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-26172

Windows Push Notifications Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-20928

Windows Recovery Environment Security Feature Bypass Vulnerability

Exploitation Less Likely

No

4.6

CVE-2026-32216

Windows Redirected Drive Buffering System Denial of Service Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-27909

Windows Search Service Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-26161

Windows Sensor Data Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26174

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32224

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-26154

Windows Server Update Service (WSUS) Tampering Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-26165

Windows Shell Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-26166

Windows Shell Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-27918

Windows Shell Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32151

Windows Shell Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-32225

Windows Shell Security Feature Bypass Vulnerability

Exploitation More Likely

No

8.8

CVE-2026-32202

Windows Shell Spoofing Vulnerability

Exploitation More Likely

No

4.3

CVE-2026-32082

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32083

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32068

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-32183

Windows Snipping Tool Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33829

Windows Snipping Tool Spoofing Vulnerability

Exploitation Unlikely

No

4.3

CVE-2026-32089

Windows Speech Brokered Api Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32090

Windows Speech Brokered Api Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32153

Windows Speech Runtime Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27907

Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32076

Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-33827

Windows TCP/IP Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-27908

Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-27921

Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-27915

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27919

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32075

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-27916

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27920

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-32077

Windows UPnP Device Host Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27925

Windows UPnP Device Host Information Disclosure Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-32156

Windows UPnP Device Host Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.4

CVE-2026-32223

Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

6.8

CVE-2026-32165

Windows User Interface Core Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-27911

Windows User Interface Core Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32163

Windows User Interface Core Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-32164

Windows User Interface Core Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-23670

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Exploitation Less Likely

No

5.7

CVE-2026-32080

Windows WalletService Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-27917

Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-32222

Windows Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

Zero-Day Vulnerabilities: Known Exploited

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-32201

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Detected

No

6.5

Zero-Day Vulnerabilities: Publicly Disclosed (No known exploitation)

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-33825

Microsoft Defender Elevation of Privilege Vulnerability

Exploitation More Likely

Yes

7.8

Critical RCEs and EoPs

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-33824

Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

Exploitation Less Likely

No

9.8

Patch Tuesday - March 2026

✇Rapid7 Cybersecurity Blog
By: Adam Barnett
10 March 2026 at 16:30

Microsoft is publishing 77 vulnerabilities this March 2026 Patch Tuesday. Microsoft is aware of public disclosure of two of today’s vulnerabilities, but without evidence of exploitation in the wild for any (yet), so there are no Microsoft additions to CISA KEV today. Earlier in the month, Microsoft provided patches to address nine browser vulnerabilities, which are not included in the Patch Tuesday count above.

SQL Server: zero-day remote EoP

SQL Server often goes several months in a row without any mention on Patch Tuesday. Today, however, all versions from the latest and greatest SQL Server 2025 back as far as SQL Server 2016 SP3 receive patches for CVE-2026-21262, a SQL Server elevation of privilege vulnerability. This isn’t just any elevation of privilege vulnerability, either; the advisory notes that an authorized attacker can elevate privileges to sysadmin over a network. The CVSS v3 base score of 8.8 is just below the threshold for critical severity, since low-level privileges are required.

Microsoft is aware of public disclosure, so while they assess the likelihood of exploitation as less likely, it would be a courageous defender who shrugged and deferred the patches for this one. Most SQL Server admins and security teams concluded many years ago that exposing SQL Server directly to the internet was not a good idea. Then again, popular search engines for internet-connected devices describe tens of thousands of SQL Server instances, and they can’t all be honeypots.

What could an attacker do as SQL Server sysadmin? Beyond exfiltrating or interfering with the database itself, the obvious target is xp_cmdshell, which allows direct callouts to the underlying OS. The good news is that xp_cmdshell is disabled by default as far back as SQL Server 2005; the bad news is that anyone acting as SQL Server sysadmin can enable it in seconds. At that point, the attacker is acting with the full privileges of the security context under which SQL Server runs, which is ideally a purpose-built account designed with least privilege in mind. If you want to hear some hair-raising stories, you have only to ask any incident response veteran if they’ve ever seen it set up differently.

Anyone paying for Extended Security Updates (ESU) for SQL Server 2014 or SQL Server 2012 may be forgiven for wondering why there’s no security update for those venerable versions of the world’s most widely deployed closed-source database product. We can hope that the vulnerability described by CVE-2026-21262 was introduced in newer codebases only.

