threat
engine
.sh
Back
·
··:··
Home
/
Product
/
microsoft windows 11 26h1
Product
microsoft windows 11 26h1
213 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-42896
< 10.0.28000.2113
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-42825
< 10.0.28000.2113
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-41097
< 10.0.28000.2113
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature l
6.7
MEDIUM
CVE-2026-41096
< 10.0.28000.2113
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
9.8
CRITICAL
CVE-2026-41088
< 10.0.28000.2113
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorize
7.8
HIGH
CVE-2026-40415
< 10.0.28000.2113
Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
8.1
HIGH
CVE-2026-40414
< 10.0.28000.2113
Windows TCP/IP Denial of Service Vulnerability
7.4
HIGH
CVE-2026-40413
< 10.0.28000.2113
Windows TCP/IP Denial of Service Vulnerability
7.4
HIGH
CVE-2026-40410
< 10.0.28000.2113
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-40408
< 10.0.28000.2113
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-40407
< 10.0.28000.2113
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-40406
< 10.0.28000.2113
Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.
7.5
HIGH
CVE-2026-40405
< 10.0.28000.2113
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network.
7.5
HIGH
CVE-2026-40403
< 10.0.28000.2113
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
8.8
HIGH
CVE-2026-40401
< 10.0.28000.2113
Windows TCP/IP Denial of Service Vulnerability
7.1
HIGH
CVE-2026-40399
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized
7.8
HIGH
CVE-2026-40398
< 10.0.28000.2113
Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-40397
< 10.0.28000.2113
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-40382
< 10.0.28000.2113
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-40380
< 10.0.28000.2113
Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack
6.2
MEDIUM
CVE-2026-40377
< 10.0.28000.2113
Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-40369
< 10.0.28000.2113
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-35424
< 10.0.28000.2113
Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker
7.5
HIGH
CVE-2026-35423
< 10.0.28000.2113
Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.
5.4
MEDIUM
CVE-2026-35422
< 10.0.28000.2113
Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feat
6.5
MEDIUM
CVE-2026-35421
< 10.0.28000.2113
Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-35419
< 10.0.28000.2113
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-35418
< 10.0.28000.2113
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-35417
< 10.0.28000.2113
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-35416
< 10.0.28000.2113
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorize
7.0
HIGH
CVE-2026-35415
< 10.0.28000.2113
Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-34351
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized
7.8
HIGH
CVE-2026-34347
< 10.0.28000.2113
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-34345
< 10.0.28000.2113
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorize
7.0
HIGH
CVE-2026-34344
< 10.0.28000.2113
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorize
7.8
HIGH
CVE-2026-34343
< 10.0.28000.2113
Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges l
7.8
HIGH
CVE-2026-34342
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components al
7.0
HIGH
CVE-2026-34341
< 10.0.28000.2113
Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-34340
< 10.0.28000.2113
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-34339
< 10.0.28000.2113
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service loc
5.5
MEDIUM
CVE-2026-34338
< 10.0.28000.2113
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-34337
< 10.0.28000.2113
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-34336
< 10.0.28000.2113
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-34334
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized
7.8
HIGH
CVE-2026-34333
< 10.0.28000.2113
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-34331
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.0
HIGH
CVE-2026-34330
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.8
HIGH
CVE-2026-34329
< 10.0.28000.2113
Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.
8.8
HIGH
CVE-2026-33841
< 10.0.28000.2113
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-33840
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.8
HIGH
CVE-2026-33839
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.0
HIGH
CVE-2026-33838
< 10.0.28000.2113
Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-33837
< 10.0.28000.2113
Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-33835
< 10.0.28000.2113
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-33834
< 10.0.28000.2113
Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32209
< 10.0.28000.2113
Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.
4.4
MEDIUM
CVE-2026-32170
< 10.0.28000.2113
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.
6.7
MEDIUM
CVE-2026-32161
< 10.0.28000.2113
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver
7.5
HIGH
CVE-2026-21530
< 10.0.28000.2113
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.
6.7
MEDIUM
CVE-2026-33829
< 10.0.28000.1836
Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spo
4.3
MEDIUM
CVE-2026-33827
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthoriz
8.1
HIGH
CVE-2026-33824
< 10.0.28000.1836
Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.
9.8
CRITICAL
CVE-2026-33104
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an aut
7.0
HIGH
CVE-2026-33101
< 10.0.28000.1836
Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-33100
< 10.0.28000.1836
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-33098
< 10.0.28000.1836
Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-33096
< 10.0.28000.1836
Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
7.5
HIGH
CVE-2026-32225
< 10.0.28000.1836
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
8.8
HIGH
CVE-2026-32224
< 10.0.28000.1836
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-32223
< 10.0.28000.1836
Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attac
6.8
MEDIUM
CVE-2026-32222
< 10.0.28000.1836
Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32221
< 10.0.28000.1836
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.