.NET: zero-day DoS

Attackers fond of low-effort denial of service attacks against .NET applications will be checking out CVE-2026-26127 today. Microsoft is aware of public disclosure. While the immediate impact of exploitation is likely contained to denial of service by triggering a crash, opportunities for other types of attacks might emerge during a service reboot. Alternatively, if a log forwarder or security agent is impacted, even for a brief period of time, an attacker might carry out an attack in that moment hoping to evade detection under cover of this artificial darkness. Even if a low-skilled attacker simply causes downtime, in some contexts that could be enough to cause an SLA breach or loss of revenue, or at the very least cause a bleary-eyed defender to get paged in the middle of the night.

Authenticator: QR code impersonation

Microsoft Authenticator mobile app users on both iOS and Android should update to the latest version to prevent exploitation of CVE-2026-26123, which involves a malicious app disguising itself as Microsoft Authenticator. Exploitation succeeds when the malicious app receives enough information to impersonate the user.

Authenticator-type apps are often installed on a personal device, but it's not unusual for them to provide multi-factor authentication (MFA) codes for production services in a bring-your-own-device context. This is as good a time as any for defenders to consider how well their mobile device management policy covers app choice enforcement and patching for MFA apps.

The CVSS v3 base score of 5.5 might appear unremarkable, and exploitation requires user interaction, since the user must install the malicious app in the first place. However, exploitation could begin via an attacker-controlled link, or even a malicious QR code that drives users to the malicious app, and a motivated attacker with a physical presence near the user base might well consider this option.

According to Khaled Mohamed, the researcher who discovered this vulnerability, the legitimate Microsoft Authenticator app did not previously register itself as the handler for deep links into its own custom URL scheme. A malicious app could exploit this gap by simply registering itself as the default handler. He further notes that in this scenario, a user of a mobile device with a malicious app installed only needs to click a generic “Open link” dialog, rather than expressly selecting the malicious app each time. This means that the Microsoft advisory is perhaps too optimistic about how much user interaction is required to trigger exploitation.

Microsoft ranks this vulnerability as important on their proprietary severity scale. The advisory also provides a brief peek behind the curtain, since the executive summary notes that “Cwe is not in rca”. The weakness listed on the advisory is CWE-939: Improper Authorization in Handler for Custom URL Scheme.

Microsoft lifecycle update

There are no significant Microsoft product lifecycle changes this month, unless you are responsible for a Microsoft SQL Server 2012 Parallel Data Warehouse instance, which moves beyond extended support as of March 31st. It would be wise not to count on a last-minute extension, since Microsoft has already granted a six month reprieve.

Summary charts

A bar chart showing vulnerability count by component for Microsoft Patch Tuesday 2026-Mar

A bar chart showing vulnerability count by impact for Microsoft Patch Tuesday 2026-Feb

A bar chart showing distribution of impact type by component for Microsoft Patch Tuesday 2026-Mar

Summary tables

Apps vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-26123

Microsoft Authenticator Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

Azure vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-26117

Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-23664

Azure IoT Explorer Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-23661

Azure IoT Explorer Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-23662

Azure IoT Explorer Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-26121

Azure IOT Explorer Spoofing Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-26118

Azure MCP Server Tools Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-26141

Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-23665

Linux Azure Diagnostic extension (LAD) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26148

Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability

Exploitation Unlikely

No

8.1

CVE-2026-23660

Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

Developer Tools vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-26127

.NET Denial of Service Vulnerability

Exploitation Unlikely

Yes

7.5

CVE-2026-26131

.NET Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26130

ASP.NET Core Denial of Service Vulnerability

Exploitation Less Likely

No

7.5

ESU vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-25177

Active Directory Domain Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-23667

Broadcast DVR Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-25190

GDI Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25181

GDI+ Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-23674

MapUrlToZone Security Feature Bypass Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-25165

Performance Counters for Windows Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-24282

Push message Routing Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-24285

Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-24291

Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-25186

Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-24293

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25176

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25178

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-25179

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-25171

Windows Authentication Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-23671

Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-24292

Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-24295

Windows Device Association Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-24296

Windows Device Association Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-25189

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25174

Windows Extensible File Allocation Table Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-25168

Windows Graphics Component Denial of Service Vulnerability

Exploitation Less Likely

No

6.2

CVE-2026-25169

Windows Graphics Component Denial of Service Vulnerability

Exploitation Less Likely

No

6.2

CVE-2026-23668

Windows Graphics Component Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-25180

Windows Graphics Component Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-24297

Windows Kerberos Security Feature Bypass Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-24287

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-24289

Windows Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-26132

Windows Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-24288

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Exploitation Less Likely

No

6.8

CVE-2026-25175

Windows NTFS Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-23669

Windows Print Spooler Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-24290

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-23673

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-25172

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-25173

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.0

CVE-2026-26111

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-25185

Windows Shell Link Processing Spoofing Vulnerability

Exploitation Less Likely

No

5.3

CVE-2026-24294

Windows SMB Server Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-26128

Windows SMB Server Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25166

Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-25188

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

8.8

CVE-2026-23672

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-25187

Winlogon Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

Microsoft Office vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-26144

Microsoft Excel Information Disclosure Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-26112

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26107

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26108

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26109

Microsoft Excel Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.4

CVE-2026-26134

Microsoft Office Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-26113

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-26110

Microsoft Office Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.4

CVE-2026-26114

Microsoft SharePoint Server Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-26106

Microsoft SharePoint Server Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-26105

Microsoft SharePoint Server Spoofing Vulnerability

Exploitation Less Likely

No

8.1

CVE-2026-24285

Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-25180

Windows Graphics Component Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

Open Source Software vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-26030

GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable

Exploitation Unlikely

No

9.9

CVE-2026-23654

GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability

Exploitation Unlikely

No

8.8

SQL Server vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-21262

SQL Server Elevation of Privilege Vulnerability

Exploitation Less Likely

Yes

8.8

CVE-2026-26115

SQL Server Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-26116

SQL Server Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

System Center vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-20967

System Center Operations Manager (SCOM) Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

Windows vulnerabilities

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-25177

Active Directory Domain Services Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-23667

Broadcast DVR Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-25190

GDI Remote Code Execution Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25181

GDI+ Information Disclosure Vulnerability

Exploitation Less Likely

No

7.5

CVE-2026-23674

MapUrlToZone Security Feature Bypass Vulnerability

Exploitation Unlikely

No

7.5

CVE-2026-25167

Microsoft Brokering File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.4

CVE-2026-24283

Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-25165

Performance Counters for Windows Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-24282

Push message Routing Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-24285

Win32k Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-24291

Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-25186

Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-24293

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25176

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25178

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-25179

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-23656

Windows App Installer Spoofing Vulnerability

Exploitation Unlikely

No

CVE-2026-25171

Windows Authentication Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-23671

Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-24292

Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-24295

Windows Device Association Service Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-24296

Windows Device Association Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.0

CVE-2026-25189

Windows DWM Core Library Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25174

Windows Extensible File Allocation Table Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-25168

Windows Graphics Component Denial of Service Vulnerability

Exploitation Less Likely

No

6.2

CVE-2026-25169

Windows Graphics Component Denial of Service Vulnerability

Exploitation Less Likely

No

6.2

CVE-2026-23668

Windows Graphics Component Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.0

CVE-2026-25180

Windows Graphics Component Information Disclosure Vulnerability

Exploitation Less Likely

No

5.5

CVE-2026-25170

Windows Hyper-V Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.0

CVE-2026-24297

Windows Kerberos Security Feature Bypass Vulnerability

Exploitation Less Likely

No

6.5

CVE-2026-24287

Windows Kernel Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-24289

Windows Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-26132

Windows Kernel Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-24288

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Exploitation Less Likely

No

6.8

CVE-2026-25175

Windows NTFS Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-23669

Windows Print Spooler Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-24290

Windows Projected File System Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-23673

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-25172

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-25173

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.0

CVE-2026-26111

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Exploitation Less Likely

No

8.8

CVE-2026-25185

Windows Shell Link Processing Spoofing Vulnerability

Exploitation Less Likely

No

5.3

CVE-2026-24294

Windows SMB Server Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

CVE-2026-26128

Windows SMB Server Elevation of Privilege Vulnerability

Exploitation Less Likely

No

7.8

CVE-2026-25166

Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-25188

Windows Telephony Service Elevation of Privilege Vulnerability

Exploitation Unlikely

No

8.8

CVE-2026-23672

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Exploitation Unlikely

No

7.8

CVE-2026-25187

Winlogon Elevation of Privilege Vulnerability

Exploitation More Likely

No

7.8

Zero-Day Vulnerabilities: Publicly Disclosed (No known exploitation)

CVE

Title

Exploitation status

Publicly disclosed?

CVSS v3 base score

CVE-2026-26127

.NET Denial of Service Vulnerability

Exploitation Unlikely

Yes

7.5

CVE-2026-21262

SQL Server Elevation of Privilege Vulnerability

Exploitation Less Likely

Yes

8.8

Update history

  • 2026-03-16: updated section on CVE-2026-26123 to include researcher commentary.

❌
❌