8.4
HIGH
CVE-2026-32220
< 10.0.28000.1836
Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security
4.4
MEDIUM
CVE-2026-32219
< 10.0.28000.1836
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-32218
< 10.0.28000.1836
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-32217
< 10.0.28000.1836
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-32216
< 10.0.28000.1836
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally.
5.5
MEDIUM
CVE-2026-32215
< 10.0.28000.1836
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-32214
< 10.0.28000.1836
Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-32212
< 10.0.28000.1836
Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker
5.5
MEDIUM
CVE-2026-32202
< 10.0.28000.1836
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
4.3
MEDIUM
CVE-2026-32195
< 10.0.28000.1836
Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-32183
< 10.0.28000.1836
Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorize
7.8
HIGH
CVE-2026-32181
< 10.0.28000.1836
Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
5.5
MEDIUM
CVE-2026-32165
< 10.0.28000.1836
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32164
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows
7.8
HIGH
CVE-2026-32163
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows
7.8
HIGH
CVE-2026-32162
< 10.0.28000.1836
Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges loc
8.4
HIGH
CVE-2026-32160
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows a
7.8
HIGH
CVE-2026-32159
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows a
7.8
HIGH
CVE-2026-32158
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows a
7.8
HIGH
CVE-2026-32157
< 10.0.28000.1836
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
8.8
HIGH
CVE-2026-32156
< 10.0.28000.1836
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.
7.4
HIGH
CVE-2026-32153
< 10.0.28000.1836
Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32151
< 10.0.28000.1836
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information
6.5
MEDIUM
CVE-2026-32150
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.d
7.0
HIGH
CVE-2026-32149
< 10.0.28000.1836
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.
7.3
HIGH
CVE-2026-32093
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.d
7.0
HIGH
CVE-2026-32091
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System all
8.4
HIGH
CVE-2026-32090
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows
7.8
HIGH
CVE-2026-32089
< 10.0.28000.1836
Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32088
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an
6.1
MEDIUM
CVE-2026-32087
< 10.0.28000.1836
Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-32086
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.d
7.0
HIGH
CVE-2026-32085
< 10.0.28000.1836
Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to discl
5.5
MEDIUM
CVE-2026-32084
< 10.0.28000.1836
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose info
5.5
MEDIUM
CVE-2026-32083
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an auth
7.0
HIGH
CVE-2026-32082
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an auth
7.0
HIGH
CVE-2026-32081
< 10.0.28000.1836
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose info
5.5
MEDIUM
CVE-2026-32079
< 10.0.28000.1836
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose info
5.5
MEDIUM
CVE-2026-32078
< 10.0.28000.1836
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32077
< 10.0.28000.1836
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privi
7.8
HIGH
CVE-2026-32076
< 10.0.28000.1836
Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32075
< 10.0.28000.1836
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-32074
< 10.0.28000.1836
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32073
< 10.0.28000.1836
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-32072
< 10.0.28000.1836
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
6.2
MEDIUM
CVE-2026-32071
< 10.0.28000.1836
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny ser
7.5
HIGH
CVE-2026-32070
< 10.0.28000.1836
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-32069
< 10.0.28000.1836
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-32068
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an auth
7.0
HIGH
CVE-2026-27931
< 10.0.28000.1836
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-27930
< 10.0.28000.1836
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-27929
< 10.0.28000.1836
Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-27927
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allow
7.8
HIGH
CVE-2026-27926
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Dri
7.0
HIGH
CVE-2026-27925
< 10.0.28000.1836
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over
6.5
MEDIUM
CVE-2026-27923
< 10.0.28000.1836
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-27922
< 10.0.28000.1836
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-27921
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized
7.0
HIGH
CVE-2026-27920
< 10.0.28000.1836
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privi
7.8
HIGH
CVE-2026-27919
< 10.0.28000.1836
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privi
7.8
HIGH
CVE-2026-27918
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized
7.8
HIGH
CVE-2026-27917
< 10.0.28000.1836
Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges loc
7.0
HIGH
CVE-2026-27916
< 10.0.28000.1836
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-27915
< 10.0.28000.1836
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-27914
< 10.0.28000.1836
Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-27911
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows
7.8
HIGH
CVE-2026-27910
< 10.0.28000.1836
Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileg
7.8
HIGH
CVE-2026-27909
< 10.0.28000.1836
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-27908
< 10.0.28000.1836
Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-27907
< 10.0.28000.1836
Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges lo
7.8
HIGH
CVE-2026-27906
< 10.0.28000.1836
Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.
4.4
MEDIUM
CVE-2026-26184
< 10.0.28000.1836
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26182
< 10.0.28000.1836
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-26181
< 10.0.28000.1836
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26180
< 10.0.28000.1836
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26179
< 10.0.28000.1836
Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26177
< 10.0.28000.1836
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-26176
< 10.0.28000.1836
Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized attacker to elevate privileges loc
7.8
HIGH
CVE-2026-26175
< 10.0.28000.1836
Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical
4.6
MEDIUM
CVE-2026-26174
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Update Service allow
7.0
HIGH
CVE-2026-26173
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f
7.0
HIGH
CVE-2026-26172
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows a
7.8
HIGH
CVE-2026-26170
< 10.0.28000.1836
Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26169
< 10.0.28000.1836
Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally.
6.1
MEDIUM
CVE-2026-26168
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver f
7.8
HIGH
CVE-2026-26167
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows a
8.8
HIGH
CVE-2026-26166
< 10.0.28000.1836
Double free in Windows Shell allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-26165
< 10.0.28000.1836
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-26163
< 10.0.28000.1836
Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26162
< 10.0.28000.1836
Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges l
7.8
HIGH
CVE-2026-26161
< 10.0.28000.1836
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26160
< 10.0.28000.1836
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate
7.8
HIGH
CVE-2026-26159
< 10.0.28000.1836
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate
7.8
HIGH
CVE-2026-26156
< 10.0.28000.1836
Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-26155
< 10.0.28000.1836
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
6.5
MEDIUM
CVE-2026-26153
< 10.0.28000.1836
Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26152
< 10.0.28000.1836
Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges lo
7.0
HIGH
CVE-2026-26151
< 10.0.28000.1836
Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over
7.1
HIGH
CVE-2026-25184
< 10.0.28000.1836
Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerf
7.0
HIGH
CVE-2026-23670
< 10.0.28000.1836
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a sec
5.7
MEDIUM
CVE-2026-20928
< 10.0.28000.1836
Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized
4.6
MEDIUM
CVE-2026-20806
< 10.0.28000.1836
Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information
5.5
MEDIUM
CVE-2026-26132
< 10.0.28000.1719
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-26128
< 10.0.28000.1719
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-25190
< 10.0.28000.1719
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.
7.8
HIGH
CVE-2026-25188
< 10.0.28000.1719
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent net
8.8
HIGH
CVE-2026-25187
< 10.0.28000.1719
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges loc
7.8
HIGH
CVE-2026-25186
< 10.0.28000.1719
Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an author
5.5
MEDIUM
CVE-2026-25185
< 10.0.28000.1719
Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to per
5.3
MEDIUM
CVE-2026-25181
< 10.0.28000.1719
Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.
7.5
HIGH
CVE-2026-25180
< 10.0.28000.1719
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-25179
< 10.0.28000.1719
Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to e
7.0
HIGH
CVE-2026-25178
< 10.0.28000.1719
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-25177
< 10.0.28000.1719
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to e
8.8
HIGH
CVE-2026-25176
< 10.0.28000.1719
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges local
7.8
HIGH
CVE-2026-25174
< 10.0.28000.1719
Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-25173
< 10.0.28000.1719
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code o
8.0
HIGH
CVE-2026-25171
< 10.0.28000.1719
Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-25170
< 10.0.28000.1719
Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
7.0
HIGH
CVE-2026-25169
< 10.0.28000.1719
Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.
6.2
MEDIUM
CVE-2026-25168
< 10.0.28000.1719
Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.
6.2
MEDIUM
CVE-2026-25167
< 10.0.28000.1719
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
7.4
HIGH
CVE-2026-25166
< 10.0.28000.1719
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.
7.8
HIGH
CVE-2026-25165
< 10.0.28000.1719
Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-24296
< 10.0.28000.1719
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service
7.0
HIGH
CVE-2026-24295
< 10.0.28000.1719
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service
7.0
HIGH
CVE-2026-24294
< 10.0.28000.1719
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-24293
< 10.0.28000.1719
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges loca
7.8
HIGH
CVE-2026-24292
< 10.0.28000.1719
Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-24291
< 10.0.28000.1719
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized
7.8
HIGH
CVE-2026-24290
< 10.0.28000.1719
Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-24289
< 10.0.28000.1719
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-24287
< 10.0.28000.1719
External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-24283
< 10.0.28000.1719
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally.
8.8
HIGH
CVE-2026-24282
< 10.0.28000.1719
Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally.
5.5
MEDIUM
CVE-2026-23674
< 10.0.28000.1719
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over
7.5
HIGH
CVE-2026-23673
< 10.0.28000.1719
Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.
7.8
HIGH
CVE-2026-23672
< 10.0.28000.1719
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2026-23671
< 10.0.28000.1719
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Dr
7.0
HIGH
CVE-2026-23669
< 10.0.28000.1719
Use after free in RPC Runtime allows an authorized attacker to execute code over a network.
8.8
HIGH
CVE-2026-23667
< 10.0.28000.1719
Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
7.0
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin