April 2026 Security Updates Security Update secure@microsoft.com The Microsoft Security Response Center (MSRC) identifies, monitors, resolves, and responds to security incidents and Microsoft software security vulnerabilities. For more information, see http://www.microsoft.com/security/msrc. 2026-Apr 2026-Apr Final 1.0 1657 2026-05-31T01:04:27 April 2026 Security Updates 2026-04-14T07:00:00 2026-05-31T01:04:27 <h2 id="this-release-consists-of-the-following-173-microsoft-cves">This release consists of the following 173 Microsoft CVEs:</h2> <table> <thead> <tr> <th>Tag</th> <th>CVE</th> <th>Base Score</th> <th>CVSS Vector</th> <th>Exploitability</th> <th>FAQs?</th> <th>Workarounds?</th> <th>Mitigations?</th> </tr> </thead> <tbody> <tr> <td>Windows Boot Loader</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-0390">CVE-2026-0390</a></td> <td>6.7</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows COM</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20806">CVE-2026-20806</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Recovery Environment Agent</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20928">CVE-2026-20928</a></td> <td>4.6</td> <td>CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Management Services</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20930">CVE-2026-20930</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office SharePoint</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20945">CVE-2026-20945</a></td> <td>4.6</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Azure IOT Central</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-21515">CVE-2026-21515</a></td> <td>9.9</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>N/A</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>GitHub Copilot and Visual Studio Code</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23653">CVE-2026-23653</a></td> <td>5.7</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23657">CVE-2026-23657</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET Framework</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23666">CVE-2026-23666</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Virtualization-Based Security (VBS) Enclave</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23670">CVE-2026-23670</a></td> <td>5.7</td> <td>CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Partner Center</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-24303">CVE-2026-24303</a></td> <td>9.6</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>N/A</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Applocker Filter Driver (applockerfltr.sys)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-25184">CVE-2026-25184</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft PowerShell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26143">CVE-2026-26143</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Power Apps</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26149">CVE-2026-26149</a></td> <td>9.0</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Purview</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26150">CVE-2026-26150</a></td> <td>8.1</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>N/A</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Remote Desktop</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26151">CVE-2026-26151</a></td> <td>7.1</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Cryptographic Services</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26152">CVE-2026-26152</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Encrypting File System (EFS)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26153">CVE-2026-26153</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Server Update Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26154">CVE-2026-26154</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Local Security Authority Subsystem Service (LSASS)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26155">CVE-2026-26155</a></td> <td>6.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Role: Windows Hyper-V</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26156">CVE-2026-26156</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Remote Desktop Licensing Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26159">CVE-2026-26159</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Remote Desktop Licensing Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26160">CVE-2026-26160</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Sensor Data Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26161">CVE-2026-26161</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows OLE</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26162">CVE-2026-26162</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26163">CVE-2026-26163</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26165">CVE-2026-26165</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26166">CVE-2026-26166</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26167">CVE-2026-26167</a></td> <td>8.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26168">CVE-2026-26168</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel Memory</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26169">CVE-2026-26169</a></td> <td>6.1</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft PowerShell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26170">CVE-2026-26170</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26171">CVE-2026-26171</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26172">CVE-2026-26172</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26173">CVE-2026-26173</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Server Update Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26174">CVE-2026-26174</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Boot Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26175">CVE-2026-26175</a></td> <td>4.6</td> <td>CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Client Side Caching driver (csc.sys)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26176">CVE-2026-26176</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26177">CVE-2026-26177</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Advanced Rasterization Platform</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26178">CVE-2026-26178</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26179">CVE-2026-26179</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26180">CVE-2026-26180</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Brokering File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26181">CVE-2026-26181</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26182">CVE-2026-26182</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows RPC API</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26183">CVE-2026-26183</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26184">CVE-2026-26184</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Hello</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27906">CVE-2026-27906</a></td> <td>4.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Storage Spaces Controller</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27907">CVE-2026-27907</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows TDI Translation Driver (tdx.sys)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27908">CVE-2026-27908</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Windows Search Component</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27909">CVE-2026-27909</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Installer</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27910">CVE-2026-27910</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows User Interface Core</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27911">CVE-2026-27911</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kerberos</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27912">CVE-2026-27912</a></td> <td>8.0</td> <td>CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows BitLocker</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27913">CVE-2026-27913</a></td> <td>7.7</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Management Console</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27914">CVE-2026-27914</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27915">CVE-2026-27915</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27916">CVE-2026-27916</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27917">CVE-2026-27917</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27918">CVE-2026-27918</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27919">CVE-2026-27919</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27920">CVE-2026-27920</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows TCP/IP</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27921">CVE-2026-27921</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27922">CVE-2026-27922</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27923">CVE-2026-27923</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27924">CVE-2026-27924</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27925">CVE-2026-27925</a></td> <td>6.5</td> <td>CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Cloud Files Mini Filter Driver</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27926">CVE-2026-27926</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27927">CVE-2026-27927</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Hello</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27928">CVE-2026-27928</a></td> <td>8.7</td> <td>CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows LUAFV</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27929">CVE-2026-27929</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows GDI</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27930">CVE-2026-27930</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows GDI</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27931">CVE-2026-27931</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows SSDP Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32068">CVE-2026-32068</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32069">CVE-2026-32069</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Common Log File System Driver</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32070">CVE-2026-32070</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Local Security Authority Subsystem Service (LSASS)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32071">CVE-2026-32071</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Active Directory</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32072">CVE-2026-32072</a></td> <td>6.2</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32073">CVE-2026-32073</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32074">CVE-2026-32074</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32075">CVE-2026-32075</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Storage Spaces Controller</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32076">CVE-2026-32076</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32077">CVE-2026-32077</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32078">CVE-2026-32078</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows File Explorer</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32079">CVE-2026-32079</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows WalletService</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32080">CVE-2026-32080</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows File Explorer</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32081">CVE-2026-32081</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows SSDP Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32082">CVE-2026-32082</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows SSDP Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32083">CVE-2026-32083</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows File Explorer</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32084">CVE-2026-32084</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Remote Procedure Call</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32085">CVE-2026-32085</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Function Discovery Service (fdwsd.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32086">CVE-2026-32086</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Function Discovery Service (fdwsd.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32087">CVE-2026-32087</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Biometric Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32088">CVE-2026-32088</a></td> <td>6.1</td> <td>CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Speech Brokered Api</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32089">CVE-2026-32089</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Speech Brokered Api</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32090">CVE-2026-32090</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Brokering File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32091">CVE-2026-32091</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Function Discovery Service (fdwsd.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32093">CVE-2026-32093</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Role: Windows Hyper-V</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32149">CVE-2026-32149</a></td> <td>7.3</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Function Discovery Service (fdwsd.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32150">CVE-2026-32150</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32151">CVE-2026-32151</a></td> <td>6.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32152">CVE-2026-32152</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Windows Speech</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32153">CVE-2026-32153</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32154">CVE-2026-32154</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32155">CVE-2026-32155</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32156">CVE-2026-32156</a></td> <td>7.4</td> <td>CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Remote Desktop Client</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32157">CVE-2026-32157</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32158">CVE-2026-32158</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32159">CVE-2026-32159</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32160">CVE-2026-32160</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows COM</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32162">CVE-2026-32162</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows User Interface Core</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32163">CVE-2026-32163</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows User Interface Core</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32164">CVE-2026-32164</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows User Interface Core</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32165">CVE-2026-32165</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>SQL Server</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32167">CVE-2026-32167</a></td> <td>6.7</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Azure Monitor Agent</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32168">CVE-2026-32168</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Azure Logic Apps</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32171">CVE-2026-32171</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>SQL Server</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32176">CVE-2026-32176</a></td> <td>6.7</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32178">CVE-2026-32178</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Windows</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32181">CVE-2026-32181</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Snipping Tool</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32183">CVE-2026-32183</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft High Performance Compute Pack (HPC)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32184">CVE-2026-32184</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32188">CVE-2026-32188</a></td> <td>7.1</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32189">CVE-2026-32189</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32190">CVE-2026-32190</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Azure Monitor Agent</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32192">CVE-2026-32192</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32195">CVE-2026-32195</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Admin Center</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32196">CVE-2026-32196</a></td> <td>6.1</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32197">CVE-2026-32197</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32198">CVE-2026-32198</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32199">CVE-2026-32199</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office PowerPoint</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32200">CVE-2026-32200</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office SharePoint</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32201">CVE-2026-32201</a></td> <td>6.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C</td> <td>Exploitation Detected</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202">CVE-2026-32202</a></td> <td>4.3</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET and Visual Studio</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32203">CVE-2026-32203</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Dynamics 365 (Online)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32210">CVE-2026-32210</a></td> <td>9.3</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>N/A</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Universal Plug and Play (upnp.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32212">CVE-2026-32212</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Universal Plug and Play (upnp.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32214">CVE-2026-32214</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32215">CVE-2026-32215</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Redirected Drive Buffering</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32216">CVE-2026-32216</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32217">CVE-2026-32217</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32218">CVE-2026-32218</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Brokering File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32219">CVE-2026-32219</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Virtualization-Based Security (VBS) Enclave</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32220">CVE-2026-32220</a></td> <td>4.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Graphics Component</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32221">CVE-2026-32221</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Win32K - ICOMP</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32222">CVE-2026-32222</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows USB Print Driver</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32223">CVE-2026-32223</a></td> <td>6.8</td> <td>CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Server Update Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32224">CVE-2026-32224</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32225">CVE-2026-32225</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET Framework</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32226">CVE-2026-32226</a></td> <td>5.9</td> <td>CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33095">CVE-2026-33095</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows HTTP.sys</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33096">CVE-2026-33096</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td><strong>Yes</strong></td> </tr> <tr> <td>Windows Container Isolation FS Filter Driver</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33098">CVE-2026-33098</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33099">CVE-2026-33099</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33100">CVE-2026-33100</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Print Spooler Components</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33101">CVE-2026-33101</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>M365 Copilot</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33102">CVE-2026-33102</a></td> <td>9.3</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>N/A</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Dynamics 365 (on-premises)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33103">CVE-2026-33103</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Win32K - GRFX</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33104">CVE-2026-33104</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33114">CVE-2026-33114</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33115">CVE-2026-33115</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET, .NET Framework, Visual Studio</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33116">CVE-2026-33116</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33118">CVE-2026-33118</a></td> <td>4.3</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C</td> <td>N/A</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33119">CVE-2026-33119</a></td> <td>5.4</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>SQL Server</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33120">CVE-2026-33120</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Bing</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33819">CVE-2026-33819</a></td> <td>10.0</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>N/A</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> </tbody> </table> <p>| Microsoft Office Word | <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33822">CVE-2026-33822</a> | 6.1 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C | Exploitation Less Likely | <strong>Yes</strong> | No | No | | Windows IKE Extension | <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33824">CVE-2026-33824</a> | 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C | Exploitation Less Likely | <strong>Yes</strong> | No | <strong>Yes</strong> | | Microsoft Defender | <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33825">CVE-2026-33825</a> | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C | Exploitation More Likely | <strong>Yes</strong> | No | No | | Windows Active Directory | <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33826">CVE-2026-33826</a> | 8.0 | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C | Exploitation More Likely | <strong>Yes</strong> | No | No | | Windows TCP/IP | <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33827">CVE-2026-33827</a> | 8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C | Exploitation Less Likely | <strong>Yes</strong> | No | No | | Windows Snipping Tool | <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33829">CVE-2026-33829</a> | 4.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C | Exploitation Unlikely | <strong>Yes</strong> | No | No | | Microsoft Entra ID Entitlement Management | <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-35431">CVE-2026-35431</a> | 10.0 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C | N/A | <strong>Yes</strong> | No | No |</p> <h2 id="we-are-republishing-139-non-microsoft-cves">We are republishing 139 non-Microsoft CVEs:</h2> <table> <thead> <tr> <th>CNA</th> <th>Tag</th> <th>CVE</th> <th>FAQs?</th> <th>Workarounds?</th> <th>Mitigations?</th> </tr> </thead> <tbody> <tr> <td>AMD</td> <td>Input-Output Memory Management Unit (IOMMU)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-20585">CVE-2023-20585</a></td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>HackerOne</td> <td>Node.js</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-21637">CVE-2026-21637</a></td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>MITRE</td> <td>Windows Secure Boot</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-25250">CVE-2026-25250</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>GitHub</td> <td>GitHub Repo: Git for Windows</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32631">CVE-2026-32631</a></td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5272">CVE-2026-5272</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5273">CVE-2026-5273</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5274">CVE-2026-5274</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5275">CVE-2026-5275</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5276">CVE-2026-5276</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5277">CVE-2026-5277</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5279">CVE-2026-5279</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5280">CVE-2026-5280</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5281">CVE-2026-5281</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5283">CVE-2026-5283</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5284">CVE-2026-5284</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5285">CVE-2026-5285</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5286">CVE-2026-5286</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5287">CVE-2026-5287</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5289">CVE-2026-5289</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5290">CVE-2026-5290</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5291">CVE-2026-5291</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5292">CVE-2026-5292</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5858">CVE-2026-5858</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5859">CVE-2026-5859</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5860">CVE-2026-5860</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5861">CVE-2026-5861</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5862">CVE-2026-5862</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5863">CVE-2026-5863</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5864">CVE-2026-5864</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5865">CVE-2026-5865</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5866">CVE-2026-5866</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5867">CVE-2026-5867</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5868">CVE-2026-5868</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5869">CVE-2026-5869</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5870">CVE-2026-5870</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5871">CVE-2026-5871</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5872">CVE-2026-5872</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5873">CVE-2026-5873</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5874">CVE-2026-5874</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5875">CVE-2026-5875</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5876">CVE-2026-5876</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5877">CVE-2026-5877</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5878">CVE-2026-5878</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5879">CVE-2026-5879</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5880">CVE-2026-5880</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5881">CVE-2026-5881</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5882">CVE-2026-5882</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5883">CVE-2026-5883</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5884">CVE-2026-5884</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5885">CVE-2026-5885</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5886">CVE-2026-5886</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5887">CVE-2026-5887</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5888">CVE-2026-5888</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5889">CVE-2026-5889</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5890">CVE-2026-5890</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5891">CVE-2026-5891</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5892">CVE-2026-5892</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5893">CVE-2026-5893</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5894">CVE-2026-5894</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5895">CVE-2026-5895</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5896">CVE-2026-5896</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5897">CVE-2026-5897</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5898">CVE-2026-5898</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5899">CVE-2026-5899</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5900">CVE-2026-5900</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5901">CVE-2026-5901</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5902">CVE-2026-5902</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5903">CVE-2026-5903</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5904">CVE-2026-5904</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5905">CVE-2026-5905</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5906">CVE-2026-5906</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5907">CVE-2026-5907</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5908">CVE-2026-5908</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5909">CVE-2026-5909</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5910">CVE-2026-5910</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5911">CVE-2026-5911</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5912">CVE-2026-5912</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5913">CVE-2026-5913</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5914">CVE-2026-5914</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5915">CVE-2026-5915</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5918">CVE-2026-5918</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5919">CVE-2026-5919</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6296">CVE-2026-6296</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6297">CVE-2026-6297</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6298">CVE-2026-6298</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6299">CVE-2026-6299</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6300">CVE-2026-6300</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6301">CVE-2026-6301</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6302">CVE-2026-6302</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6303">CVE-2026-6303</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6304">CVE-2026-6304</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6305">CVE-2026-6305</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6306">CVE-2026-6306</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6307">CVE-2026-6307</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6308">CVE-2026-6308</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6309">CVE-2026-6309</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6310">CVE-2026-6310</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6311">CVE-2026-6311</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6312">CVE-2026-6312</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6313">CVE-2026-6313</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6314">CVE-2026-6314</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6316">CVE-2026-6316</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6317">CVE-2026-6317</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6318">CVE-2026-6318</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6359">CVE-2026-6359</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6360">CVE-2026-6360</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6361">CVE-2026-6361</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6362">CVE-2026-6362</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6363">CVE-2026-6363</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6364">CVE-2026-6364</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6919">CVE-2026-6919</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-6921">CVE-2026-6921</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7363">CVE-2026-7363</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7344">CVE-2026-7344</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7343">CVE-2026-7343</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7333">CVE-2026-7333</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7360">CVE-2026-7360</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7359">CVE-2026-7359</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7358">CVE-2026-7358</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7334">CVE-2026-7334</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7357">CVE-2026-7357</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7356">CVE-2026-7356</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7354">CVE-2026-7354</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7353">CVE-2026-7353</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7351">CVE-2026-7351</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7350">CVE-2026-7350</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7349">CVE-2026-7349</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7348">CVE-2026-7348</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7335">CVE-2026-7335</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7336">CVE-2026-7336</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7337">CVE-2026-7337</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7347">CVE-2026-7347</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7346">CVE-2026-7346</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7345">CVE-2026-7345</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7338">CVE-2026-7338</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7341">CVE-2026-7341</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7339">CVE-2026-7339</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7340">CVE-2026-7340</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-7355">CVE-2026-7355</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> </tbody> </table> <h2 id="security-update-guide-blog-posts">Security Update Guide Blog Posts</h2> <table> <thead> <tr> <th>Date</th> <th>Blog Post</th> </tr> </thead> <tbody> <tr> <td>October 31, 2025</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/introducing-new-features-improved-security-experience">You asked, we delivered: Introducing new features for an improved security experience</a></td> </tr> <tr> <td>October 28, 2025</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/understanding-cve-2025-55315">Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know</a></td> </tr> <tr> <td>October 22, 2025</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">Toward greater transparency: Introducing machine-readable Vulnerability Exploitability Xchange (VEX) for Azure Linux and beyond</a></td> </tr> <tr> <td>November 12, 2024</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2024/11/toward-greater-transparency-publishing-machine-readable-csaf-files">Toward greater transparency: Publishing machine-readable CSAF files</a></td> </tr> <tr> <td>June 27, 2024</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2024/06/toward-greater-transparency-unveiling-cloud-service-cves1/">Toward greater transparency: Unveiling Cloud Service CVEs</a></td> </tr> <tr> <td>April 9, 2024</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2024/04/toward-greater-transparency-adopting-the-cwe-standard-for-microsoft-cves">Toward greater transparency: Security Update Guide now shares CWEs for CVEs</a></td> </tr> <tr> <td>January 6, 2023</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2023/01/publishing-cbl-mariner-cves-on-the-security-update-guide-cvrf-api/">Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API</a></td> </tr> <tr> <td>January 11, 2022</td> <td><a href="https://aka.ms/SUGNotificationProfile">Coming Soon: New Security Update Guide Notification System</a></td> </tr> <tr> <td>February 9, 2021</td> <td><a href="https://msrc-blog.microsoft.com/2021/02/09/continuing-to-listen-good-news-about-the-security-update-guide-api/">Continuing to Listen: Good News about the Security Update Guide API</a></td> </tr> <tr> <td>January 13, 2021</td> <td><a href="https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/">Security Update Guide Supports CVEs Assigned by Industry Partners</a></td> </tr> <tr> <td>December 8, 2020</td> <td><a href="https://msrc-blog.microsoft.com/2020/12/08/security-update-guide-lets-keep-the-conversation-going/">Security Update Guide: Let’s keep the conversation going</a></td> </tr> <tr> <td>November 9, 2020</td> <td><a href="https://msrc-blog.microsoft.com/2020/11/09/vulnerability-descriptions-in-the-new-version-of-the-security-update-guide/">Vulnerability Descriptions in the New Version of the Security Update Guide</a></td> </tr> </tbody> </table> <h2 id="relevant-resources">Relevant Resources</h2> <ul> <li>The new Hotpatching feature is now generally available. Please see <a href="https://docs.microsoft.com/en-us/azure/automanage/automanage-hotpatch?WT.mc_id=modinfra-18529-thmaure">Hotpatching feature for Windows Server Azure Edition virtual machines (VMs)</a> for more information.</li> <li>Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the <a href="https://www.catalog.update.microsoft.com/Home.aspx">Microsoft Update Catalog</a>. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see <a href="https://docs.microsoft.com/en-us/lifecycle/faq/windows">Windows Lifecycle Facts Sheet</a>.</li> <li>Microsoft is improving Windows Release Notes. For more information, please see <a href="https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-next-for-windows-release-notes/ba-p/1754399">What's next for Windows release notes</a>.</li> <li>A list of the latest servicing stack updates for each operating system can be found in <a href="https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001">ADV990001</a>. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.</li> <li>In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.</li> <li>Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See <a href="https://support.microsoft.com/en-us/topic/procedure-to-continue-receiving-security-updates-after-extended-support-ends-on-january-14-2020-48c59204-fe67-3f42-84fc-c3c3145ff28e">4522133</a> for more information.</li> </ul> <h2 id="known-issues">Known Issues</h2> <p>You can see these in more detail from the Deployments tab by selecting <strong>Known Issues</strong> column in the <strong>Edit Columns</strong> panel.</p> <p>For more information about Windows Known Issues, please see <a href="https://docs.microsoft.com/en-us/windows/release-information/windows-message-center">Windows message center</a> (links to currently-supported versions of Windows are in the left pane).</p> <table> <thead> <tr> <th>KB Article</th> <th>Applies To</th> </tr> </thead> <tbody> <tr> <td><a href="https://support.microsoft.com/help/5082060">5082060</a></td> <td>Windows Server 2022 23H2</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5082063">5082063</a></td> <td>Windows Server 2025</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5082142">5082142</a></td> <td>Windows Server 2022</td> </tr> </tbody> </table> The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Microsoft Dynamics 365 (online) Microsoft Dynamics 365 (on-premises) version 9.0 Microsoft Power Apps Microsoft 365 Copilot Microsoft Bing Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation) Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows Server 2025 (Server Core installation) Windows 11 Version 25H2 for ARM64-based Systems Windows 11 Version 25H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems Windows Server 2025 Windows 11 Version 26H1 for ARM64-based Systems Windows 11 version 26H1 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows App Client for Windows Desktop Remote Desktop client for Windows Desktop Windows Admin Center Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Microsoft Visual Studio Code CoPilot Chat Extension Microsoft Visual Studio 2022 version 17.12 Microsoft Visual Studio 2022 version 17.14 .NET 10.0 installed on Windows .NET 10.0 installed on Mac OS .NET 10.0 installed on Linux .NET 8.0 .NET 8.0 installed on Linux .NET 8.0 installed on Windows .NET 8.0 installed on Mac OS .NET 9.0 installed on Linux .NET 9.0 installed on Windows .NET 9.0 installed on Mac OS Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems Microsoft .NET Framework 4.8 on Windows Server 2012 Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2012 R2 Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for x64-based Systems Microsoft .NET Framework 3.5 on Windows Server 2012 Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 on Windows Server 2012 R2 Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for x64-based Systems Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Microsoft Visual Studio 2026 version 18.4 Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 26H1 for x64-based Systems PowerShell 7.5 PowerShell 7.4 PowerShell 7.6 ASP.NET Core 10.0 Microsoft Visual Studio 2026 version 18.5 Microsoft .NET Framework 4.8 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 4.8 on Windows 11 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 4.8.1 on Windows Server 2022 (Server Core installation) Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft SharePoint Server Subscription Edition Office Online Server Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2024 for 32-bit editions Microsoft Office LTSC 2024 for 64-bit editions Microsoft Office LTSC for Mac 2024 Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft PowerPoint 2016 (32-bit edition) Microsoft PowerPoint 2016 (64-bit edition) Microsoft Power Apps Desktop Client Azure Monitor Agent Microsoft HPC Pack 2019 Azure Databricks Azure Logic Apps Azure SRE Agent Gateway - SignalR Hub Microsoft Purview eDiscovery Microsoft Partner Center Microsoft Entra ID Azure IOT Central Azure Custom Locations Resource Provider Azure Web Apps Azure AI Foundry Azure Kubernetes Service Microsoft SQL Server 2025 for x64-based Systems (CU3) Microsoft SQL Server 2022 for x64-based Systems (CU 24) Microsoft SQL Server 2017 for x64-based Systems (GDR) Microsoft SQL Server 2019 for x64-based Systems (GDR) Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack Microsoft SQL Server 2022 for x64-based Systems (GDR) Microsoft SQL Server 2017 for x64-based Systems (CU 31) Microsoft SQL Server 2025 for x64-based Systems (GDR) Microsoft SQL Server 2019 for x64-based Systems (CU 32) Microsoft Edge (Chromium-based) Microsoft Edge for Android Microsoft Defender Antimalware Platform azl3 openssh 9.8p1-5 on Azure Linux 3.0 cbl2 openssh 8.9p1-9 on CBL Mariner 2.0 azl3 openssh 9.8p1-6 on Azure Linux 3.0 cbl2 cmake 3.21.4-23 on CBL Mariner 2.0 cbl2 xz 5.2.5-1 on CBL Mariner 2.0 azl3 rust 1.75.0-27 on Azure Linux 3.0 cbl2 rust 1.72.0-15 on CBL Mariner 2.0 azl3 rust 1.90.0-6 on Azure Linux 3.0 azl3 xz 5.4.4-3 on Azure Linux 3.0 azl3 cups 2.4.16-1 on Azure Linux 3.0 cbl2 cups 2.3.3op2-11 on CBL Mariner 2.0 azl3 kernel 6.6.130.1-3 on Azure Linux 3.0 azl3 kernel 6.6.134.1-2 on Azure Linux 3.0 cbl2 kernel 5.15.202.1-1 on CBL Mariner 2.0 azl3 util-linux 2.40.2-3 on Azure Linux 3.0 cbl2 util-linux 2.37.4-10 on CBL Mariner 2.0 azl3 util-linux 2.40.2-4 on Azure Linux 3.0 cbl2 sudo 1.9.17-1 on CBL Mariner 2.0 azl3 poetry 1.8.3-1 on Azure Linux 3.0 azl3 poetry 1.8.5-1 on Azure Linux 3.0 cbl2 vim 9.2.0240-1 on CBL Mariner 2.0 azl3 vim 9.2.0240-1 on Azure Linux 3.0 cbl2 avahi 0.8-5 on CBL Mariner 2.0 azl3 avahi 0.8-7 on Azure Linux 3.0 azl3 avahi 0.8-8 on Azure Linux 3.0 azl3 openssl 3.3.5-4 on Azure Linux 3.0 azl3 nodejs24 24.14.1-2 on Azure Linux 3.0 azl3 qemu 9.1.0-5 on Azure Linux 3.0 cbl2 cloud-hypervisor-cvm 38.0.72.2-5 on CBL Mariner 2.0 azl3 cloud-hypervisor 48.0.246-4 on Azure Linux 3.0 azl3 nodejs24 24.13.0-3 on Azure Linux 3.0 azl3 qemu 9.1.0-1 on Azure Linux 3.0 azl3 nodejs24 24.14.1-1 on Azure Linux 3.0 azl3 rust 1.90.0-7 on Azure Linux 3.0 azl3 openssl 3.3.5-5 on Azure Linux 3.0 azl3 rust 1.75.0-28 on Azure Linux 3.0 cbl2 cloud-hypervisor 32.0-7 on CBL Mariner 2.0 cbl2 edk2 20230301gitf80f052277c8-47 on CBL Mariner 2.0 cbl2 hvloader 1.0.1-18 on CBL Mariner 2.0 cbl2 openssl 1.1.1k-39 on CBL Mariner 2.0 cbl2 qemu 6.2.0-27 on CBL Mariner 2.0 azl3 pytorch 2.2.2-12 on Azure Linux 3.0 cbl2 pytorch 2.0.0-15 on CBL Mariner 2.0 azl3 kernel 6.6.0.0-1 on Azure Linux 3.0 azl3 containerd2 2.1.6-1 on Azure Linux 3.0 azl3 containerized-data-importer 1.62.0-3 on Azure Linux 3.0 azl3 gh 2.62.0-15 on Azure Linux 3.0 azl3 telegraf 1.31.0-19 on Azure Linux 3.0 azl3 azurelinux-image-tools 1.2.0-2 on Azure Linux 3.0 azl3 cloud-provider-kubevirt 0.5.1-3 on Azure Linux 3.0 azl3 containerd2 2.0.0-18 on Azure Linux 3.0 azl3 containerized-data-importer 1.62.0-2 on Azure Linux 3.0 azl3 coredns 1.11.4-15 on Azure Linux 3.0 azl3 cri-tools 1.32.0-4 on Azure Linux 3.0 cbl2 etcd 3.5.28-1 on CBL Mariner 2.0 azl3 etcd 3.5.28-1 on Azure Linux 3.0 azl3 gh 2.62.0-13 on Azure Linux 3.0 azl3 keda 2.14.1-11 on Azure Linux 3.0 azl3 telegraf 1.31.0-17 on Azure Linux 3.0 azl3 ignition-flatcar 2.22.0-1 on Azure Linux 3.0 cbl2 golang 1.18.8-10 on CBL Mariner 2.0 cbl2 golang 1.22.7-5 on CBL Mariner 2.0 azl3 golang 1.25.8-1 on Azure Linux 3.0 azl3 golang 1.26.1-1 on Azure Linux 3.0 cbl2 msft-golang 1.25.8-1 on CBL Mariner 2.0 azl3 python-tensorboard 2.16.2-6 on Azure Linux 3.0 cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 azl3 tensorflow 2.16.1-11 on Azure Linux 3.0 azl3 golang 1.25.9-1 on Azure Linux 3.0 azl3 golang 1.26.2-1 on Azure Linux 3.0 cbl2 python-tensorboard 2.11.0-3 on CBL Mariner 2.0 cbl2 libcap 2.60-7 on CBL Mariner 2.0 azl3 libcap 2.69-13 on Azure Linux 3.0 azl3 libcap 2.69-14 on Azure Linux 3.0 cbl2 helm 3.14.2-10 on CBL Mariner 2.0 azl3 libpng 1.6.56-1 on Azure Linux 3.0 cbl2 libpng 1.6.56-1 on CBL Mariner 2.0 azl3 systemd 255-26 on Azure Linux 3.0 cbl2 systemd 250.3-24 on CBL Mariner 2.0 azl3 systemd 255-27 on Azure Linux 3.0 cbl2 osslsigncode 2.7-1 on CBL Mariner 2.0 azl3 libexif 0.6.24-2 on Azure Linux 3.0 cbl2 libexif 0.6.24-2 on CBL Mariner 2.0 azl3 libexif 0.6.24-3 on Azure Linux 3.0 azl3 mesa 24.0.1-6 on Azure Linux 3.0 cbl2 mesa 21.0.0-4 on CBL Mariner 2.0 azl3 haproxy 2.9.11-4 on Azure Linux 3.0 azl3 haproxy 2.9.11-5 on Azure Linux 3.0 cbl2 mariadb 10.6.25-1 on CBL Mariner 2.0 azl3 mariadb 10.11.16-1 on Azure Linux 3.0 cbl2 jq 1.6-5 on CBL Mariner 2.0 azl3 containerd2 0.0.0-1 on Azure Linux 3.0 cbl2 expat 2.6.4-4 on CBL Mariner 2.0 azl3 expat 2.6.4-5 on Azure Linux 3.0 azl3 expat 2.6.4-6 on Azure Linux 3.0 azl3 zlib 1.3.2-1 on Azure Linux 3.0 azl3 ruby 3.3.5-7 on Azure Linux 3.0 cbl2 glibc 2.35-10 on CBL Mariner 2.0 azl3 glibc 2.38-19 on Azure Linux 3.0 cbl2 sed 4.8-3 on CBL Mariner 2.0 azl3 sed 4.9-2 on Azure Linux 3.0 azl3 sed 4.9-1 on Azure Linux 3.0 azl3 mysql 8.0.45-2 on Azure Linux 3.0 cbl2 mysql 8.0.45-3 on CBL Mariner 2.0 azl3 libgcrypt 1.10.3-1 on Azure Linux 3.0 cbl2 libgcrypt 1.10.3-1 on CBL Mariner 2.0 azl3 uuid 1.6.2-51 on Azure Linux 3.0 azl3 python-lxml 4.9.3-1 on Azure Linux 3.0 azl3 erlang 26.2.5.18-1 on Azure Linux 3.0 cbl2 erlang 25.3.2.21-5 on CBL Mariner 2.0 cbl2 rpm-ostree 2022.1-8 on CBL Mariner 2.0 azl3 python-cryptography 42.0.5-4 on Azure Linux 3.0 azl3 rpm-ostree 2024.4-8 on Azure Linux 3.0 azl3 trident 0.22.0-1 on Azure Linux 3.0 azl3 clamav 1.5.2-2 on Azure Linux 3.0 azl3 rpm-ostree 2024.4-10 on Azure Linux 3.0 azl3 rust-afterburn 5.8.2-1 on Azure Linux 3.0 azl3 clamav 1.5.2-1 on Azure Linux 3.0 cbl2 xorg-x11-server 1.20.10-16 on CBL Mariner 2.0 azl3 xorg-x11-server-Xwayland 24.1.6-3 on Azure Linux 3.0 azl3 python-pip 24.2-6 on Azure Linux 3.0 cbl2 libinput 1.21.0-2 on CBL Mariner 2.0 azl3 libinput 1.25.0-1 on Azure Linux 3.0 azl3 sleuthkit 4.12.1-1 on Azure Linux 3.0 cbl2 sleuthkit 4.9.0-4 on CBL Mariner 2.0 azl3 kernel 0.0.0-1 on Azure Linux 3.0 azl3 rubygem-addressable 2.8.5-2 on Azure Linux 3.0 cbl2 rubygem-addressable 2.8.0-2 on CBL Mariner 2.0 azl3 edk2 20240524git3e722403cd16-15 on Azure Linux 3.0 azl3 cloud-hypervisor 51.1.56-1 on Azure Linux 3.0 azl3 edk2 20240524git3e722403cd16-16 on Azure Linux 3.0 azl3 docker-buildx 0.14.0-11 on Azure Linux 3.0 azl3 docker-compose 2.27.0-9 on Azure Linux 3.0 azl3 moby-containerd-cc 1.7.7-11 on Azure Linux 3.0 azl3 moby-engine 25.0.3-17 on Azure Linux 3.0 azl3 docker-buildx 0.14.0-10 on Azure Linux 3.0 azl3 docker-compose 2.27.0-8 on Azure Linux 3.0 cbl2 moby-buildx 0.7.1-28 on CBL Mariner 2.0 cbl2 moby-compose 2.17.3-14 on CBL Mariner 2.0 cbl2 moby-containerd 1.6.26-13 on CBL Mariner 2.0 cbl2 moby-containerd-cc 1.7.7-13 on CBL Mariner 2.0 cbl2 moby-engine 24.0.9-19 on CBL Mariner 2.0 cbl2 prometheus 2.37.9-7 on CBL Mariner 2.0 azl3 moby-containerd-cc 1.7.7-10 on Azure Linux 3.0 azl3 moby-engine 25.0.3-15 on Azure Linux 3.0 azl3 skopeo 1.14.4-10 on Azure Linux 3.0 cbl2 containerized-data-importer 1.55.0-28 on CBL Mariner 2.0 cbl2 cri-o 1.22.3-20 on CBL Mariner 2.0 cbl2 gcc 11.2.0-9 on CBL Mariner 2.0 cbl2 libcontainers-common 20210626-7 on CBL Mariner 2.0 cbl2 skopeo 1.14.2-15 on CBL Mariner 2.0 azl3 skopeo 1.14.4-9 on Azure Linux 3.0 azl3 javapackages-bootstrap 1.14.0-4 on Azure Linux 3.0 cbl2 python3 3.9.19-19 on CBL Mariner 2.0 azl3 python3 3.12.9-10 on Azure Linux 3.0 cbl2 rubygem-rdiscount 2.2.0.2-3 on CBL Mariner 2.0 azl3 rubygem-rdiscount 2.2.7.1-1 on Azure Linux 3.0 azl3 rsync 3.4.1-2 on Azure Linux 3.0 cbl2 rsync 3.4.1-2 on CBL Mariner 2.0 azl3 SymCrypt 103.8.0-1 on Azure Linux 3.0 cbl2 libssh 0.10.6-5 on CBL Mariner 2.0 azl3 libssh 0.10.6-7 on Azure Linux 3.0 azl3 httpd 2.4.66-1 on Azure Linux 3.0 cbl2 gh 2.13.0-26 on CBL Mariner 2.0 cbl2 telegraf 1.29.4-22 on CBL Mariner 2.0 azl3 lcms2 2.15-2 on Azure Linux 3.0 cbl2 lcms2 2.13.1-2 on CBL Mariner 2.0 azl3 lcms2 2.15-1 on Azure Linux 3.0 cbl2 ntfs-3g 2022.10.3-2 on CBL Mariner 2.0 azl3 python-virtualenv 20.36.1-2 on Azure Linux 3.0 cbl2 python-virtualenv 20.26.6-3 on CBL Mariner 2.0 azl3 dnsmasq 2.90-1 on Azure Linux 3.0 cbl2 dnsmasq 2.90-1 on CBL Mariner 2.0 azl3 erlang 26.2.5.20-1 on Azure Linux 3.0 cbl2 keras 2.11.0-3 on CBL Mariner 2.0 cbl2 protobuf 3.17.3-5 on CBL Mariner 2.0 azl3 mysql 8.0.46-1 on Azure Linux 3.0 azl3 protobuf 25.3-6 on Azure Linux 3.0 azl3 pytorch 2.2.2-14 on Azure Linux 3.0 azl3 python-mako 1.2.4-2 on Azure Linux 3.0 cbl2 python-mako 1.2.2-2 on CBL Mariner 2.0 azl3 opensc 0.26.1-1 on Azure Linux 3.0 cbl2 opensc 0.23.0-5 on CBL Mariner 2.0 cbl2 libsoup 3.0.4-13 on CBL Mariner 2.0 azl3 libsoup 3.4.4-15 on Azure Linux 3.0 cbl2 libxml2 2.10.4-11 on CBL Mariner 2.0 azl3 libxml2 2.11.5-9 on Azure Linux 3.0 azl3 xz 5.4.4-2 on Azure Linux 3.0 azl3 sudo 1.9.17-1 on Azure Linux 3.0 azl3 jq 1.7.1-4 on Azure Linux 3.0 cbl2 python-lxml 4.9.1-1 on CBL Mariner 2.0 azl3 thrift 0.15.0-5 on Azure Linux 3.0 azl3 gcc 13.2.0-7 on Azure Linux 3.0 azl3 libcontainers-common 20240213-3 on Azure Linux 3.0 azl3 ntfs-3g 2022.10.3-2 on Azure Linux 3.0 azl3 grpc 1.62.3-1 on Azure Linux 3.0 cbl2 grpc 1.42.0-11 on CBL Mariner 2.0 azl3 nano 6.4-2 on Azure Linux 3.0 azl3 emacs 29.4-3 on Azure Linux 3.0 cbl2 emacs 29.4-3 on CBL Mariner 2.0 Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft PowerPoint 2016 (32-bit edition) Microsoft PowerPoint 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Windows Server 2016 Office Online Server Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 (Server Core installation) Microsoft SharePoint Enterprise Server 2016 Microsoft SQL Server 2017 for x64-based Systems (GDR) Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft SharePoint Server 2019 Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Windows Admin Center Microsoft .NET Framework 4.8 on Windows Server 2012 Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2012 R2 Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems Microsoft .NET Framework 4.8 on Windows 11 Version 22H2 for x64-based Systems Microsoft .NET Framework 4.8 on Windows 10 Version 22H2 for x64-based Systems Microsoft Edge (Chromium-based) Microsoft Dynamics 365 (on-premises) version 9.0 Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 11 version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Microsoft Defender Antimalware Platform Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Edge for Android Microsoft SQL Server 2019 for x64-based Systems (GDR) Remote Desktop client for Windows Desktop Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) Azure Kubernetes Service Windows Server 2022 Windows Server 2022 (Server Core installation) Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft SharePoint Server Subscription Edition Azure Databricks Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack Microsoft .NET Framework 4.8.1 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 26H1 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for x64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Microsoft SQL Server 2017 for x64-based Systems (CU 31) Microsoft SQL Server 2022 for x64-based Systems (GDR) Microsoft Power Apps Azure Logic Apps Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) .NET 8.0 PowerShell 7.4 Azure Monitor Agent Microsoft Entra ID Azure Web Apps Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems .NET 8.0 installed on Windows .NET 8.0 installed on Linux .NET 8.0 installed on Mac OS Microsoft Office LTSC 2024 for 32-bit editions Microsoft Office LTSC 2024 for 64-bit editions Microsoft Partner Center .NET 9.0 installed on Linux .NET 9.0 installed on Mac OS .NET 9.0 installed on Windows Windows Server 2025 Windows Server 2025 (Server Core installation) Microsoft Office LTSC for Mac 2024 Microsoft HPC Pack 2019 Windows App Client for Windows Desktop Microsoft Visual Studio 2022 version 17.12 Microsoft Bing Azure AI Foundry Microsoft Power Apps Desktop Client Microsoft 365 Copilot Microsoft Visual Studio 2022 version 17.14 Microsoft Visual Studio Code CoPilot Chat Extension Microsoft SQL Server 2019 for x64-based Systems (CU 32) PowerShell 7.5 azl3 syslinux 6.04-11 on Azure Linux 3.0 cbl2 emacs 29.4-3 on CBL Mariner 2.0 azl3 emacs 29.4-3 on Azure Linux 3.0 azl3 thrift 0.15.0-5 on Azure Linux 3.0 azl3 grpc 1.62.3-1 on Azure Linux 3.0 azl3 nano 6.4-2 on Azure Linux 3.0 azl3 libcontainers-common 20240213-3 on Azure Linux 3.0 cbl2 grpc 1.42.0-11 on CBL Mariner 2.0 azl3 ntfs-3g 2022.10.3-2 on Azure Linux 3.0 azl3 gcc 13.2.0-7 on Azure Linux 3.0 cbl2 syslinux 6.04-10 on CBL Mariner 2.0 cbl2 python-lxml 4.9.1-1 on CBL Mariner 2.0 azl3 xz 5.4.4-2 on Azure Linux 3.0 azl3 sudo 1.9.17-1 on Azure Linux 3.0 azl3 jq 1.7.1-4 on Azure Linux 3.0 azl3 qtbase 6.6.3-4 on Azure Linux 3.0 cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 azl3 python-tensorboard 2.16.2-6 on Azure Linux 3.0 cbl2 python-tensorboard 2.11.0-3 on CBL Mariner 2.0 azl3 poetry 1.8.3-1 on Azure Linux 3.0 cbl2 libcontainers-common 20210626-7 on CBL Mariner 2.0 cbl2 cloud-hypervisor-cvm 38.0.72.2-5 on CBL Mariner 2.0 cbl2 opensc 0.23.0-5 on CBL Mariner 2.0 cbl2 rabbitmq-server 3.11.24-3 on CBL Mariner 2.0 cbl2 keras 2.11.0-3 on CBL Mariner 2.0 cbl2 nano 6.0-3 on CBL Mariner 2.0 azl3 sleuthkit 4.12.1-1 on Azure Linux 3.0 cbl2 cloud-hypervisor 32.0-7 on CBL Mariner 2.0 cbl2 ntfs-3g 2022.10.3-2 on CBL Mariner 2.0 cbl2 sudo 1.9.17-1 on CBL Mariner 2.0 cbl2 perl 5.34.1-491 on CBL Mariner 2.0 azl3 perl 5.38.2-509 on Azure Linux 3.0 cbl2 xorg-x11-server 1.20.10-16 on CBL Mariner 2.0 cbl2 libsndfile 1.0.31-4 on CBL Mariner 2.0 cbl2 golang 1.22.7-5 on CBL Mariner 2.0 cbl2 kata-containers 3.2.0.azl2-7 on CBL Mariner 2.0 cbl2 kata-containers-cc 3.2.0.azl2-8 on CBL Mariner 2.0 Windows 11 Version 25H2 for ARM64-based Systems Windows 11 Version 25H2 for x64-based Systems cbl2 golang 1.18.8-10 on CBL Mariner 2.0 cbl2 fio 3.30-3 on CBL Mariner 2.0 azl3 fio 3.37-3 on Azure Linux 3.0 cbl2 gdb 11.2-10 on CBL Mariner 2.0 cbl2 jq 1.6-5 on CBL Mariner 2.0 cbl2 openssh 8.9p1-9 on CBL Mariner 2.0 azl3 openssh 9.8p1-5 on Azure Linux 3.0 cbl2 gcc 11.2.0-9 on CBL Mariner 2.0 cbl2 libssh 0.10.6-5 on CBL Mariner 2.0 cbl2 moby-engine 24.0.9-19 on CBL Mariner 2.0 cbl2 ceph 16.2.10-11 on CBL Mariner 2.0 cbl2 rsync 3.4.1-2 on CBL Mariner 2.0 azl3 rsync 3.4.1-2 on Azure Linux 3.0 azl3 haproxy 2.9.11-4 on Azure Linux 3.0 azl3 cups 2.4.16-1 on Azure Linux 3.0 Microsoft SQL Server 2025 for x64-based Systems (GDR) cbl2 cups 2.3.3op2-11 on CBL Mariner 2.0 cbl2 util-linux 2.37.4-10 on CBL Mariner 2.0 azl3 util-linux 2.40.2-3 on Azure Linux 3.0 cbl2 qt5-qtbase 5.12.11-19 on CBL Mariner 2.0 .NET 10.0 installed on Windows .NET 10.0 installed on Mac OS .NET 10.0 installed on Linux Azure IOT Central Windows 11 version 26H1 for x64-based Systems Windows 11 Version 26H1 for ARM64-based Systems cbl2 avahi 0.8-5 on CBL Mariner 2.0 azl3 avahi 0.8-7 on Azure Linux 3.0 cbl2 frr 8.5.5-5 on CBL Mariner 2.0 cbl2 rpm-ostree 2022.1-8 on CBL Mariner 2.0 azl3 ruby 3.3.5-7 on Azure Linux 3.0 azl3 libsndfile 1.2.2-4 on Azure Linux 3.0 azl3 krb5 1.21.3-3 on Azure Linux 3.0 cbl2 krb5 1.19.4-5 on CBL Mariner 2.0 azl3 gnutls 3.8.3-8 on Azure Linux 3.0 cbl2 gnutls 3.7.11-6 on CBL Mariner 2.0 ASP.NET Core 10.0 cbl2 kubernetes 1.28.4-25 on CBL Mariner 2.0 cbl2 glibc 2.35-10 on CBL Mariner 2.0 cbl2 binutils 2.37-20 on CBL Mariner 2.0 cbl2 python3 3.9.19-19 on CBL Mariner 2.0 cbl2 libxml2 2.10.4-11 on CBL Mariner 2.0 cbl2 helm 3.14.2-10 on CBL Mariner 2.0 cbl2 expat 2.6.4-4 on CBL Mariner 2.0 cbl2 kubevirt 0.59.0-38 on CBL Mariner 2.0 cbl2 cert-manager 1.11.2-27 on CBL Mariner 2.0 azl3 libxml2 2.11.5-9 on Azure Linux 3.0 azl3 qemu 9.1.0-1 on Azure Linux 3.0 azl3 python-pip 24.2-6 on Azure Linux 3.0 azl3 pytorch 2.2.2-12 on Azure Linux 3.0 cbl2 cri-tools 1.29.0-9 on CBL Mariner 2.0 azl3 cert-manager 1.12.15-6 on Azure Linux 3.0 azl3 cloud-provider-kubevirt 0.5.1-3 on Azure Linux 3.0 azl3 containerd2 2.0.0-18 on Azure Linux 3.0 azl3 containerized-data-importer 1.62.0-2 on Azure Linux 3.0 azl3 cri-tools 1.32.0-4 on Azure Linux 3.0 azl3 docker-buildx 0.14.0-10 on Azure Linux 3.0 azl3 docker-compose 2.27.0-8 on Azure Linux 3.0 azl3 gh 2.62.0-13 on Azure Linux 3.0 cbl2 kured 1.14.2-7 on CBL Mariner 2.0 cbl2 moby-compose 2.17.3-14 on CBL Mariner 2.0 cbl2 moby-containerd 1.6.26-13 on CBL Mariner 2.0 cbl2 moby-containerd-cc 1.7.7-13 on CBL Mariner 2.0 azl3 keda 2.14.1-11 on Azure Linux 3.0 cbl2 prometheus 2.37.9-7 on CBL Mariner 2.0 azl3 kured 1.15.0-3 on Azure Linux 3.0 azl3 moby-containerd-cc 1.7.7-10 on Azure Linux 3.0 azl3 tensorflow 2.16.1-11 on Azure Linux 3.0 azl3 mariadb 10.11.16-1 on Azure Linux 3.0 azl3 nodejs24 24.13.0-3 on Azure Linux 3.0 azl3 systemd 255-26 on Azure Linux 3.0 Azure SRE Agent Gateway - SignalR Hub cbl2 osslsigncode 2.7-1 on CBL Mariner 2.0 azl3 rubygem-rdiscount 2.2.7.1-1 on Azure Linux 3.0 cbl2 rubygem-rdiscount 2.2.0.2-3 on CBL Mariner 2.0 Microsoft SQL Server 2025 for x64-based Systems (CU3) Microsoft SQL Server 2022 for x64-based Systems (CU 24) cbl2 kernel 5.15.202.1-1 on CBL Mariner 2.0 azl3 kernel 6.6.130.1-3 on Azure Linux 3.0 azl3 erlang 26.2.5.18-1 on Azure Linux 3.0 azl3 python3 3.12.9-10 on Azure Linux 3.0 cbl2 pytorch 2.0.0-15 on CBL Mariner 2.0 azl3 libpng 1.6.56-1 on Azure Linux 3.0 cbl2 libpng 1.6.56-1 on CBL Mariner 2.0 cbl2 rust 1.72.0-15 on CBL Mariner 2.0 azl3 rust 1.75.0-27 on Azure Linux 3.0 azl3 golang 1.25.8-1 on Azure Linux 3.0 cbl2 libsoup 3.0.4-13 on CBL Mariner 2.0 azl3 golang 1.26.1-1 on Azure Linux 3.0 cbl2 msft-golang 1.25.8-1 on CBL Mariner 2.0 cbl2 qemu 6.2.0-27 on CBL Mariner 2.0 azl3 cmake 3.30.3-13 on Azure Linux 3.0 cbl2 cmake 3.21.4-23 on CBL Mariner 2.0 azl3 rust 1.90.0-6 on Azure Linux 3.0 cbl2 systemd 250.3-24 on CBL Mariner 2.0 cbl2 telegraf 1.29.4-22 on CBL Mariner 2.0 azl3 telegraf 1.31.0-17 on Azure Linux 3.0 cbl2 nodejs18 18.20.3-12 on CBL Mariner 2.0 cbl2 libexif 0.6.24-2 on CBL Mariner 2.0 azl3 rpm-ostree 2024.4-8 on Azure Linux 3.0 cbl2 python-virtualenv 20.26.6-3 on CBL Mariner 2.0 azl3 glibc 2.38-19 on Azure Linux 3.0 cbl2 mariadb 10.6.25-1 on CBL Mariner 2.0 azl3 python-virtualenv 20.36.1-2 on Azure Linux 3.0 cbl2 erlang 25.3.2.21-5 on CBL Mariner 2.0 azl3 opensc 0.26.1-1 on Azure Linux 3.0 azl3 vim 9.2.0240-1 on Azure Linux 3.0 azl3 cloud-hypervisor 48.0.246-4 on Azure Linux 3.0 cbl2 mysql 8.0.45-3 on CBL Mariner 2.0 azl3 mysql 8.0.45-2 on Azure Linux 3.0 cbl2 vim 9.2.0240-1 on CBL Mariner 2.0 Azure Custom Locations Resource Provider azl3 python-cryptography 42.0.5-4 on Azure Linux 3.0 Microsoft Visual Studio 2026 version 18.4 cbl2 xz 5.2.5-1 on CBL Mariner 2.0 azl3 openssl 3.3.5-4 on Azure Linux 3.0 cbl2 libinput 1.21.0-2 on CBL Mariner 2.0 azl3 libinput 1.25.0-1 on Azure Linux 3.0 azl3 kernel 0.0.0-1 on Azure Linux 3.0 azl3 kernel 6.6.0.0-1 on Azure Linux 3.0 azl3 rubygem-addressable 2.8.5-2 on Azure Linux 3.0 cbl2 rubygem-addressable 2.8.0-2 on CBL Mariner 2.0 azl3 edk2 20240524git3e722403cd16-15 on Azure Linux 3.0 azl3 azurelinux-image-tools 1.2.0-2 on Azure Linux 3.0 cbl2 moby-buildx 0.7.1-28 on CBL Mariner 2.0 azl3 moby-engine 25.0.3-15 on Azure Linux 3.0 azl3 coredns 1.11.4-15 on Azure Linux 3.0 cbl2 etcd 3.5.28-1 on CBL Mariner 2.0 azl3 etcd 3.5.28-1 on Azure Linux 3.0 cbl2 edk2 20230301gitf80f052277c8-47 on CBL Mariner 2.0 cbl2 hvloader 1.0.1-18 on CBL Mariner 2.0 cbl2 openssl 1.1.1k-39 on CBL Mariner 2.0 cbl2 containerized-data-importer 1.55.0-28 on CBL Mariner 2.0 cbl2 cri-o 1.22.3-20 on CBL Mariner 2.0 cbl2 skopeo 1.14.2-15 on CBL Mariner 2.0 azl3 skopeo 1.14.4-9 on Azure Linux 3.0 cbl2 libcap 2.60-7 on CBL Mariner 2.0 azl3 libcap 2.69-13 on Azure Linux 3.0 azl3 nodejs24 24.14.1-1 on Azure Linux 3.0 cbl2 sleuthkit 4.9.0-4 on CBL Mariner 2.0 azl3 javapackages-bootstrap 1.14.0-4 on Azure Linux 3.0 azl3 libexif 0.6.24-2 on Azure Linux 3.0 azl3 mesa 24.0.1-6 on Azure Linux 3.0 azl3 binutils 2.41-11 on Azure Linux 3.0 azl3 gdb 13.2-7 on Azure Linux 3.0 azl3 libsoup 3.4.4-15 on Azure Linux 3.0 azl3 golang 1.25.9-1 on Azure Linux 3.0 azl3 expat 2.6.4-5 on Azure Linux 3.0 azl3 avahi 0.8-8 on Azure Linux 3.0 azl3 golang 1.26.2-1 on Azure Linux 3.0 azl3 frr 10.5.0-2 on Azure Linux 3.0 azl3 libssh 0.10.6-7 on Azure Linux 3.0 azl3 xz 5.4.4-3 on Azure Linux 3.0 azl3 util-linux 2.40.2-4 on Azure Linux 3.0 azl3 libcap 2.69-14 on Azure Linux 3.0 azl3 containerd2 0.0.0-1 on Azure Linux 3.0 azl3 SymCrypt 103.8.0-1 on Azure Linux 3.0 azl3 cloud-hypervisor 51.1.56-1 on Azure Linux 3.0 Microsoft Dynamics 365 (online) azl3 httpd 2.4.66-1 on Azure Linux 3.0 cbl2 mesa 21.0.0-4 on CBL Mariner 2.0 azl3 zlib 1.3.2-1 on Azure Linux 3.0 azl3 clamav 1.5.2-1 on Azure Linux 3.0 cbl2 gh 2.13.0-26 on CBL Mariner 2.0 cbl2 lcms2 2.13.1-2 on CBL Mariner 2.0 azl3 lcms2 2.15-1 on Azure Linux 3.0 PowerShell 7.6 azl3 sed 4.9-1 on Azure Linux 3.0 cbl2 sed 4.8-3 on CBL Mariner 2.0 azl3 dnsmasq 2.90-1 on Azure Linux 3.0 cbl2 dnsmasq 2.90-1 on CBL Mariner 2.0 azl3 protobuf 25.3-6 on Azure Linux 3.0 cbl2 protobuf 3.17.3-5 on CBL Mariner 2.0 Microsoft Purview eDiscovery azl3 libgcrypt 1.10.3-1 on Azure Linux 3.0 azl3 uuid 1.6.2-51 on Azure Linux 3.0 cbl2 libgcrypt 1.10.3-1 on CBL Mariner 2.0 azl3 python-mako 1.2.4-2 on Azure Linux 3.0 azl3 python-lxml 4.9.3-1 on Azure Linux 3.0 cbl2 python-mako 1.2.2-2 on CBL Mariner 2.0 azl3 trident 0.22.0-1 on Azure Linux 3.0 Microsoft Visual Studio 2026 version 18.5 azl3 ignition-flatcar 2.22.0-1 on Azure Linux 3.0 azl3 xorg-x11-server-Xwayland 24.1.6-3 on Azure Linux 3.0 azl3 kernel 6.6.134.1-2 on Azure Linux 3.0 azl3 rust 1.75.0-28 on Azure Linux 3.0 azl3 qemu 9.1.0-5 on Azure Linux 3.0 azl3 nodejs 20.14.0-15 on Azure Linux 3.0 azl3 kata-containers-cc 3.15.0.aks0-9 on Azure Linux 3.0 azl3 rpm-ostree 2024.4-10 on Azure Linux 3.0 azl3 clamav 1.5.2-2 on Azure Linux 3.0 azl3 kubernetes 1.30.10-23 on Azure Linux 3.0 azl3 telegraf 1.31.0-19 on Azure Linux 3.0 azl3 nodejs24 24.14.1-2 on Azure Linux 3.0 azl3 openssh 9.8p1-6 on Azure Linux 3.0 azl3 pytorch 2.2.2-14 on Azure Linux 3.0 azl3 poetry 1.8.5-1 on Azure Linux 3.0 azl3 openssl 3.3.5-5 on Azure Linux 3.0 azl3 rust 1.90.0-7 on Azure Linux 3.0 azl3 edk2 20240524git3e722403cd16-16 on Azure Linux 3.0 azl3 erlang 26.2.5.20-1 on Azure Linux 3.0 azl3 containerd2 2.1.6-1 on Azure Linux 3.0 azl3 mysql 8.0.46-1 on Azure Linux 3.0 azl3 docker-buildx 0.14.0-11 on Azure Linux 3.0 azl3 docker-compose 2.27.0-9 on Azure Linux 3.0 azl3 moby-containerd-cc 1.7.7-11 on Azure Linux 3.0 azl3 moby-engine 25.0.3-17 on Azure Linux 3.0 azl3 containerized-data-importer 1.62.0-3 on Azure Linux 3.0 azl3 gh 2.62.0-15 on Azure Linux 3.0 azl3 expat 2.6.4-6 on Azure Linux 3.0 azl3 skopeo 1.14.4-10 on Azure Linux 3.0 azl3 influxdb 2.7.5-15 on Azure Linux 3.0 azl3 systemd 255-27 on Azure Linux 3.0 azl3 libexif 0.6.24-3 on Azure Linux 3.0 azl3 kata-containers 3.19.1.kata3-1 on Azure Linux 3.0 azl3 haproxy 2.9.11-5 on Azure Linux 3.0 azl3 lcms2 2.15-2 on Azure Linux 3.0 azl3 sed 4.9-2 on Azure Linux 3.0 azl3 rust-afterburn 5.8.2-1 on Azure Linux 3.0 azl3 kf-kcoreaddons 5.249.0-1 on Azure Linux 3.0 cbl2 kf5-kcoreaddons 5.61.0-4 on CBL Mariner 2.0 azl3 kubevirt 1.7.1-2 on Azure Linux 3.0 azl3 kernel-hwe 0:6.12-1 on Azure Linux 3.0 azl3 kernel 6.6.137.1-2 on Azure Linux 3.0 azl3 libgcrypt 1.10.3-2 on Azure Linux 3.0 azl3 python-mako 1.2.4-3 on Azure Linux 3.0 azl3 ruby 3.3.5-8 on Azure Linux 3.0 azl3 python-lxml 4.9.3-2 on Azure Linux 3.0 azl3 emacs 29.4-4 on Azure Linux 3.0 azl3 ignition-flatcar 2.22.0-2 on Azure Linux 3.0 azl3 xorg-x11-server-Xwayland 24.1.6-4 on Azure Linux 3.0 azl3 frr 10.5.0-3 on Azure Linux 3.0 azl3 containerd2 2.1.6-2 on Azure Linux 3.0 azl3 ocaml-dune 3.15.2-1 on Azure Linux 3.0 azl3 kernel 6.6.138.1-1 on Azure Linux 3.0 azl3 python-click 8.1.7-2 on Azure Linux 3.0 azl3 kernel 6.6.139.1-1 on Azure Linux 3.0 azl3 nodejs 24.14.1-3 on Azure Linux 3.0 Microsoft .NET Framework 3.5 on Windows Server 2012 Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 on Windows Server 2012 R2 Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters. Mariner mitre Yes CVE-2026-35414 Always-Incorrect Control Flow Implementation 20632-17084 20608-17086 21261-17084 20632-17084 20608-17086 21261-17084 Moderate 20632-17084 Low 20608-17086 Moderate 21261-17084 4.2 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N 20632-17084 4.2 3.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U 20608-17086 4.2 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N 21261-17084 2.0 2026-04-05T01:02:37 <p>Information published.</p> 3.0 2026-04-07T01:41:35 <p>Information published.</p> 4.0 2026-04-29T14:44:22 <p>Information published.</p> 1.0 2026-04-04T01:02:14 <p>Information published.</p> In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config. Mariner mitre Yes CVE-2026-35386 Incorrect Behavior Order 20632-17084 20608-17086 20632-17084 20608-17086 Low 20632-17084 Low 20608-17086 3.6 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N 20632-17084 3.6 3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U 20608-17086 CBL-Mariner Releases 20632-17084 No Security Update 9.8p1-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20632-17084 CBL-Mariner Releases 1.0 2026-04-04T01:02:20 <p>Information published.</p> 2.0 2026-04-07T01:02:11 <p>Information published.</p> 3.0 2026-04-11T01:39:56 <p>Information published.</p> XZ Utils: Buffer overflow in lzma_index_append() Mariner GitHub_M Yes CVE-2026-34743 Heap-based Buffer Overflow 19442-17084 21120-17086 21167-17086 21110-17084 21108-17086 21123-17084 21212-17084 19442-17084 21120-17086 21167-17086 21110-17084 21108-17086 21123-17084 21212-17084 Low 19442-17084 Low 21120-17086 Low 21167-17086 Low 21110-17084 Low 21108-17086 Low 21123-17084 Low 21212-17084 CBL-Mariner Releases 19442-17084 21212-17084 No Security Update 5.4.4-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19442-17084 21212-17084 CBL-Mariner Releases CBL-Mariner Releases 21167-17086 No Security Update 5.2.5-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21167-17086 CBL-Mariner Releases CBL-Mariner Releases 21110-17084 No Security Update 1.75.0-28 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21110-17084 CBL-Mariner Releases CBL-Mariner Releases 21108-17086 No Security Update 1.72.0-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21108-17086 CBL-Mariner Releases CBL-Mariner Releases 21123-17084 No Security Update 1.90.0-7 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21123-17084 CBL-Mariner Releases 1.0 2026-04-04T01:02:38 <p>Information published.</p> 2.0 2026-04-07T01:01:44 <p>Information published.</p> 3.0 2026-04-09T14:38:23 <p>Information published.</p> 4.0 2026-04-11T01:40:16 <p>Information published.</p> 5.0 2026-04-14T14:44:33 <p>Information published.</p> 6.0 2026-04-15T01:42:40 <p>Information published.</p> OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) Mariner GitHub_M Yes CVE-2026-34978 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 6.5 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P 20737-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 20768-17086 CBL-Mariner Releases 20737-17084 No Security Update 2.4.17-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20737-17084 CBL-Mariner Releases 1.0 2026-04-05T01:01:34 <p>Information published.</p> 2.0 2026-04-07T01:40:49 <p>Information published.</p> 3.0 2026-04-09T01:01:30 <p>Information published.</p> 4.0 2026-04-18T14:37:47 <p>Information published.</p> 5.0 2026-04-30T01:49:24 <p>Information published.</p> OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup Mariner GitHub_M Yes CVE-2026-27447 Incorrect Authorization 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 4.8 4.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N/E:P 20737-17084 4.8 4.8 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N 20768-17086 CBL-Mariner Releases 20737-17084 No Security Update 2.4.17-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20737-17084 CBL-Mariner Releases 1.0 2026-04-05T01:01:39 <p>Information published.</p> 2.0 2026-04-07T01:01:49 <p>Information published.</p> 3.0 2026-04-07T01:40:54 <p>Information published.</p> 4.0 2026-04-18T14:37:53 <p>Information published.</p> io_uring/poll: fix multishot recv missing EOF on wakeup race Mariner Linux Yes CVE-2026-23473 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 1.0 2026-04-05T01:01:50 <p>Information published.</p> 3.0 2026-04-29T14:44:47 <p>Information published.</p> 2.0 2026-04-07T01:41:05 <p>Information published.</p> mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations Mariner Linux Yes CVE-2026-31394 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.130.1-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-05T01:02:02 <p>Information published.</p> 2.0 2026-04-07T14:37:49 <p>Information published.</p> drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Mariner Linux Yes CVE-2026-23468 21094-17084 21248-17084 21332-17084 21308-17084 21344-17084 21094-17084 21248-17084 21332-17084 21308-17084 21344-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21332-17084 Moderate 21308-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-05T01:02:13 <p>Information published.</p> 2.0 2026-04-07T01:41:20 <p>Information published.</p> 5.0 2026-05-11T01:48:52 <p>Information published.</p> 3.0 2026-04-29T14:45:24 <p>Information published.</p> 4.0 2026-05-06T14:51:24 <p>Information published.</p> 6.0 2026-05-17T14:49:58 <p>Information published.</p> ipv6: add NULL checks for idev in SRv6 paths Mariner Linux Yes CVE-2026-23442 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 1.0 2026-04-05T01:02:19 <p>Information published.</p> 3.0 2026-04-25T01:05:24 <p>Information published.</p> 4.0 2026-04-29T14:45:37 <p>Information published.</p> 5.0 2026-05-02T14:38:31 <p>Information published.</p> 2.0 2026-04-07T01:41:25 <p>Information published.</p> util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup Mariner GitHub_M Yes CVE-2026-27456 Improper Link Resolution Before File Access ('Link Following') 20804-17084 20786-17086 21213-17084 20804-17084 20786-17086 21213-17084 Moderate 20804-17084 Moderate 20786-17086 Moderate 21213-17084 4.7 4.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U 20804-17084 4.7 4.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U 20786-17086 4.7 4.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U 21213-17084 CBL-Mariner Releases 20804-17084 21213-17084 No Security Update 2.40.2-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20804-17084 21213-17084 CBL-Mariner Releases CBL-Mariner Releases 20786-17086 No Security Update 2.37.4-11 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20786-17086 CBL-Mariner Releases 1.0 2026-04-05T01:02:24 <p>Information published.</p> 1.1 2026-04-06T14:38:10 <p>Information published.</p> 2.0 2026-04-07T01:02:16 <p>Information published.</p> 6.0 2026-05-01T01:39:25 <p>Information published.</p> 3.0 2026-04-07T01:41:30 <p>Information published.</p> 4.0 2026-04-14T01:41:50 <p>Information published.</p> 5.0 2026-04-14T14:44:40 <p>Information published.</p> In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation. Mariner mitre Yes CVE-2026-35535 Privilege Dropping / Lowering Errors 20260-17086 19595-17084 20260-17086 19595-17084 Important 20260-17086 Important 19595-17084 7.4 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 20260-17086 7.4 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 19595-17084 CBL-Mariner Releases 20260-17086 19595-17084 No Security Update 1.9.17-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20260-17086 19595-17084 CBL-Mariner Releases 1.0 2026-04-05T01:02:45 <p>Information published.</p> 2.0 2026-04-06T14:38:26 <p>Information published.</p> 3.0 2026-04-11T01:40:10 <p>Information published.</p> 4.0 2026-04-24T14:38:29 <p>Information published.</p> ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION Mariner Linux Yes CVE-2026-31410 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 21094-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 21248-17084 2.0 2026-04-29T14:45:49 <p>Information published.</p> 1.0 2026-04-07T01:01:16 <p>Information published.</p> 3.0 2026-04-30T01:48:55 <p>Information published.</p> netfilter: conntrack: add missing netlink policy validations Mariner Linux Yes CVE-2026-31407 21248-17084 21094-17084 21248-17084 21094-17084 Important 21248-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21248-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-07T01:01:22 <p>Information published.</p> 2.0 2026-04-29T14:46:01 <p>Information published.</p> 3.0 2026-05-01T14:38:27 <p>Information published.</p> Util-linux: util-linux: access control bypass due to improper hostname canonicalization Mariner redhat Yes CVE-2026-3184 Authentication Bypass by Alternate Name 20786-17086 20804-17084 21213-17084 20786-17086 20804-17084 21213-17084 Low 20786-17086 Low 20804-17084 Low 21213-17084 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U 20786-17086 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U 20804-17084 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U 21213-17084 CBL-Mariner Releases 20786-17086 No Security Update 2.37.4-11 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20786-17086 CBL-Mariner Releases CBL-Mariner Releases 20804-17084 21213-17084 No Security Update 2.40.2-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20804-17084 21213-17084 CBL-Mariner Releases 1.0 2026-04-07T01:02:25 <p>Information published.</p> 3.0 2026-04-14T14:44:51 <p>Information published.</p> 2.0 2026-04-14T01:41:57 <p>Information published.</p> 4.0 2026-05-01T01:39:32 <p>Information published.</p> Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write Mariner GitHub_M Yes CVE-2026-34591 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 19719-17084 21263-17084 19719-17084 21263-17084 Important 19719-17084 Important 21263-17084 CBL-Mariner Releases 19719-17084 21263-17084 No Security Update 1.8.5-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19719-17084 21263-17084 CBL-Mariner Releases 3.0 2026-04-29T14:46:31 <p>Information published.</p> 1.0 2026-04-07T01:02:30 <p>Information published.</p> 2.0 2026-04-29T01:47:49 <p>Information published.</p> Vim modeline bypass via various options affects Vim < 9.2.0276 Mariner GitHub_M Yes CVE-2026-34982 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 21163-17086 21147-17084 21163-17086 21147-17084 Important 21163-17086 Important 21147-17084 8.2 8.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N 21163-17086 8.2 8.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N 21147-17084 CBL-Mariner Releases 21147-17084 No Security Update 9.2.0315-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21147-17084 CBL-Mariner Releases 1.0 2026-04-08T01:01:19 <p>Information published.</p> 2.0 2026-04-09T01:02:34 <p>Information published.</p> Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon Mariner GitHub_M Yes CVE-2026-34933 Reachable Assertion 20861-17086 20862-17084 21205-17084 20861-17086 20862-17084 21205-17084 Moderate 20861-17086 Moderate 20862-17084 Moderate 21205-17084 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 20861-17086 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 20862-17084 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 21205-17084 CBL-Mariner Releases 20861-17086 No Security Update 0.8-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20861-17086 CBL-Mariner Releases CBL-Mariner Releases 20862-17084 21205-17084 No Security Update 0.8-8 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20862-17084 21205-17084 CBL-Mariner Releases 1.0 2026-04-09T01:01:25 <p>Information published.</p> 2.0 2026-04-13T14:38:48 <p>Information published.</p> 3.0 2026-04-14T14:44:57 <p>Information published.</p> CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported` Mariner GitHub_M Yes CVE-2026-39314 Integer Underflow (Wrap or Wraparound) 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 4.0 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 20737-17084 4.0 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 20768-17086 CBL-Mariner Releases 20737-17084 No Security Update 2.4.17-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20737-17084 CBL-Mariner Releases 1.0 2026-04-09T01:01:57 <p>Information published.</p> 3.0 2026-04-18T14:38:20 <p>Information published.</p> 2.0 2026-04-11T01:01:16 <p>Information published.</p> Heap Buffer Overflow in Hexadecimal Conversion Mariner openssl Yes CVE-2026-31789 Out-of-bounds Write 21168-17084 21259-17084 21250-17084 19805-17086 21154-17084 21059-17084 20963-17084 21110-17084 21123-17084 21192-17084 21266-17084 21370-17084 21168-17084 21259-17084 21250-17084 19805-17086 21154-17084 21059-17084 20963-17084 21110-17084 21123-17084 21192-17084 21266-17084 21370-17084 Moderate 21168-17084 Moderate 21259-17084 Moderate 21250-17084 Important 19805-17086 Important 21154-17084 Moderate 21059-17084 Moderate 20963-17084 Important 21110-17084 Moderate 21123-17084 Moderate 21192-17084 Moderate 21266-17084 21370-17084 4.7 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 21168-17084 7.3 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 19805-17086 7.3 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 21154-17084 7.3 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 21110-17084 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases 5.0 2026-04-15T01:45:06 <p>Information published.</p> 6.0 2026-04-29T14:53:21 <p>Information published.</p> 1.0 2026-04-09T01:02:03 <p>Information published.</p> 2.0 2026-04-10T14:39:30 <p>Information published.</p> 3.0 2026-04-11T01:05:12 <p>Information published.</p> 4.0 2026-04-14T14:45:44 <p>Information published.</p> 7.0 2026-04-30T01:53:04 <p>Information published.</p> 8.0 2026-05-31T01:03:05 <p>Information published.</p> Potential Use-after-free in DANE Client Code Mariner openssl Yes CVE-2026-28387 Use After Free 21264-17084 21250-17084 21249-17084 21168-17084 20115-17086 19805-17086 21154-17084 21183-17086 21184-17086 21185-17086 21059-17084 21118-17086 21108-17086 20963-17084 21110-17084 21123-17084 21192-17084 21259-17084 21266-17084 21370-17084 21264-17084 21250-17084 21249-17084 21168-17084 20115-17086 19805-17086 21154-17084 21183-17086 21184-17086 21185-17086 21059-17084 21118-17086 21108-17086 20963-17084 21110-17084 21123-17084 21192-17084 21259-17084 21266-17084 21370-17084 Low 21264-17084 Moderate 21250-17084 Moderate 21249-17084 Low 21168-17084 Important 20115-17086 Important 19805-17086 Important 21154-17084 Moderate 21183-17086 Moderate 21184-17086 Moderate 21185-17086 Moderate 21059-17084 Moderate 21118-17086 Moderate 21108-17086 Moderate 20963-17084 Moderate 21110-17084 Moderate 21123-17084 Moderate 21192-17084 Moderate 21259-17084 Moderate 21266-17084 21370-17084 3.8 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 21264-17084 3.8 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 21168-17084 8.1 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 20115-17086 8.1 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 19805-17086 8.1 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21154-17084 7.0 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U 21183-17086 7.0 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U 21184-17086 7.0 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U 21185-17086 CBL-Mariner Releases 21264-17084 21168-17084 No Security Update 3.3.7-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21264-17084 21168-17084 CBL-Mariner Releases CBL-Mariner Releases 21185-17086 No Security Update 1.1.1k-40 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21185-17086 CBL-Mariner Releases 1.0 2026-04-09T01:02:09 <p>Information published.</p> 4.0 2026-04-15T01:44:18 <p>Information published.</p> 5.0 2026-04-22T14:38:05 <p>Information published.</p> 7.0 2026-04-29T14:47:59 <p>Information published.</p> 2.0 2026-04-11T01:04:19 <p>Information published.</p> 3.0 2026-04-14T14:46:16 <p>Information published.</p> 6.0 2026-04-23T14:40:21 <p>Information published.</p> 8.0 2026-04-30T01:49:59 <p>Information published.</p> 9.0 2026-05-31T01:04:27 <p>Information published.</p> Incorrect Failure Handling in RSA KEM RSASVE Encapsulation Mariner openssl Yes CVE-2026-31790 Improper Check for Unusual or Exceptional Conditions 21168-17084 21168-17084 Moderate 21168-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 21168-17084 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases 1.0 2026-04-09T01:02:14 <p>Information published.</p> 2.0 2026-04-10T14:39:43 <p>Information published.</p> NULL Pointer Dereference When Processing a Delta CRL Mariner openssl Yes CVE-2026-28388 NULL Pointer Dereference 21168-17084 21259-17084 21250-17084 21249-17084 21266-17084 20115-17086 19805-17086 21154-17084 21183-17086 21184-17086 21185-17086 21118-17086 21059-17084 21108-17086 20963-17084 21110-17084 21123-17084 21192-17084 21370-17084 21168-17084 21259-17084 21250-17084 21249-17084 21266-17084 20115-17086 19805-17086 21154-17084 21183-17086 21184-17086 21185-17086 21118-17086 21059-17084 21108-17086 20963-17084 21110-17084 21123-17084 21192-17084 21370-17084 Moderate 21168-17084 Moderate 21259-17084 Moderate 21250-17084 Moderate 21249-17084 Moderate 21266-17084 Moderate 20115-17086 Moderate 19805-17086 Important 21154-17084 Moderate 21183-17086 Moderate 21184-17086 Moderate 21185-17086 Moderate 21118-17086 Moderate 21059-17084 Moderate 21108-17086 Moderate 20963-17084 Moderate 21110-17084 Moderate 21123-17084 Moderate 21192-17084 21370-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21168-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 20115-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 19805-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21154-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21183-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21184-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21185-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21108-17086 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases CBL-Mariner Releases 21185-17086 No Security Update 1.1.1k-40 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21185-17086 CBL-Mariner Releases 1.0 2026-04-09T01:02:20 <p>Information published.</p> 2.0 2026-04-10T14:39:50 <p>Information published.</p> 5.0 2026-04-15T01:44:38 <p>Information published.</p> 7.0 2026-04-29T14:48:58 <p>Information published.</p> 3.0 2026-04-11T01:04:53 <p>Information published.</p> 4.0 2026-04-14T14:45:17 <p>Information published.</p> 6.0 2026-04-23T14:39:32 <p>Information published.</p> 8.0 2026-04-30T01:50:39 <p>Information published.</p> 9.0 2026-05-31T01:04:12 <p>Information published.</p> ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load Mariner GitHub_M Yes CVE-2026-34446 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 20972-17084 21103-17086 20972-17084 21103-17086 Moderate 20972-17084 Moderate 21103-17086 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 20972-17084 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 21103-17086 CBL-Mariner Releases 20972-17084 No Security Update 2.2.2-14 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20972-17084 CBL-Mariner Releases 1.0 2026-04-09T01:02:48 <p>Information published.</p> 2.0 2026-04-17T14:37:57 <p>Information published.</p> apparmor: fix: limit the number of levels of policy namespaces Mariner Linux Yes CVE-2026-23405 21173-17084 21093-17086 21173-17084 21093-17086 Moderate 21173-17084 Moderate 21093-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21173-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:21 <p>Information published.</p> 3.0 2026-04-27T14:42:00 <p>Information published.</p> 2.0 2026-04-26T01:03:11 <p>Information published.</p> Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver Mariner EEF Yes CVE-2026-28810 Generation of Predictable Numbers or Identifiers 21145-17086 21093-17086 21094-17084 21145-17086 21093-17086 21094-17084 Moderate 21145-17086 Moderate 21093-17086 Moderate 21094-17084 2.0 2026-05-07T01:10:02 <p>Information published.</p> 1.0 2026-04-11T01:01:30 <p>Information published.</p> OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) Mariner GitHub_M Yes CVE-2026-29181 Allocation of Resources Without Limits or Throttling 21269-17084 21276-17084 21278-17084 21258-17084 21177-17084 20986-17084 20988-17084 20989-17084 21180-17084 20991-17084 21181-17086 21182-17084 20997-17084 21007-17084 21127-17084 21246-17084 21315-17084 21269-17084 21276-17084 21278-17084 21258-17084 21177-17084 20986-17084 20988-17084 20989-17084 21180-17084 20991-17084 21181-17086 21182-17084 20997-17084 21007-17084 21127-17084 21246-17084 21315-17084 Moderate 21269-17084 Moderate 21276-17084 Moderate 21278-17084 Moderate 21258-17084 Moderate 21177-17084 Moderate 20986-17084 Moderate 20988-17084 Moderate 20989-17084 Moderate 21180-17084 Moderate 20991-17084 Moderate 21181-17086 Moderate 21182-17084 Moderate 20997-17084 Moderate 21007-17084 Moderate 21127-17084 Moderate 21246-17084 Moderate 21315-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21269-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21276-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21278-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21258-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21177-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20986-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20988-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20989-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21180-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20991-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21181-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21182-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20997-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21007-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21127-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21246-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21315-17084 CBL-Mariner Releases 21177-17084 No Security Update 1.3.0-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21177-17084 CBL-Mariner Releases CBL-Mariner Releases 21182-17084 No Security Update 3.5.30-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21182-17084 CBL-Mariner Releases CBL-Mariner Releases 21315-17084 No Security Update 2.22.0-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21315-17084 CBL-Mariner Releases 2.0 2026-04-29T01:10:54 <p>Information published.</p> 6.0 2026-05-12T01:40:38 <p>Information published.</p> 7.0 2026-05-15T01:38:59 <p>Information published.</p> 1.0 2026-04-11T01:03:43 <p>Information published.</p> 3.0 2026-04-29T14:51:28 <p>Information published.</p> 4.0 2026-05-06T14:43:32 <p>Information published.</p> 5.0 2026-05-09T14:37:55 <p>Information published.</p> 8.0 2026-05-30T14:39:51 <p>Information published.</p> Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile Mariner Go Yes CVE-2026-27144 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Important 20519-17086 Important 20387-17086 Important 21113-17084 Important 21116-17084 Important 21117-17086 Important 19693-17084 Important 19668-17086 Important 21021-17084 Important 21203-17084 Important 21206-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 20519-17086 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 20387-17086 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21113-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21116-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21117-17086 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21203-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21206-17084 3.0 2026-04-15T01:47:59 <p>Information published.</p> 1.0 2026-04-11T01:08:48 <p>Information published.</p> 2.0 2026-04-14T14:47:27 <p>Information published.</p> TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix Mariner Go Yes CVE-2026-32282 21203-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21206-17084 21203-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21206-17084 Moderate 21203-17084 Moderate 20519-17086 Moderate 20387-17086 Moderate 21113-17084 Moderate 21116-17084 Moderate 21117-17086 Critical 19712-17086 Critical 19693-17084 Critical 19668-17086 Critical 21021-17084 Moderate 21206-17084 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21203-17084 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 20519-17086 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 20387-17086 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21113-17084 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21116-17084 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21117-17086 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21206-17084 1.0 2026-04-11T01:09:15 <p>Information published.</p> 2.0 2026-04-14T14:46:24 <p>Information published.</p> 3.0 2026-04-15T01:48:20 <p>Information published.</p> Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509 Mariner Go Yes CVE-2026-33810 21113-17084 21116-17084 21113-17084 21116-17084 Moderate 21113-17084 Moderate 21116-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 21113-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 21116-17084 CBL-Mariner Releases 21113-17084 No Security Update 1.25.9-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21113-17084 CBL-Mariner Releases CBL-Mariner Releases 21116-17084 No Security Update 1.26.2-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21116-17084 CBL-Mariner Releases 1.0 2026-04-11T01:10:17 <p>Information published.</p> 2.0 2026-04-14T14:47:37 <p>Information published.</p> Libcap: libcap: privilege escalation via toctou race condition in cap_set_file() Mariner redhat Yes CVE-2026-4878 Time-of-check Time-of-use (TOCTOU) Race Condition 21190-17086 21191-17084 21214-17084 21190-17086 21191-17084 21214-17084 Moderate 21190-17086 Moderate 21191-17084 Moderate 21214-17084 6.7 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 21190-17086 6.7 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 21191-17084 6.7 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 21214-17084 CBL-Mariner Releases 21190-17086 No Security Update 2.60-8 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21190-17086 CBL-Mariner Releases CBL-Mariner Releases 21191-17084 21214-17084 No Security Update 2.69-14 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21191-17084 21214-17084 CBL-Mariner Releases 1.0 2026-04-11T01:10:27 <p>Information published.</p> 2.0 2026-04-13T14:40:25 <p>Information published.</p> 3.0 2026-04-14T14:47:44 <p>Information published.</p> Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment Mariner GitHub_M Yes CVE-2026-35206 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 20941-17086 20941-17086 Moderate 20941-17086 CBL-Mariner Releases 20941-17086 No Security Update 3.14.2-11 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20941-17086 CBL-Mariner Releases 1.0 2026-04-12T01:01:40 <p>Information published.</p> 2.0 2026-04-13T14:40:33 <p>Information published.</p> 3.0 2026-04-30T01:53:12 <p>Information published.</p> LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure Mariner GitHub_M Yes CVE-2026-34757 Use After Free 19626-17084 19668-17086 16848-17084 21021-17084 21104-17084 21105-17086 20813-17086 18434-17086 19626-17084 19668-17086 16848-17084 21021-17084 21104-17084 21105-17086 20813-17086 18434-17086 Moderate 19626-17084 Moderate 19668-17086 Moderate 16848-17084 Moderate 21021-17084 Moderate 21104-17084 Moderate 21105-17086 Moderate 20813-17086 Moderate 18434-17086 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 19626-17084 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 19668-17086 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 16848-17084 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 21021-17084 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 21104-17084 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 21105-17086 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 20813-17086 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 18434-17086 CBL-Mariner Releases 21104-17084 No Security Update 1.6.57-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21104-17084 CBL-Mariner Releases 4.0 2026-05-03T01:03:24 <p>Information published.</p> 5.0 2026-05-04T14:42:52 <p>Information published.</p> 6.0 2026-05-19T01:43:29 <p>Information published.</p> 1.0 2026-04-12T01:01:49 <p>Information published.</p> 2.0 2026-04-13T14:40:40 <p>Information published.</p> 3.0 2026-04-15T01:49:16 <p>Information published.</p> In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file. Mariner mitre Yes CVE-2026-40226 Use of Less Trusted Source 21060-17084 21125-17086 21282-17084 21060-17084 21125-17086 21282-17084 Moderate 21060-17084 Moderate 21125-17086 Moderate 21282-17084 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21060-17084 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21125-17086 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21282-17084 CBL-Mariner Releases 21282-17084 No Security Update 255-28 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21282-17084 CBL-Mariner Releases 4.0 2026-05-27T01:40:43 <p>Information published.</p> 1.0 2026-04-12T01:01:57 <p>Information published.</p> 2.0 2026-04-13T14:40:48 <p>Information published.</p> 3.0 2026-04-29T14:53:47 <p>Information published.</p> osslsigncode has a Stack Buffer Overflow via Unbounded Digest Copy During Signature Verification Mariner GitHub_M Yes CVE-2026-39853 Stack-based Buffer Overflow 21087-17086 21087-17086 Important 21087-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 21087-17086 1.0 2026-04-12T01:02:14 <p>Information published.</p> 2.0 2026-04-13T14:40:53 <p>Information published.</p> osslsigncode has an Integer Underflow in PE Page Hash Calculation Can Cause Out-of-Bounds Read Mariner GitHub_M Yes CVE-2026-39855 Out-of-bounds Read 21087-17086 21087-17086 Moderate 21087-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21087-17086 1.0 2026-04-12T01:02:19 <p>Information published.</p> 2.0 2026-04-13T14:40:58 <p>Information published.</p> osslsigncode has an Out-of-Bounds Read via Unvalidated Section Bounds in PE Page Hash Calculation Mariner GitHub_M Yes CVE-2026-39856 Out-of-bounds Read 21087-17086 21087-17086 Moderate 21087-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21087-17086 1.0 2026-04-12T01:02:25 <p>Information published.</p> 2.0 2026-04-13T14:41:03 <p>Information published.</p> In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems. Mariner mitre Yes CVE-2026-40385 Integer Overflow or Wraparound 21198-17084 21131-17086 21283-17084 21198-17084 21131-17086 21283-17084 Moderate 21198-17084 Moderate 21131-17086 Moderate 21283-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21198-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21131-17086 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21283-17084 CBL-Mariner Releases 21198-17084 21131-17086 21283-17084 No Security Update 0.6.24-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21198-17084 21131-17086 21283-17084 CBL-Mariner Releases 1.0 2026-04-14T01:01:26 <p>Information published.</p> 2.0 2026-04-14T14:48:07 <p>Information published.</p> 3.0 2026-04-15T01:01:42 <p>Information published.</p> 5.0 2026-04-29T14:54:30 <p>Information published.</p> 4.0 2026-04-15T14:45:30 <p>Information published.</p> In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca. Mariner mitre Yes CVE-2026-40393 Out-of-bounds Write 21199-17084 21221-17086 21199-17084 21221-17086 Important 21199-17084 Important 21221-17086 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21199-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21221-17086 CBL-Mariner Releases 21199-17084 No Security Update 24.0.1-8 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21199-17084 CBL-Mariner Releases 3.0 2026-04-18T01:01:43 <p>Information published.</p> 1.0 2026-04-14T01:01:32 <p>Information published.</p> 2.0 2026-04-17T14:39:29 <p>Information published.</p> netfilter: nfnetlink_log: account for netlink header size Mariner Linux Yes CVE-2026-31416 21094-17084 21094-17084 Important 21094-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-14T01:01:38 <p>Information published.</p> 2.0 2026-04-18T14:39:31 <p>Information published.</p> 3.0 2026-04-29T14:54:44 <p>Information published.</p> net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() Mariner Linux Yes CVE-2026-31423 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-14T01:01:43 <p>Information published.</p> 3.0 2026-04-29T14:54:57 <p>Information published.</p> 2.0 2026-04-18T14:39:38 <p>Information published.</p> netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Mariner Linux Yes CVE-2026-31424 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-18T14:39:44 <p>Information published.</p> 3.0 2026-04-29T14:55:12 <p>Information published.</p> 1.0 2026-04-14T01:01:49 <p>Information published.</p> netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp Mariner Linux Yes CVE-2026-31427 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-14T01:02:11 <p>Information published.</p> 3.0 2026-04-29T14:56:09 <p>Information published.</p> 2.0 2026-04-18T14:40:11 <p>Information published.</p> net: bonding: fix use-after-free in bond_xmit_broadcast() Mariner Linux Yes CVE-2026-31419 21248-17084 21094-17084 21308-17084 21332-17084 21344-17084 21248-17084 21094-17084 21308-17084 21332-17084 21344-17084 Important 21248-17084 Important 21094-17084 Important 21308-17084 Important 21332-17084 Moderate 21344-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21248-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21308-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21332-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21344-17084 1.0 2026-04-14T01:02:22 <p>Information published.</p> 2.0 2026-04-29T14:56:36 <p>Information published.</p> 4.0 2026-05-11T01:49:00 <p>Information published.</p> 5.1 2026-05-22T01:38:44 <p>Information published.</p> 3.0 2026-05-06T14:52:08 <p>Information published.</p> 5.0 2026-05-17T14:50:06 <p>Information published.</p> net/sched: cls_fw: fix NULL pointer dereference on shared blocks Mariner Linux Yes CVE-2026-31421 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-14T01:02:33 <p>Information published.</p> 3.0 2026-04-29T14:57:03 <p>Information published.</p> 2.0 2026-04-18T14:40:24 <p>Information published.</p> netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD Mariner Linux Yes CVE-2026-31428 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-14T01:02:38 <p>Information published.</p> 3.0 2026-04-29T14:57:19 <p>Information published.</p> 2.0 2026-04-18T14:40:31 <p>Information published.</p> netfilter: ipset: drop logically empty buckets in mtype_del Mariner Linux Yes CVE-2026-31418 21094-17084 21094-17084 Important 21094-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-14T01:02:44 <p>Information published.</p> 2.0 2026-04-14T01:44:36 <p>Information published.</p> 4.0 2026-04-29T14:57:33 <p>Information published.</p> 3.0 2026-04-18T14:40:37 <p>Information published.</p> An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be used for request smuggling. The earliest affected version is 2.6. Mariner mitre Yes CVE-2026-33555 Improper Handling of Length Parameter Inconsistency 20734-17084 21285-17084 20734-17084 21285-17084 Moderate 20734-17084 Moderate 21285-17084 4.0 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N 20734-17084 4.0 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N 21285-17084 CBL-Mariner Releases 20734-17084 21285-17084 No Security Update 2.9.11-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20734-17084 21285-17084 CBL-Mariner Releases 2.0 2026-04-22T14:38:57 <p>Information published.</p> 3.0 2026-04-29T14:57:49 <p>Information published.</p> 1.0 2026-04-15T01:01:51 <p>Information published.</p> wc_VerifyEccsiHash missing sanity check Mariner wolfSSL Yes CVE-2026-5466 Improper Verification of Cryptographic Signature 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:01:59 <p>Information published.</p> wolfSSL ECDSA Certificate Verification Mariner wolfSSL Yes CVE-2026-5194 Improper Certificate Validation 21143-17086 21054-17084 21143-17086 21054-17084 Critical 21143-17086 Critical 21054-17084 1.0 2026-04-15T01:02:34 <p>Information published.</p> 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore Mariner wolfSSL Yes CVE-2026-5448 Heap-based Buffer Overflow 21143-17086 21054-17084 21143-17086 21054-17084 Low 21143-17086 Low 21054-17084 1.0 2026-04-15T01:02:59 <p>Information published.</p> 2.0 2026-04-30T01:41:04 <p>Information published.</p> 3.0 2026-04-30T14:38:05 <p>Information published.</p> DTLS 1.3 ACK heap buffer overflow Mariner wolfSSL Yes CVE-2026-5264 Heap-based Buffer Overflow 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:03:33 <p>Information published.</p> Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path. Mariner wolfSSL Yes CVE-2026-5778 Integer Underflow (Wrap or Wraparound) 21054-17084 21143-17086 21054-17084 21143-17086 Low 21054-17084 Low 21143-17086 1.0 2026-04-15T01:03:58 <p>Information published.</p> 2.0 2026-04-30T01:54:33 <p>Information published.</p> Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3 Mariner wolfSSL Yes CVE-2026-5460 Use After Free 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:04:23 <p>Information published.</p> 2.0 2026-04-30T01:39:29 <p>Information published.</p> wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse Mariner wolfSSL Yes CVE-2026-5446 Reusing a Nonce, Key Pair in Encryption 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:04:48 <p>Information published.</p> 2.0 2026-04-30T01:39:49 <p>Information published.</p> jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input Mariner GitHub_M Yes CVE-2026-33948 Improper Null Termination 20607-17086 19612-17084 20607-17086 19612-17084 Low 20607-17086 Low 19612-17084 CBL-Mariner Releases 20607-17086 No Security Update 1.6-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20607-17086 CBL-Mariner Releases CBL-Mariner Releases 19612-17084 No Security Update 1.7.1-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19612-17084 CBL-Mariner Releases 1.0 2026-04-17T01:01:34 <p>Information published.</p> 2.0 2026-04-18T14:41:00 <p>Information published.</p> 3.0 2026-04-24T14:40:05 <p>Information published.</p> jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed Mariner GitHub_M Yes CVE-2026-40164 Use of Weak Hash 19612-17084 20607-17086 19612-17084 20607-17086 Important 19612-17084 Important 20607-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19612-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20607-17086 CBL-Mariner Releases 19612-17084 No Security Update 1.7.1-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19612-17084 CBL-Mariner Releases CBL-Mariner Releases 20607-17086 No Security Update 1.6-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20607-17086 CBL-Mariner Releases 1.0 2026-04-17T01:01:51 <p>Information published.</p> 2.0 2026-04-18T14:41:13 <p>Information published.</p> 3.0 2026-04-24T14:40:19 <p>Information published.</p> SpdyStream: DOS on CRI Mariner GitHub_M Yes CVE-2026-35469 Allocation of Resources Without Limits or Throttling 21215-17084 20949-17086 21186-17086 21187-17086 20983-17086 20984-17084 21276-17084 20941-17086 20991-17084 21271-17084 21272-17084 20934-17086 20947-17086 20998-17086 21178-17086 21000-17086 21001-17086 21002-17086 21007-17084 21256-17084 21299-17084 21011-17084 21273-17084 21215-17084 20949-17086 21186-17086 21187-17086 20983-17086 20984-17084 21276-17084 20941-17086 20991-17084 21271-17084 21272-17084 20934-17086 20947-17086 20998-17086 21178-17086 21000-17086 21001-17086 21002-17086 21007-17084 21256-17084 21299-17084 21011-17084 21273-17084 Important 21215-17084 Important 20949-17086 Important 21186-17086 Important 21187-17086 Important 20983-17086 Important 20984-17084 Important 21276-17084 Important 20941-17086 Important 20991-17084 Important 21271-17084 Important 21272-17084 Important 20934-17086 Important 20947-17086 Important 20998-17086 Important 21178-17086 Important 21000-17086 Important 21001-17086 Important 21002-17086 Important 21007-17084 Important 21256-17084 Important 21299-17084 Important 21011-17084 Important 21273-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21215-17084 CBL-Mariner Releases 21215-17084 No Security Update 2.0.0-19 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21215-17084 CBL-Mariner Releases CBL-Mariner Releases 20984-17084 No Security Update 1.12.15-7 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20984-17084 CBL-Mariner Releases CBL-Mariner Releases 21276-17084 No Security Update 1.62.0-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21276-17084 CBL-Mariner Releases CBL-Mariner Releases 20991-17084 No Security Update 1.32.0-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20991-17084 CBL-Mariner Releases CBL-Mariner Releases 21271-17084 No Security Update 0.14.0-12 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21271-17084 CBL-Mariner Releases CBL-Mariner Releases 21272-17084 No Security Update 2.27.0-10 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21272-17084 CBL-Mariner Releases CBL-Mariner Releases 21007-17084 No Security Update 2.14.1-12 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21007-17084 CBL-Mariner Releases CBL-Mariner Releases 21256-17084 No Security Update 1.30.10-23 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21256-17084 CBL-Mariner Releases CBL-Mariner Releases 21299-17084 No Security Update 1.7.1-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21299-17084 CBL-Mariner Releases CBL-Mariner Releases 21011-17084 No Security Update 1.15.0-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21011-17084 CBL-Mariner Releases CBL-Mariner Releases 21273-17084 No Security Update 1.7.7-12 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21273-17084 CBL-Mariner Releases 1.0 2026-04-17T01:01:59 <p>Information published.</p> 2.0 2026-05-05T01:02:50 <p>Information published.</p> 4.0 2026-05-15T14:39:45 <p>Information published.</p> 3.0 2026-05-13T01:40:49 <p>Information published.</p> jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosure Mariner GitHub_M Yes CVE-2026-39956 Out-of-bounds Read 20607-17086 19612-17084 20607-17086 19612-17084 Moderate 20607-17086 Moderate 19612-17084 6.1 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H 20607-17086 6.1 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H 19612-17084 CBL-Mariner Releases 20607-17086 No Security Update 1.6-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20607-17086 CBL-Mariner Releases CBL-Mariner Releases 19612-17084 No Security Update 1.7.1-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19612-17084 CBL-Mariner Releases 1.0 2026-04-17T01:02:19 <p>Information published.</p> 2.0 2026-04-18T14:41:22 <p>Information published.</p> 3.0 2026-04-24T14:40:26 <p>Information published.</p> libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. Mariner mitre Yes CVE-2026-41080 Insufficient Entropy 20943-17086 21119-17084 21100-17084 21204-17084 21279-17084 21120-17086 20937-17086 20943-17086 21119-17084 21100-17084 21204-17084 21279-17084 21120-17086 20937-17086 Low 20943-17086 Low 21119-17084 Low 21100-17084 Low 21204-17084 Low 21279-17084 Low 21120-17086 Low 20937-17086 2.9 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 20943-17086 2.9 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 21119-17084 2.9 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 21100-17084 2.9 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 21204-17084 2.9 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 21279-17084 2.9 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 21120-17086 2.9 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L 20937-17086 3.0 2026-04-29T14:58:24 <p>Information published.</p> 5.0 2026-05-02T01:38:30 <p>Information published.</p> 6.0 2026-05-19T01:39:01 <p>Information published.</p> 1.0 2026-04-18T01:01:25 <p>Information published.</p> 2.0 2026-04-25T01:01:57 <p>Information published.</p> 4.0 2026-05-01T01:03:04 <p>Information published.</p> zlib: Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption Mariner GitHub_M Yes CVE-2026-27820 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 21312-17084 21222-17084 20884-17084 21312-17084 21222-17084 20884-17084 Low 21312-17084 Low 21222-17084 Low 20884-17084 CBL-Mariner Releases 21312-17084 20884-17084 No Security Update 3.3.5-8 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21312-17084 20884-17084 CBL-Mariner Releases 2.0 2026-04-23T01:11:19 <p>Information published.</p> 1.0 2026-04-18T01:01:50 <p>Information published.</p> 3.0 2026-04-23T14:40:58 <p>Information published.</p> 4.0 2026-04-29T14:50:27 <p>Information published.</p> 5.0 2026-05-06T14:52:20 <p>Information published.</p> Static buffer overflow in deprecated nis_local_principal Mariner glibc Yes CVE-2026-5928 Buffer Under-read 20935-17086 21140-17084 20935-17086 21140-17084 Important 20935-17086 Important 21140-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20935-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21140-17084 1.0 2026-04-22T01:01:18 <p>Information published.</p> 1.1 2026-04-22T14:39:18 <p>Information published.</p> 2.0 2026-04-23T01:01:28 <p>Information published.</p> Race Condition in GNU Sed Mariner CERT-PL Yes CVE-2026-5958 Time-of-check Time-of-use (TOCTOU) Race Condition 21229-17086 21288-17084 21228-17084 21229-17086 21288-17084 21228-17084 Low 21229-17086 Low 21288-17084 Low 21228-17084 CBL-Mariner Releases 21288-17084 21228-17084 No Security Update 4.9-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21288-17084 21228-17084 CBL-Mariner Releases 3.0 2026-04-29T14:59:34 <p>Information published.</p> 1.0 2026-04-22T01:01:51 <p>Information published.</p> 2.0 2026-04-24T01:41:30 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-35239 Improper Access Control 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:01:40 <p>Information published.</p> 2.0 2026-04-24T01:04:43 <p>Information published.</p> 3.0 2026-04-24T14:40:58 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34271 Uncontrolled Resource Consumption 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21156-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:02:13 <p>Information published.</p> 2.0 2026-04-24T01:03:52 <p>Information published.</p> 3.0 2026-04-24T14:42:04 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-35238 Improper Access Control 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:02:29 <p>Information published.</p> 2.0 2026-04-24T01:04:38 <p>Information published.</p> 3.0 2026-04-24T14:42:37 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34267 Uncontrolled Resource Consumption 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:02:35 <p>Information published.</p> 2.0 2026-04-24T01:03:42 <p>Information published.</p> 3.0 2026-04-24T14:42:48 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-22005 Uncontrolled Resource Consumption 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 2.0 2026-04-24T01:03:21 <p>Information published.</p> 3.0 2026-04-24T14:44:09 <p>Information published.</p> 1.0 2026-04-23T01:03:14 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). Mariner oracle Yes CVE-2026-22015 Exposure of Sensitive Information to an Unauthorized Actor 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 4.3 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 21156-17084 4.3 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:03:30 <p>Information published.</p> 2.0 2026-04-24T01:03:31 <p>Information published.</p> 3.0 2026-04-24T14:44:41 <p>Information published.</p> ext4: convert inline data to extents when truncate exceeds inline size Mariner Linux Yes CVE-2026-31452 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T15:00:27 <p>Information published.</p> 1.0 2026-04-23T01:04:35 <p>Information published.</p> 2.0 2026-04-23T14:42:35 <p>Information published.</p> xfs: stop reclaim before pushing AIL during unmount Mariner Linux Yes CVE-2026-31455 21093-17086 21094-17084 21093-17086 21094-17084 Important 21093-17086 Moderate 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 4.0 2026-05-07T01:03:18 <p>Information published.</p> 1.0 2026-04-23T01:04:40 <p>Information published.</p> 2.0 2026-04-23T14:42:40 <p>Information published.</p> 3.0 2026-04-29T15:00:36 <p>Information published.</p> ksmbd: do not expire session on binding failure Mariner Linux Yes CVE-2026-31476 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Important 21093-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 8.2 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T01:01:47 <p>Information published.</p> 1.0 2026-04-23T01:04:46 <p>Information published.</p> 2.0 2026-04-23T14:42:45 <p>Information published.</p> 4.0 2026-04-29T15:00:45 <p>Information published.</p> 5.0 2026-04-30T01:53:14 <p>Information published.</p> can: isotp: fix tx.buf use-after-free in isotp_sendmsg() Mariner Linux Yes CVE-2026-31474 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T15:01:21 <p>Information published.</p> 1.0 2026-04-23T01:05:14 <p>Information published.</p> 2.0 2026-04-23T14:43:11 <p>Information published.</p> scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() Mariner Linux Yes CVE-2026-31464 21094-17084 21094-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:06:03 <p>Information published.</p> 3.0 2026-04-29T15:02:23 <p>Information published.</p> 2.0 2026-04-23T14:37:04 <p>Information published.</p> 4.0 2026-04-30T01:44:02 <p>Information published.</p> drm/amd/display: Fix drm_edid leak in amdgpu_dm Mariner Linux Yes CVE-2026-31461 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-23T01:06:09 <p>Information published.</p> 2.0 2026-04-23T14:37:13 <p>Information published.</p> dmaengine: idxd: Fix memory leak when a wq is reset Mariner Linux Yes CVE-2026-31441 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-23T14:37:24 <p>Information published.</p> 3.0 2026-04-29T14:38:46 <p>Information published.</p> 1.0 2026-04-23T01:06:20 <p>Information published.</p> xfs: save ailp before dropping the AIL lock in push callbacks Mariner Linux Yes CVE-2026-31454 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-23T14:37:41 <p>Information published.</p> 3.0 2026-04-29T14:39:34 <p>Information published.</p> 1.0 2026-04-23T01:06:36 <p>Information published.</p> ksmbd: fix OOB write in QUERY_INFO for compound requests Mariner Linux Yes CVE-2026-31432 21094-17084 21248-17084 21094-17084 21248-17084 Important 21094-17084 Important 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 1.0 2026-04-23T01:07:15 <p>Information published.</p> 3.0 2026-04-29T14:41:12 <p>Information published.</p> 2.0 2026-04-23T14:38:21 <p>Information published.</p> 4.0 2026-04-30T01:45:19 <p>Information published.</p> team: fix header_ops type confusion with non-Ethernet ports Mariner Linux Yes CVE-2026-31502 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Important 21248-17084 Important 21094-17084 Important 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 1.0 2026-04-23T01:07:10 <p>Information published.</p> 3.0 2026-04-29T14:41:00 <p>Information published.</p> 2.0 2026-04-23T14:38:15 <p>Information published.</p> 4.0 2026-04-30T01:09:55 <p>Information published.</p> 5.0 2026-04-30T01:45:07 <p>Information published.</p> netfilter: ctnetlink: use netlink policy range checks Mariner Linux Yes CVE-2026-31495 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:42:15 <p>Information published.</p> 1.0 2026-04-23T01:07:37 <p>Information published.</p> 2.0 2026-04-23T14:38:43 <p>Information published.</p> 4.0 2026-04-30T01:10:44 <p>Information published.</p> ext4: avoid infinite loops caused by residual data Mariner Linux Yes CVE-2026-31448 21094-17084 21094-17084 Important 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.1 2026-04-23T14:38:54 <p>Information published.</p> 1.0 2026-04-23T01:07:48 <p>Information published.</p> 2.0 2026-04-24T01:37:59 <p>Information published.</p> 3.0 2026-04-29T14:42:49 <p>Information published.</p> dmaengine: xilinx: xdma: Fix regmap init error handling Mariner Linux Yes CVE-2026-31439 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:43:26 <p>Information published.</p> 1.0 2026-04-23T01:07:59 <p>Information published.</p> 2.0 2026-04-23T14:39:06 <p>Information published.</p> ksmbd: fix memory leaks and NULL deref in smb2_lock() Mariner Linux Yes CVE-2026-31477 21093-17086 21094-17084 21093-17086 21094-17084 Important 21093-17086 Moderate 21094-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T01:01:53 <p>Information published.</p> 4.0 2026-04-29T14:45:00 <p>Information published.</p> 6.0 2026-04-30T14:38:48 <p>Information published.</p> 1.0 2026-04-23T01:08:32 <p>Information published.</p> 2.0 2026-04-23T14:39:41 <p>Information published.</p> 5.0 2026-04-30T01:46:51 <p>Information published.</p> cxl/port: Fix use after free of parent_port in cxl_detach_ep() Mariner Linux Yes CVE-2026-31530 21094-17084 21248-17084 21094-17084 21248-17084 Important 21094-17084 Important 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 2.0 2026-04-24T01:38:39 <p>Information published.</p> 1.0 2026-04-23T01:08:49 <p>Information published.</p> 1.1 2026-04-23T14:39:58 <p>Information published.</p> 3.0 2026-04-29T14:45:44 <p>Information published.</p> 4.0 2026-04-30T01:47:15 <p>Information published.</p> tracing: Fix potential deadlock in cpu hotplug with osnoise Mariner Linux Yes CVE-2026-31480 21093-17086 21094-17084 21093-17086 21094-17084 Moderate 21093-17086 Important 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:09:00 <p>Information published.</p> 2.0 2026-04-24T01:38:50 <p>Information published.</p> 3.0 2026-04-29T01:02:03 <p>Information published.</p> 4.0 2026-04-29T14:46:15 <p>Information published.</p> 1.1 2026-04-23T14:40:09 <p>Information published.</p> 5.0 2026-04-30T01:47:35 <p>Information published.</p> Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() Mariner Linux Yes CVE-2026-31512 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:48:18 <p>Information published.</p> 1.0 2026-04-23T01:09:38 <p>Information published.</p> 2.0 2026-04-23T14:40:48 <p>Information published.</p> 4.0 2026-04-30T01:13:14 <p>Information published.</p> 5.0 2026-04-30T01:48:21 <p>Information published.</p> ext4: publish jinode after initialization Mariner Linux Yes CVE-2026-31450 21094-17084 21094-17084 Important 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:09:49 <p>Information published.</p> 1.1 2026-04-23T14:40:59 <p>Information published.</p> 2.0 2026-04-24T01:39:25 <p>Information published.</p> 3.0 2026-04-29T14:48:51 <p>Information published.</p> RDMA/efa: Fix use of completion ctx after free Mariner Linux Yes CVE-2026-31493 21094-17084 21248-17084 21332-17084 21093-17086 21308-17084 21344-17084 21094-17084 21248-17084 21332-17084 21093-17086 21308-17084 21344-17084 Important 21094-17084 Important 21248-17084 Important 21332-17084 Important 21093-17086 Important 21308-17084 Moderate 21344-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21332-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21308-17084 5.3 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H 21344-17084 1.0 2026-04-23T01:10:00 <p>Information published.</p> 2.0 2026-04-24T01:39:36 <p>Information published.</p> 3.0 2026-04-29T14:49:19 <p>Information published.</p> 5.0 2026-05-06T14:38:27 <p>Information published.</p> 1.1 2026-04-23T14:41:10 <p>Information published.</p> 4.0 2026-04-30T01:13:35 <p>Information published.</p> 6.0 2026-05-11T01:50:33 <p>Information published.</p> 7.0 2026-05-17T14:51:37 <p>Information published.</p> 7.1 2026-05-22T01:40:10 <p>Information published.</p> module: Fix kernel panic when a symbol st_shndx is out of bounds Mariner Linux Yes CVE-2026-31521 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:49:35 <p>Information published.</p> 1.0 2026-04-23T01:10:06 <p>Information published.</p> 1.1 2026-04-23T14:41:16 <p>Information published.</p> 2.0 2026-04-24T01:39:42 <p>Information published.</p> 4.0 2026-04-30T01:13:42 <p>Information published.</p> KissFFT Integer Overflow Heap Buffer Overflow via kiss_fftndr_alloc() Mariner VulnCheck Yes CVE-2026-41445 Integer Overflow or Wraparound 19668-17086 21021-17084 19668-17086 21021-17084 Important 19668-17086 Important 21021-17084 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 19668-17086 8.8 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 21021-17084 1.0 2026-04-23T01:11:28 <p>Information published.</p> 2.0 2026-04-30T01:49:48 <p>Information published.</p> ipv4: nexthop: allocate skb dynamically in rtm_get_nexthop() Mariner Linux Yes CVE-2026-31531 21094-17084 21248-17084 21332-17084 21093-17086 21308-17084 21344-17084 21094-17084 21248-17084 21332-17084 21093-17086 21308-17084 21344-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21332-17084 Moderate 21093-17086 Moderate 21308-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-24T01:05:05 <p>Information published.</p> 2.0 2026-04-29T14:50:53 <p>Information published.</p> 4.0 2026-05-06T14:38:39 <p>Information published.</p> 3.0 2026-04-30T01:14:00 <p>Information published.</p> 5.0 2026-05-11T01:50:42 <p>Information published.</p> 6.0 2026-05-17T14:51:46 <p>Information published.</p> Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt. Mariner mitre Yes CVE-2026-41989 Out-of-bounds Write 21235-17084 21237-17086 21310-17084 21235-17084 21237-17086 21310-17084 Low 21235-17084 Moderate 21237-17086 Low 21310-17084 4.0 3.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:U 21235-17084 4.8 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L 21237-17086 4.0 3.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:U 21310-17084 CBL-Mariner Releases 21235-17084 21310-17084 No Security Update 1.10.3-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21235-17084 21310-17084 CBL-Mariner Releases 1.0 2026-04-24T01:05:11 <p>Information published.</p> 2.0 2026-04-25T01:05:46 <p>Information published.</p> 3.0 2026-04-29T14:51:09 <p>Information published.</p> 4.0 2026-05-06T14:38:50 <p>Information published.</p> uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue. Mariner mitre Yes CVE-2026-41988 Always-Incorrect Control Flow Implementation 21236-17084 21236-17084 Low 21236-17084 3.2 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N 21236-17084 1.0 2026-04-24T01:05:17 <p>Information published.</p> 2.0 2026-04-24T14:45:15 <p>Information published.</p> 3.0 2026-04-30T01:50:14 <p>Information published.</p> net: mvpp2: guard flow control update with global_tx_fc in buffer switching Mariner Linux Yes CVE-2026-23438 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-25T01:05:15 <p>Information published.</p> udp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n Mariner Linux Yes CVE-2026-23439 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-25T01:05:20 <p>Information published.</p> net: usb: aqc111: Do not perform PM inside suspend callback Mariner Linux Yes CVE-2026-23446 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-25T01:05:35 <p>Information published.</p> net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check Mariner Linux Yes CVE-2026-23447 21093-17086 21093-17086 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 1.0 2026-04-25T01:05:41 <p>Information published.</p> ALSA: fireworks: bound device-supplied status before string array lookup Mariner Linux Yes CVE-2026-31619 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 Moderate 21248-17084 Moderate 21093-17086 Moderate 21094-17084 7.3 6.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H/E:U 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 7.3 6.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H/E:U 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:40:28 <p>Information published.</p> 3.0 2026-04-29T14:46:07 <p>Information published.</p> 5.0 2026-05-01T14:45:03 <p>Information published.</p> 1.0 2026-04-26T01:01:24 <p>Information published.</p> 2.0 2026-04-29T01:47:36 <p>Information published.</p> 4.0 2026-04-30T01:11:00 <p>Information published.</p> OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users Mariner GitHub_M Yes CVE-2026-41079 Out-of-bounds Read 20768-17086 20737-17084 20768-17086 20737-17084 Moderate 20768-17086 Moderate 20737-17084 4.3 4.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U 20768-17086 4.3 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 20737-17084 CBL-Mariner Releases 20737-17084 No Security Update 2.4.18-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20737-17084 CBL-Mariner Releases 2.0 2026-04-27T14:39:59 <p>Information published.</p> 3.0 2026-04-29T01:01:20 <p>Information published.</p> 4.0 2026-04-29T14:51:25 <p>Information published.</p> 1.0 2026-04-26T01:01:24 <p>Information published.</p> nvmet: move async event work off nvmet-wq Mariner Linux Yes CVE-2026-31557 21094-17084 21093-17086 21248-17084 21332-17084 21308-17084 21344-17084 21094-17084 21093-17086 21248-17084 21332-17084 21308-17084 21344-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21332-17084 Moderate 21308-17084 Moderate 21344-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 6.5 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21332-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-26T01:01:31 <p>Information published.</p> 1.1 2026-04-27T14:40:05 <p>Information published.</p> 2.0 2026-04-29T01:02:42 <p>Information published.</p> 6.0 2026-05-11T01:50:50 <p>Information published.</p> 7.1 2026-05-22T01:40:23 <p>Information published.</p> 3.0 2026-04-29T01:39:58 <p>Information published.</p> 4.0 2026-04-29T14:51:36 <p>Information published.</p> 5.0 2026-05-06T14:39:09 <p>Information published.</p> 7.0 2026-05-17T14:51:54 <p>Information published.</p> usb: gadget: f_hid: don't call cdev_init while cdev in use Mariner Linux Yes CVE-2026-31606 21248-17084 21093-17086 21094-17084 21308-17084 21332-17084 21344-17084 21248-17084 21093-17086 21094-17084 21308-17084 21332-17084 21344-17084 Moderate 21248-17084 Moderate 21093-17086 Moderate 21094-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 6.1 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 21344-17084 1.0 2026-04-26T01:01:42 <p>Information published.</p> 2.0 2026-04-27T14:40:16 <p>Information published.</p> 3.0 2026-04-29T14:52:06 <p>Information published.</p> 8.0 2026-05-22T01:40:32 <p>Information published.</p> 4.0 2026-05-01T01:02:19 <p>Information published.</p> 5.0 2026-05-06T14:39:17 <p>Information published.</p> 6.0 2026-05-11T01:50:58 <p>Information published.</p> 7.0 2026-05-17T14:52:03 <p>Information published.</p> net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool() Mariner Linux Yes CVE-2026-31646 21248-17084 21094-17084 21248-17084 21094-17084 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:40:22 <p>Information published.</p> 3.0 2026-04-29T14:52:20 <p>Information published.</p> 1.0 2026-04-26T01:01:48 <p>Information published.</p> 4.0 2026-05-01T14:39:06 <p>Information published.</p> ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 Mariner Linux Yes CVE-2026-31620 21094-17084 21094-17084 Moderate 21094-17084 4.3 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:52:49 <p>Information published.</p> 1.0 2026-04-26T01:02:00 <p>Information published.</p> 2.0 2026-04-27T14:40:33 <p>Information published.</p> KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU Mariner Linux Yes CVE-2026-31593 21094-17084 21094-17084 Important 21094-17084 8.8 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.1 2026-04-27T14:40:40 <p>Information published.</p> 2.0 2026-04-29T14:53:05 <p>Information published.</p> 1.0 2026-04-26T01:02:06 <p>Information published.</p> Input: uinput - fix circular locking dependency with ff-core Mariner Linux Yes CVE-2026-31667 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Important 21093-17086 Moderate 21248-17084 Moderate 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:40:46 <p>Information published.</p> 3.0 2026-04-29T01:40:29 <p>Information published.</p> 1.0 2026-04-26T01:02:13 <p>Information published.</p> 2.0 2026-04-29T01:06:01 <p>Information published.</p> 4.0 2026-04-29T14:53:18 <p>Information published.</p> 5.0 2026-05-01T14:39:19 <p>Information published.</p> KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION Mariner Linux Yes CVE-2026-31590 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:02:19 <p>Information published.</p> 2.0 2026-04-27T14:40:51 <p>Information published.</p> 3.0 2026-04-29T14:53:30 <p>Information published.</p> 5.0 2026-05-01T14:39:26 <p>Information published.</p> 4.0 2026-04-30T01:02:21 <p>Information published.</p> fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Mariner Linux Yes CVE-2026-31618 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:40:57 <p>Information published.</p> 3.0 2026-04-29T14:53:42 <p>Information published.</p> 1.0 2026-04-26T01:02:25 <p>Information published.</p> 4.0 2026-04-30T01:02:36 <p>Information published.</p> 5.0 2026-05-01T14:39:32 <p>Information published.</p> usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() Mariner Linux Yes CVE-2026-31617 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Important 21094-17084 Important 21248-17084 Moderate 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.1 2026-04-27T14:41:15 <p>Information published.</p> 2.0 2026-04-29T01:41:05 <p>Information published.</p> 3.0 2026-04-29T14:54:19 <p>Information published.</p> 1.0 2026-04-26T01:02:43 <p>Information published.</p> 4.0 2026-04-30T01:03:11 <p>Information published.</p> 5.0 2026-04-30T01:51:31 <p>Information published.</p> mm: call ->free_folio() directly in folio_unmap_invalidate() Mariner Linux Yes CVE-2026-31589 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-26T01:02:55 <p>Information published.</p> 1.1 2026-04-27T14:41:26 <p>Information published.</p> 2.0 2026-04-29T14:54:48 <p>Information published.</p> nfc: pn533: allocate rx skb before consuming bytes Mariner Linux Yes CVE-2026-31660 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:03:07 <p>Information published.</p> 2.0 2026-04-27T14:41:38 <p>Information published.</p> 4.0 2026-04-29T14:55:14 <p>Information published.</p> 3.0 2026-04-29T01:05:26 <p>Information published.</p> 5.0 2026-05-01T14:39:53 <p>Information published.</p> fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Mariner Linux Yes CVE-2026-31605 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 Moderate 21248-17084 Moderate 21093-17086 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:03:19 <p>Information published.</p> 2.0 2026-04-27T14:41:48 <p>Information published.</p> 3.0 2026-04-29T14:55:40 <p>Information published.</p> 4.0 2026-05-01T01:02:14 <p>Information published.</p> 5.0 2026-05-01T14:40:07 <p>Information published.</p> drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib Mariner Linux Yes CVE-2026-31566 21094-17084 21094-17084 Moderate 21094-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:55:58 <p>Information published.</p> 1.0 2026-04-26T01:03:25 <p>Information published.</p> 1.1 2026-04-27T14:41:54 <p>Information published.</p> 2.0 2026-04-29T01:41:43 <p>Information published.</p> media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections Mariner Linux Yes CVE-2026-31599 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:03:29 <p>Information published.</p> 2.0 2026-04-27T14:42:12 <p>Information published.</p> 3.0 2026-04-29T14:46:19 <p>Information published.</p> 4.0 2026-05-01T01:01:58 <p>Information published.</p> 5.0 2026-05-01T14:45:10 <p>Information published.</p> ALSA: ctxfi: Limit PTP to a single page Mariner Linux Yes CVE-2026-31602 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 Important 21093-17086 Moderate 21094-17084 Moderate 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:03:30 <p>Information published.</p> 2.0 2026-04-27T14:42:00 <p>Information published.</p> 5.0 2026-05-01T14:40:14 <p>Information published.</p> 3.0 2026-04-29T14:56:10 <p>Information published.</p> 4.0 2026-05-01T01:02:03 <p>Information published.</p> 6.0 2026-05-02T01:41:29 <p>Information published.</p> rxrpc: reject undecryptable rxkad response tickets Mariner Linux Yes CVE-2026-31637 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21094-17084 6.7 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:42:06 <p>Information published.</p> 2.0 2026-04-29T01:04:45 <p>Information published.</p> 4.0 2026-04-29T14:56:22 <p>Information published.</p> 5.0 2026-05-01T14:40:22 <p>Information published.</p> 1.0 2026-04-26T01:03:37 <p>Information published.</p> 3.0 2026-04-29T01:41:56 <p>Information published.</p> can: gw: fix OOB heap access in cgw_csum_crc8_rel() Mariner Linux Yes CVE-2026-31570 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Important 21093-17086 5.6 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 8.8 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-26T01:03:43 <p>Information published.</p> 1.1 2026-04-27T14:42:12 <p>Information published.</p> 2.0 2026-04-29T01:03:02 <p>Information published.</p> 3.0 2026-04-29T01:42:06 <p>Information published.</p> 4.0 2026-04-29T14:56:43 <p>Information published.</p> HID: core: clamp report_size in s32ton() to avoid undefined shift Mariner Linux Yes CVE-2026-31624 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:03:49 <p>Information published.</p> 1.1 2026-04-27T14:42:18 <p>Information published.</p> 2.0 2026-04-29T01:42:15 <p>Information published.</p> 3.0 2026-04-29T14:56:56 <p>Information published.</p> 5.0 2026-05-01T14:40:29 <p>Information published.</p> 4.0 2026-04-30T01:04:22 <p>Information published.</p> mmc: vub300: fix NULL-deref on disconnect Mariner Linux Yes CVE-2026-31651 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:03:54 <p>Information published.</p> 2.0 2026-04-27T14:42:24 <p>Information published.</p> 3.0 2026-04-29T01:05:01 <p>Information published.</p> 4.0 2026-04-29T14:57:11 <p>Information published.</p> 5.0 2026-05-01T14:40:35 <p>Information published.</p> wifi: wlcore: Fix a locking bug Mariner Linux Yes CVE-2026-23420 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 2.0 2026-04-27T14:42:41 <p>Information published.</p> 1.0 2026-04-26T01:03:57 <p>Information published.</p> wifi: rt2x00usb: fix devres lifetime Mariner Linux Yes CVE-2026-31672 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:42:29 <p>Information published.</p> 4.0 2026-04-29T14:57:24 <p>Information published.</p> 5.0 2026-05-01T14:40:42 <p>Information published.</p> 1.0 2026-04-26T01:04:00 <p>Information published.</p> 3.0 2026-04-29T01:06:26 <p>Information published.</p> dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler Mariner Linux Yes CVE-2026-23422 21093-17086 21093-17086 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 1.0 2026-04-26T01:04:04 <p>Information published.</p> 2.0 2026-04-27T14:42:47 <p>Information published.</p> 3.0 2026-04-30T01:45:46 <p>Information published.</p> RDMA/irdma: Fix deadlock during netdev reset with active connections Mariner Linux Yes CVE-2026-31565 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-26T01:04:07 <p>Information published.</p> 2.0 2026-04-27T14:42:35 <p>Information published.</p> 4.0 2026-04-29T14:57:41 <p>Information published.</p> 3.0 2026-04-29T01:02:52 <p>Information published.</p> bnge: return after auxiliary_device_uninit() in error path Mariner Linux Yes CVE-2026-31621 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-26T01:04:10 <p>Information published.</p> 2.0 2026-04-27T14:42:53 <p>Information published.</p> 3.0 2026-04-29T14:46:38 <p>Information published.</p> staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() Mariner Linux Yes CVE-2026-31626 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Important 21093-17086 Moderate 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 7.1 7.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:42:47 <p>Information published.</p> 2.0 2026-04-29T01:04:14 <p>Information published.</p> 4.0 2026-04-29T14:58:06 <p>Information published.</p> 1.0 2026-04-26T01:04:18 <p>Information published.</p> 3.0 2026-04-29T01:42:44 <p>Information published.</p> 5.0 2026-04-30T01:52:23 <p>Information published.</p> 6.0 2026-05-01T14:40:49 <p>Information published.</p> xfrm: hold dev ref until after transport_finish NF_HOOK Mariner Linux Yes CVE-2026-31663 21094-17084 21248-17084 21308-17084 21093-17086 21332-17084 21344-17084 21094-17084 21248-17084 21308-17084 21093-17086 21332-17084 21344-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21308-17084 Important 21093-17086 Moderate 21332-17084 Moderate 21344-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21308-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21332-17084 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21344-17084 1.1 2026-04-27T14:42:53 <p>Information published.</p> 2.0 2026-04-29T01:05:45 <p>Information published.</p> 3.0 2026-04-29T01:42:52 <p>Information published.</p> 4.0 2026-04-29T14:58:19 <p>Information published.</p> 5.0 2026-05-06T14:39:42 <p>Information published.</p> 7.1 2026-05-22T01:40:50 <p>Information published.</p> 1.0 2026-04-26T01:04:24 <p>Information published.</p> 6.0 2026-05-11T01:51:23 <p>Information published.</p> 7.0 2026-05-17T14:52:31 <p>Information published.</p> usb: gadget: renesas_usb3: validate endpoint index in standard request handlers Mariner Linux Yes CVE-2026-31615 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:43:14 <p>Information published.</p> 3.0 2026-04-29T14:58:57 <p>Information published.</p> 5.0 2026-05-01T14:41:09 <p>Information published.</p> 1.0 2026-04-26T01:04:42 <p>Information published.</p> 4.0 2026-04-30T01:05:21 <p>Information published.</p> ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc Mariner Linux Yes CVE-2026-31610 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:43:20 <p>Information published.</p> 4.0 2026-05-01T01:02:34 <p>Information published.</p> 5.0 2026-05-01T14:41:16 <p>Information published.</p> 1.0 2026-04-26T01:04:47 <p>Information published.</p> 3.0 2026-04-29T14:59:09 <p>Information published.</p> lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files Mariner GitHub_M Yes CVE-2026-41066 Improper Restriction of XML External Entity Reference 21239-17084 18674-17086 21313-17084 21239-17084 18674-17086 21313-17084 Important 21239-17084 Important 18674-17086 Important 21313-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 21239-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 18674-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 21313-17084 CBL-Mariner Releases 21239-17084 21313-17084 No Security Update 4.9.3-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21239-17084 21313-17084 CBL-Mariner Releases 1.0 2026-04-26T01:04:41 <p>Information published.</p> 3.0 2026-04-29T01:06:42 <p>Information published.</p> 2.0 2026-04-27T14:43:16 <p>Information published.</p> 4.0 2026-05-06T01:41:49 <p>Information published.</p> 5.0 2026-05-06T14:42:16 <p>Information published.</p> net: lan966x: fix page pool leak in error paths Mariner Linux Yes CVE-2026-31645 21248-17084 21094-17084 21308-17084 21332-17084 21344-17084 21248-17084 21094-17084 21308-17084 21332-17084 21344-17084 Moderate 21248-17084 Moderate 21094-17084 Moderate 21308-17084 Moderate 21332-17084 Low 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 3.3 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 21344-17084 1.0 2026-04-26T01:04:53 <p>Information published.</p> 3.0 2026-04-29T14:59:19 <p>Information published.</p> 4.0 2026-05-06T14:39:50 <p>Information published.</p> 6.1 2026-05-22T01:40:59 <p>Information published.</p> 2.0 2026-04-27T14:43:26 <p>Information published.</p> 5.0 2026-05-11T01:51:31 <p>Information published.</p> 6.0 2026-05-17T14:52:40 <p>Information published.</p> uuid: Missing buffer bounds check in `v3`/`v5`/`v6` when `buf` is provided Mariner GitHub_M Yes CVE-2026-41907 Use of Out-of-range Pointer Offset 21236-17084 21236-17084 Important 21236-17084 2.0 2026-04-27T14:43:21 <p>Information published.</p> 1.0 2026-04-26T01:04:53 <p>Information published.</p> Vim: Command injection via backtick expansion in tag filenames Mariner GitHub_M Yes CVE-2026-41411 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 21147-17084 21163-17086 21147-17084 21163-17086 Moderate 21147-17084 Moderate 21163-17086 6.6 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L 21147-17084 6.6 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L 21163-17086 CBL-Mariner Releases 21147-17084 No Security Update 9.2.0392-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21147-17084 CBL-Mariner Releases 2.0 2026-04-27T14:43:27 <p>Information published.</p> 3.0 2026-04-29T01:06:56 <p>Information published.</p> 1.0 2026-04-26T01:05:00 <p>Information published.</p> 4.0 2026-04-29T01:39:36 <p>Information published.</p> ocfs2: fix possible deadlock between unlink and dio_end_io_write Mariner Linux Yes CVE-2026-31598 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Important 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:05:00 <p>Information published.</p> 2.0 2026-04-27T14:43:31 <p>Information published.</p> 3.0 2026-04-29T14:59:29 <p>Information published.</p> 5.0 2026-05-01T14:41:22 <p>Information published.</p> 4.0 2026-05-01T01:01:53 <p>Information published.</p> 6.0 2026-05-02T01:41:49 <p>Information published.</p> smb: server: make use of smbdirect_socket.send_io.bcredits Mariner Linux Yes CVE-2026-31537 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Important 21248-17084 Important 21094-17084 Moderate 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21248-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-26T01:05:12 <p>Information published.</p> 1.1 2026-04-27T14:43:43 <p>Information published.</p> 3.0 2026-04-29T14:59:43 <p>Information published.</p> 2.0 2026-04-29T01:43:36 <p>Information published.</p> 4.0 2026-04-30T01:05:57 <p>Information published.</p> 5.0 2026-04-30T01:38:55 <p>Information published.</p> tls: Purge async_hold in tls_decrypt_async_wait() Mariner Linux Yes CVE-2026-23414 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-27T14:43:44 <p>Information published.</p> 3.0 2026-04-29T14:48:15 <p>Information published.</p> 1.0 2026-04-26T01:05:18 <p>Information published.</p> staging: sm750fb: fix division by zero in ps_to_hz() Mariner Linux Yes CVE-2026-31603 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 Moderate 21248-17084 Moderate 21093-17086 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 3.0 2026-04-29T14:59:50 <p>Information published.</p> 5.0 2026-05-01T14:41:36 <p>Information published.</p> 1.0 2026-04-26T01:05:17 <p>Information published.</p> 2.0 2026-04-27T14:43:48 <p>Information published.</p> 4.0 2026-05-01T01:02:09 <p>Information published.</p> smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() Mariner Linux Yes CVE-2026-31608 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Important 21094-17084 Important 21248-17084 Critical 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21248-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 21248-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:43:54 <p>Information published.</p> 2.0 2026-04-29T14:59:59 <p>Information published.</p> 4.0 2026-05-01T01:02:24 <p>Information published.</p> 5.0 2026-05-02T01:42:00 <p>Information published.</p> 1.0 2026-04-26T01:05:27 <p>Information published.</p> 3.0 2026-04-30T14:38:30 <p>Information published.</p> ksmbd: require 3 sub-authorities before reading sub_auth[2] Mariner Linux Yes CVE-2026-31611 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Moderate 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 6.1 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:44:00 <p>Information published.</p> 3.0 2026-04-29T15:00:06 <p>Information published.</p> 4.0 2026-05-01T01:02:40 <p>Information published.</p> 5.0 2026-05-01T14:41:43 <p>Information published.</p> 1.0 2026-04-26T01:05:33 <p>Information published.</p> 2.0 2026-04-29T01:43:49 <p>Information published.</p> SFTP chroot bypass via path traversal in SSH_FXP_FSETSTAT Mariner EEF Yes CVE-2026-32147 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 21095-17084 21145-17086 21095-17084 21145-17086 Moderate 21095-17084 Moderate 21145-17086 CBL-Mariner Releases 21095-17084 No Security Update 26.2.5.20-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21095-17084 CBL-Mariner Releases 1.0 2026-04-26T01:05:40 <p>Information published.</p> 2.0 2026-04-27T14:44:01 <p>Information published.</p> 3.0 2026-04-29T01:40:02 <p>Information published.</p> arm64: mm: Handle invalid large leaf mappings correctly Mariner Linux Yes CVE-2026-31600 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T15:00:22 <p>Information published.</p> 1.0 2026-04-26T01:05:45 <p>Information published.</p> 2.0 2026-04-27T14:44:11 <p>Information published.</p> rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1 Mariner GitHub_M Yes CVE-2026-41676 Out-of-bounds Write 20878-17086 21108-17086 21165-17084 21136-17084 21241-17084 21255-17084 21254-17084 21249-17084 21291-17084 21223-17084 21110-17084 21123-17084 21266-17084 20878-17086 21108-17086 21165-17084 21136-17084 21241-17084 21255-17084 21254-17084 21249-17084 21291-17084 21223-17084 21110-17084 21123-17084 21266-17084 Important 20878-17086 Important 21108-17086 Important 21165-17084 Important 21136-17084 Important 21241-17084 Important 21255-17084 Important 21254-17084 Important 21249-17084 Important 21291-17084 Important 21223-17084 Important 21110-17084 Important 21123-17084 Important 21266-17084 2.0 2026-04-27T14:44:27 <p>Information published.</p> 3.0 2026-04-29T14:48:46 <p>Information published.</p> 1.0 2026-04-26T01:06:07 <p>Information published.</p> 4.0 2026-04-30T01:12:12 <p>Information published.</p> 5.0 2026-04-30T01:48:29 <p>Information published.</p> i2c: s3c24xx: check the size of the SMBUS message before using it Mariner Linux Yes CVE-2026-31627 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 6.6 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:44:17 <p>Information published.</p> 2.0 2026-04-29T01:04:19 <p>Information published.</p> 4.0 2026-04-29T15:00:29 <p>Information published.</p> 5.0 2026-05-01T14:41:56 <p>Information published.</p> 1.0 2026-04-26T01:05:51 <p>Information published.</p> 3.0 2026-04-29T01:44:07 <p>Information published.</p> xfrm_user: fix info leak in build_report() Mariner Linux Yes CVE-2026-31671 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:05:57 <p>Information published.</p> 2.0 2026-04-27T14:44:23 <p>Information published.</p> 4.0 2026-04-29T15:00:36 <p>Information published.</p> 3.0 2026-04-29T01:06:21 <p>Information published.</p> 5.0 2026-05-01T14:42:03 <p>Information published.</p> spi: spi-dw-dma: fix print error log when wait finish transaction Mariner Linux Yes CVE-2026-31560 21093-17086 21248-17084 21308-17084 21332-17084 21094-17084 21344-17084 21093-17086 21248-17084 21308-17084 21332-17084 21094-17084 21344-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21094-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-26T01:06:02 <p>Information published.</p> 3.0 2026-04-29T01:02:47 <p>Information published.</p> 4.0 2026-04-29T15:00:42 <p>Information published.</p> 2.0 2026-04-27T14:44:28 <p>Information published.</p> 5.0 2026-05-06T14:40:13 <p>Information published.</p> 6.0 2026-05-11T01:51:40 <p>Information published.</p> 7.0 2026-05-17T14:52:48 <p>Information published.</p> rust-openssl: Incorrect bounds assertion in aes key wrap Mariner GitHub_M Yes CVE-2026-41678 Out-of-bounds Write 21223-17084 20878-17086 21108-17086 21165-17084 21136-17084 21123-17084 21255-17084 21254-17084 21249-17084 21266-17084 21110-17084 21241-17084 21291-17084 21223-17084 20878-17086 21108-17086 21165-17084 21136-17084 21123-17084 21255-17084 21254-17084 21249-17084 21266-17084 21110-17084 21241-17084 21291-17084 Important 21223-17084 Important 20878-17086 Important 21108-17086 Important 21165-17084 Important 21136-17084 Important 21123-17084 Important 21255-17084 Important 21254-17084 Important 21249-17084 Important 21266-17084 Important 21110-17084 Important 21241-17084 Important 21291-17084 1.0 2026-04-26T01:06:33 <p>Information published.</p> 2.0 2026-04-27T14:44:54 <p>Information published.</p> 3.0 2026-04-29T14:49:19 <p>Information published.</p> 4.0 2026-04-30T01:12:28 <p>Information published.</p> 5.0 2026-04-30T01:49:10 <p>Information published.</p> ksmbd: validate EaNameLength in smb2_get_ea() Mariner Linux Yes CVE-2026-31612 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Moderate 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 6.2 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:44:50 <p>Information published.</p> 3.0 2026-04-29T15:01:09 <p>Information published.</p> 4.0 2026-05-01T01:02:45 <p>Information published.</p> 5.0 2026-05-01T14:42:24 <p>Information published.</p> 1.0 2026-04-26T01:06:27 <p>Information published.</p> 2.0 2026-04-29T01:44:43 <p>Information published.</p> s390/mm: Add missing secure storage access fixups for donated memory Mariner Linux Yes CVE-2026-31568 21094-17084 21093-17086 21248-17084 21332-17084 21308-17084 21344-17084 21094-17084 21093-17086 21248-17084 21332-17084 21308-17084 21344-17084 Moderate 21094-17084 Important 21093-17086 Moderate 21248-17084 Moderate 21332-17084 Moderate 21308-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-26T01:06:33 <p>Information published.</p> 3.0 2026-04-29T01:02:57 <p>Information published.</p> 4.0 2026-04-29T14:38:43 <p>Information published.</p> 2.0 2026-04-27T14:44:56 <p>Information published.</p> 5.0 2026-05-06T14:41:30 <p>Information published.</p> 6.0 2026-05-11T01:51:57 <p>Information published.</p> 7.0 2026-05-17T14:53:06 <p>Information published.</p> ASoC: qcom: q6apm: move component registration to unmanaged version Mariner Linux Yes CVE-2026-31587 21248-17084 21094-17084 21248-17084 21094-17084 Moderate 21248-17084 Moderate 21094-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:06:50 <p>Information published.</p> 1.1 2026-04-27T14:45:12 <p>Information published.</p> 4.0 2026-05-01T14:42:31 <p>Information published.</p> 2.0 2026-04-29T01:44:56 <p>Information published.</p> 3.0 2026-04-29T14:39:24 <p>Information published.</p> mm/userfaultfd: fix hugetlb fault mutex hash calculation Mariner Linux Yes CVE-2026-31575 21093-17086 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 21093-17086 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 Moderate 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 2.0 2026-04-27T14:45:07 <p>Information published.</p> 3.0 2026-04-29T01:03:13 <p>Information published.</p> 4.0 2026-04-29T14:39:11 <p>Information published.</p> 1.0 2026-04-26T01:06:44 <p>Information published.</p> 5.0 2026-05-06T14:41:38 <p>Information published.</p> 6.0 2026-05-11T01:52:06 <p>Information published.</p> 7.0 2026-05-17T14:53:14 <p>Information published.</p> tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG Mariner Linux Yes CVE-2026-31662 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Important 21093-17086 Moderate 21248-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:45:18 <p>Information published.</p> 5.0 2026-05-01T14:42:37 <p>Information published.</p> 1.0 2026-04-26T01:06:57 <p>Information published.</p> 2.0 2026-04-29T01:05:40 <p>Information published.</p> 3.0 2026-04-29T01:45:03 <p>Information published.</p> 4.0 2026-04-29T14:39:36 <p>Information published.</p> bcache: fix cached_dev.sb_bio use-after-free and crash Mariner Linux Yes CVE-2026-31580 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Important 21093-17086 Moderate 21248-17084 Moderate 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-26T01:07:03 <p>Information published.</p> 2.0 2026-04-27T14:45:24 <p>Information published.</p> 3.0 2026-04-29T01:03:39 <p>Information published.</p> 4.0 2026-04-29T14:39:49 <p>Information published.</p> 5.0 2026-04-30T01:40:36 <p>Information published.</p> 6.0 2026-04-30T14:38:53 <p>Information published.</p> rust-openssl: MdCtxRef::digest_final() writes past caller buffer with no length check Mariner GitHub_M Yes CVE-2026-41681 Stack-based Buffer Overflow 21165-17084 21136-17084 21241-17084 21255-17084 21254-17084 21249-17084 21266-17084 21223-17084 21108-17086 21110-17084 21123-17084 21291-17084 21165-17084 21136-17084 21241-17084 21255-17084 21254-17084 21249-17084 21266-17084 21223-17084 21108-17086 21110-17084 21123-17084 21291-17084 Important 21165-17084 Important 21136-17084 Important 21241-17084 Important 21255-17084 Important 21254-17084 Important 21249-17084 Important 21266-17084 Important 21223-17084 Important 21108-17086 Important 21110-17084 Important 21123-17084 Important 21291-17084 1.0 2026-04-26T01:07:23 <p>Information published.</p> 2.0 2026-04-27T14:45:17 <p>Information published.</p> 3.0 2026-04-29T14:50:37 <p>Information published.</p> 4.0 2026-04-30T01:13:00 <p>Information published.</p> 5.0 2026-04-30T01:50:12 <p>Information published.</p> rxrpc: Fix key reference count leak from call->key Mariner Linux Yes CVE-2026-31639 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:45:54 <p>Information published.</p> 3.0 2026-04-29T14:40:57 <p>Information published.</p> 4.0 2026-05-01T14:42:57 <p>Information published.</p> 1.0 2026-04-26T01:07:33 <p>Information published.</p> batman-adv: hold claim backbone gateways by reference Mariner Linux Yes CVE-2026-31657 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Critical 21093-17086 Moderate 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:45:42 <p>Information published.</p> 2.0 2026-04-29T01:05:11 <p>Information published.</p> 3.0 2026-04-29T01:45:20 <p>Information published.</p> 4.0 2026-04-29T14:40:31 <p>Information published.</p> 5.0 2026-05-01T14:42:44 <p>Information published.</p> 1.0 2026-04-26T01:07:22 <p>Information published.</p> KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Mariner Linux Yes CVE-2026-31591 21094-17084 21094-17084 Important 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.1 2026-04-27T14:46:00 <p>Information published.</p> 1.0 2026-04-26T01:07:39 <p>Information published.</p> 2.0 2026-04-29T14:41:14 <p>Information published.</p> nfc: llcp: add missing return after LLCP_CLOSED checks Mariner Linux Yes CVE-2026-31629 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Important 21093-17086 Moderate 21248-17084 Moderate 21094-17084 8.8 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:46:05 <p>Information published.</p> 2.0 2026-04-29T01:04:29 <p>Information published.</p> 3.0 2026-04-29T01:45:33 <p>Information published.</p> 6.0 2026-05-01T14:43:05 <p>Information published.</p> 1.0 2026-04-26T01:07:45 <p>Information published.</p> 4.0 2026-04-29T14:41:27 <p>Information published.</p> 5.0 2026-04-30T01:41:34 <p>Information published.</p> wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit Mariner Linux Yes CVE-2026-31579 21094-17084 21093-17086 21248-17084 21308-17084 21332-17084 21344-17084 21094-17084 21093-17086 21248-17084 21308-17084 21332-17084 21344-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 2.0 2026-04-27T14:46:16 <p>Information published.</p> 3.0 2026-04-29T01:03:34 <p>Information published.</p> 6.0 2026-05-11T01:52:24 <p>Information published.</p> 1.0 2026-04-26T01:07:58 <p>Information published.</p> 4.0 2026-04-29T14:41:52 <p>Information published.</p> 5.0 2026-05-06T14:41:55 <p>Information published.</p> 7.0 2026-05-17T14:53:32 <p>Information published.</p> x86/CPU: Fix FPDSS on Zen1 Mariner Linux Yes CVE-2026-31628 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 Moderate 21093-17086 Moderate 21094-17084 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:08:04 <p>Information published.</p> 1.1 2026-04-27T14:46:22 <p>Information published.</p> 2.0 2026-04-29T01:04:24 <p>Information published.</p> 5.0 2026-05-01T14:43:12 <p>Information published.</p> 3.0 2026-04-29T01:45:49 <p>Information published.</p> 4.0 2026-04-29T14:42:05 <p>Information published.</p> rxrpc: proc: size address buffers for %pISpc output Mariner Linux Yes CVE-2026-31630 21093-17086 21248-17084 21332-17084 21094-17084 21308-17084 21344-17084 21093-17086 21248-17084 21332-17084 21094-17084 21308-17084 21344-17084 Important 21093-17086 Moderate 21248-17084 Moderate 21332-17084 Moderate 21094-17084 Moderate 21308-17084 Moderate 21344-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21332-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-26T01:07:52 <p>Information published.</p> 1.1 2026-04-27T14:46:11 <p>Information published.</p> 2.0 2026-04-29T01:04:35 <p>Information published.</p> 4.0 2026-04-29T14:41:39 <p>Information published.</p> 7.1 2026-05-22T01:41:23 <p>Information published.</p> 3.0 2026-04-29T01:45:40 <p>Information published.</p> 5.0 2026-05-06T14:41:46 <p>Information published.</p> 6.0 2026-05-11T01:52:16 <p>Information published.</p> 7.0 2026-05-17T14:53:23 <p>Information published.</p> pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled Mariner Linux Yes CVE-2026-31655 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:08:11 <p>Information published.</p> 3.0 2026-04-29T14:42:19 <p>Information published.</p> 2.0 2026-04-27T14:46:27 <p>Information published.</p> 4.0 2026-05-01T14:43:18 <p>Information published.</p> netfilter: ip6t_eui64: reject invalid MAC header for all packets Mariner Linux Yes CVE-2026-31685 21248-17084 21094-17084 21248-17084 21094-17084 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:45:57 <p>Information published.</p> 3.0 2026-04-29T14:52:12 <p>Information published.</p> 4.0 2026-05-01T14:45:42 <p>Information published.</p> 1.0 2026-04-26T01:08:16 <p>Information published.</p> net: stmmac: fix integer underflow in chain mode Mariner Linux Yes CVE-2026-31649 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21094-17084 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:46:44 <p>Information published.</p> 2.0 2026-04-29T01:04:55 <p>Information published.</p> 4.0 2026-04-29T14:42:54 <p>Information published.</p> 1.0 2026-04-26T01:08:28 <p>Information published.</p> 3.0 2026-04-29T01:46:14 <p>Information published.</p> 5.0 2026-05-01T14:43:32 <p>Information published.</p> mptcp: fix slab-use-after-free in __inet_lookup_established Mariner Linux Yes CVE-2026-31669 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Critical 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:46:33 <p>Information published.</p> 2.0 2026-04-29T01:06:11 <p>Information published.</p> 4.0 2026-04-29T14:42:30 <p>Information published.</p> 1.0 2026-04-26T01:08:17 <p>Information published.</p> 3.0 2026-04-29T01:45:59 <p>Information published.</p> 5.0 2026-04-30T01:42:17 <p>Information published.</p> 6.0 2026-05-01T14:43:25 <p>Information published.</p> net: ipv6: flowlabel: defer exclusive option free until RCU teardown Mariner Linux Yes CVE-2026-31680 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-27T14:46:20 <p>Information published.</p> 1.0 2026-04-26T01:08:39 <p>Information published.</p> 3.0 2026-04-29T14:53:11 <p>Information published.</p> media: hackrf: fix to not free memory after the device is registered in hackrf_probe() Mariner Linux Yes CVE-2026-31576 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 Important 21093-17086 Important 21094-17084 Important 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 1.0 2026-04-26T01:08:41 <p>Information published.</p> 1.1 2026-04-27T14:37:47 <p>Information published.</p> 2.0 2026-04-29T01:03:18 <p>Information published.</p> 4.0 2026-04-29T14:43:21 <p>Information published.</p> 3.0 2026-04-29T01:46:28 <p>Information published.</p> 5.0 2026-04-30T01:43:12 <p>Information published.</p> openvswitch: defer tunnel netdev_put to RCU release Mariner Linux Yes CVE-2026-31678 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-27T14:46:26 <p>Information published.</p> 1.0 2026-04-26T01:08:45 <p>Information published.</p> 3.0 2026-04-29T14:53:27 <p>Information published.</p> PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup Mariner Linux Yes CVE-2026-31595 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:08:46 <p>Information published.</p> 2.0 2026-04-27T14:37:53 <p>Information published.</p> 3.0 2026-04-29T14:43:34 <p>Information published.</p> 4.0 2026-05-01T14:43:45 <p>Information published.</p> netfilter: xt_multiport: validate range encoding in checkentry Mariner Linux Yes CVE-2026-31681 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:46:31 <p>Information published.</p> 3.0 2026-04-29T14:53:40 <p>Information published.</p> 1.0 2026-04-26T01:08:51 <p>Information published.</p> 4.0 2026-05-01T14:45:56 <p>Information published.</p> mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() Mariner Linux Yes CVE-2026-31586 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Important 21093-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:37:58 <p>Information published.</p> 3.0 2026-04-29T14:43:46 <p>Information published.</p> 5.0 2026-05-01T14:43:52 <p>Information published.</p> 1.0 2026-04-26T01:08:52 <p>Information published.</p> 2.0 2026-04-29T01:46:39 <p>Information published.</p> 4.0 2026-04-30T01:09:52 <p>Information published.</p> media: as102: fix to not free memory after the device is registered in as102_usb_probe() Mariner Linux Yes CVE-2026-31578 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 Important 21093-17086 Moderate 21094-17084 Moderate 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:08:58 <p>Information published.</p> 1.1 2026-04-27T14:38:04 <p>Information published.</p> 2.0 2026-04-29T01:03:29 <p>Information published.</p> 4.0 2026-04-29T14:43:59 <p>Information published.</p> 5.0 2026-05-01T14:43:59 <p>Information published.</p> 3.0 2026-04-29T01:46:46 <p>Information published.</p> bridge: br_nd_send: linearize skb before parsing ND options Mariner Linux Yes CVE-2026-31682 21094-17084 21094-17084 Moderate 21094-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.1 2026-04-27T14:46:43 <p>Information published.</p> 2.0 2026-04-29T01:42:04 <p>Information published.</p> 1.0 2026-04-26T01:09:04 <p>Information published.</p> 3.0 2026-04-29T14:54:10 <p>Information published.</p> batman-adv: reject oversized global TT response buffers Mariner Linux Yes CVE-2026-31659 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Critical 21093-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:09:16 <p>Information published.</p> 2.0 2026-04-27T14:38:22 <p>Information published.</p> 4.0 2026-04-29T14:44:37 <p>Information published.</p> 5.0 2026-05-01T14:44:21 <p>Information published.</p> 3.0 2026-04-29T01:05:21 <p>Information published.</p> HID: alps: fix NULL pointer dereference in alps_raw_event() Mariner Linux Yes CVE-2026-31625 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21248-17084 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:09:10 <p>Information published.</p> 2.0 2026-04-27T14:38:16 <p>Information published.</p> 3.0 2026-04-29T01:04:09 <p>Information published.</p> 4.0 2026-04-29T14:44:25 <p>Information published.</p> 5.0 2026-05-01T14:44:14 <p>Information published.</p> openvswitch: validate MPLS set/set_masked payload length Mariner Linux Yes CVE-2026-31679 21094-17084 21094-17084 Moderate 21094-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-26T01:09:15 <p>Information published.</p> 1.1 2026-04-27T14:46:53 <p>Information published.</p> 3.0 2026-04-29T14:54:40 <p>Information published.</p> 2.0 2026-04-29T01:42:22 <p>Information published.</p> netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Mariner Linux Yes CVE-2026-31674 21094-17084 21094-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.1 2026-04-27T14:46:48 <p>Information published.</p> 3.0 2026-04-29T14:54:25 <p>Information published.</p> 1.0 2026-04-26T01:09:09 <p>Information published.</p> 2.0 2026-04-29T01:42:14 <p>Information published.</p> af_unix: read UNIX_DIAG_VFS data under unix_state_lock Mariner Linux Yes CVE-2026-31673 21248-17084 21094-17084 21248-17084 21094-17084 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:46:59 <p>Information published.</p> 3.0 2026-04-29T14:54:53 <p>Information published.</p> 4.0 2026-05-01T14:46:09 <p>Information published.</p> 1.0 2026-04-26T01:09:21 <p>Information published.</p> xfrm: clear trailing padding in build_polexpire() Mariner Linux Yes CVE-2026-31664 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:38:28 <p>Information published.</p> 4.0 2026-04-29T14:44:50 <p>Information published.</p> 1.0 2026-04-26T01:09:22 <p>Information published.</p> 3.0 2026-04-29T01:05:50 <p>Information published.</p> 5.0 2026-05-01T14:44:28 <p>Information published.</p> NFC: digital: Bounds check NFC-A cascade depth in SDD response handler Mariner Linux Yes CVE-2026-31622 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Important 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 8.8 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:38:33 <p>Information published.</p> 1.0 2026-04-26T01:09:27 <p>Information published.</p> 3.0 2026-04-29T14:45:03 <p>Information published.</p> 4.0 2026-04-30T01:10:24 <p>Information published.</p> 5.0 2026-05-01T14:44:34 <p>Information published.</p> ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY Mariner Linux Yes CVE-2026-31597 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 Moderate 21248-17084 Moderate 21094-17084 Moderate 21093-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:38:39 <p>Information published.</p> 4.0 2026-05-01T01:01:47 <p>Information published.</p> 1.0 2026-04-26T01:09:33 <p>Information published.</p> 2.0 2026-04-29T01:47:10 <p>Information published.</p> 3.0 2026-04-29T14:45:15 <p>Information published.</p> 5.0 2026-05-01T14:44:41 <p>Information published.</p> KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock Mariner Linux Yes CVE-2026-31592 21248-17084 21332-17084 21094-17084 21093-17086 21308-17084 21344-17084 21248-17084 21332-17084 21094-17084 21093-17086 21308-17084 21344-17084 Moderate 21248-17084 Moderate 21332-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21308-17084 Moderate 21344-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21332-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.1 2026-04-27T14:38:51 <p>Information published.</p> 3.0 2026-04-29T14:45:28 <p>Information published.</p> 6.0 2026-05-11T01:52:32 <p>Information published.</p> 7.1 2026-05-22T01:41:33 <p>Information published.</p> 1.0 2026-04-26T01:09:43 <p>Information published.</p> 2.0 2026-04-29T01:47:18 <p>Information published.</p> 4.0 2026-04-30T01:10:40 <p>Information published.</p> 5.0 2026-05-06T14:42:05 <p>Information published.</p> 7.0 2026-05-17T14:38:57 <p>Information published.</p> drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat Mariner Linux Yes CVE-2026-31656 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Important 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:10:27 <p>Information published.</p> 2.0 2026-04-27T14:39:36 <p>Information published.</p> 3.0 2026-04-29T01:05:06 <p>Information published.</p> 4.0 2026-04-29T14:45:54 <p>Information published.</p> 5.0 2026-05-01T14:44:56 <p>Information published.</p> mm/kasan: fix double free for kasan pXds Mariner Linux Yes CVE-2026-31686 21094-17084 21248-17084 21094-17084 21248-17084 Important 21094-17084 Important 21248-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21248-17084 1.0 2026-04-29T01:01:32 <p>Information published.</p> 2.0 2026-04-29T14:58:24 <p>Information published.</p> 3.0 2026-04-30T01:53:06 <p>Information published.</p> rust-openssl: Unchecked callback-returned length in PSK and cookie generate trampolines can cause OpenSSL to leak adjacent memory to the network peer Mariner GitHub_M Yes CVE-2026-41898 Buffer Over-read 20878-17086 21108-17086 21123-17084 21255-17084 21254-17084 21249-17084 21223-17084 21165-17084 21136-17084 21110-17084 21241-17084 21266-17084 21291-17084 20878-17086 21108-17086 21123-17084 21255-17084 21254-17084 21249-17084 21223-17084 21165-17084 21136-17084 21110-17084 21241-17084 21266-17084 21291-17084 Important 20878-17086 Important 21108-17086 Important 21123-17084 Important 21255-17084 Important 21254-17084 Important 21249-17084 Important 21223-17084 Important 21165-17084 Important 21136-17084 Important 21110-17084 Important 21241-17084 Important 21266-17084 Important 21291-17084 2.0 2026-04-29T15:01:28 <p>Information published.</p> 1.0 2026-04-29T01:10:17 <p>Information published.</p> 3.0 2026-04-30T01:08:19 <p>Information published.</p> 4.0 2026-04-30T01:55:17 <p>Information published.</p> Xorg: xwayland: x.org x server: denial of service via integer underflow in xkb compatibility map handling Mariner redhat Yes CVE-2026-33999 Integer Underflow (Wrap or Wraparound) 20351-17086 21247-17084 21316-17084 20351-17086 21247-17084 21316-17084 Moderate 20351-17086 Moderate 21247-17084 Moderate 21316-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 20351-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21247-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21316-17084 CBL-Mariner Releases 21247-17084 21316-17084 No Security Update 24.1.6-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21247-17084 21316-17084 CBL-Mariner Releases 2.0 2026-05-06T01:42:13 <p>Information published.</p> 1.0 2026-04-29T01:11:14 <p>Information published.</p> 3.0 2026-05-06T14:43:53 <p>Information published.</p> NFC: nxp-nci: allow GPIOs to sleep Mariner Linux Yes CVE-2026-31545 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-30T01:10:09 <p>Information published.</p> net: bonding: fix NULL deref in bond_debug_rlb_hash_show Mariner Linux Yes CVE-2026-31546 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-30T01:10:18 <p>Information published.</p> pip self-update functionality can import newly installed modules after wheel installation Mariner PSF Yes CVE-2026-6357 21100-17084 21021-17084 20965-17084 21144-17084 21139-17086 20937-17086 21100-17084 21021-17084 20965-17084 21144-17084 21139-17086 20937-17086 Moderate 21100-17084 Moderate 21021-17084 Moderate 20965-17084 Moderate 21144-17084 Moderate 21139-17086 Moderate 20937-17086 CBL-Mariner Releases 20965-17084 No Security Update 24.2-8 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20965-17084 CBL-Mariner Releases CBL-Mariner Releases 21144-17084 No Security Update 20.36.1-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21144-17084 CBL-Mariner Releases 3.0 2026-05-19T01:40:45 <p>Information published.</p> 4.0 2026-05-22T01:42:29 <p>Information published.</p> 1.0 2026-04-30T01:10:45 <p>Information published.</p> 2.0 2026-05-01T01:04:44 <p>Information published.</p> Apache Thrift: Java TSSLTransportFactory hostname verification Mariner apache Yes CVE-2026-41603 Improper Validation of Certificate with Host Mismatch 17626-17084 17626-17084 Important 17626-17084 7.4 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N 17626-17084 CBL-Mariner Releases 17626-17084 No Security Update 0.15.0-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17626-17084 CBL-Mariner Releases 2.0 2026-05-13T01:40:12 <p>Information published.</p> 1.0 2026-04-30T01:11:14 <p>Information published.</p> Apache Thrift: C++ JSON OOB read Mariner apache Yes CVE-2026-41607 Out-of-bounds Read 20704-17086 17626-17084 20704-17086 17626-17084 Moderate 20704-17086 Moderate 17626-17084 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U 20704-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 17626-17084 1.0 2026-04-30T01:11:49 <p>Information published.</p> 2.0 2026-05-01T01:04:23 <p>Information published.</p> Apache Thrift: Node.js skip() recursion Mariner apache Yes CVE-2026-41636 Uncontrolled Recursion 20704-17086 17626-17084 20704-17086 17626-17084 Important 20704-17086 Important 17626-17084 CBL-Mariner Releases 17626-17084 No Security Update 0.15.0-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17626-17084 CBL-Mariner Releases 2.0 2026-05-01T01:04:09 <p>Information published.</p> 3.0 2026-05-13T01:40:27 <p>Information published.</p> 1.0 2026-04-30T01:11:57 <p>Information published.</p> net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption Mariner Linux Yes CVE-2026-31533 21248-17084 21093-17086 21248-17084 21093-17086 Important 21248-17084 Important 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-05-01T01:01:32 <p>Information published.</p> 2.0 2026-05-01T14:46:51 <p>Information published.</p> In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path to handle user input are affected and could be exploited. In particular, because sendInput() sends a string to a terminal, a control character such as \x01 can be used during injection. Mariner mitre Yes CVE-2026-41526 Improper Neutralization of Escape, Meta, or Control Sequences 21293-17084 21294-17086 21293-17084 21294-17086 Moderate 21293-17084 Moderate 21294-17086 6.5 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L 21293-17084 6.5 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L 21294-17086 CBL-Mariner Releases 21293-17084 No Security Update 5.249.0-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21293-17084 CBL-Mariner Releases 1.0 2026-05-01T01:03:38 <p>Information published.</p> 2.0 2026-05-09T01:38:59 <p>Information published.</p> In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message. Mariner mitre Yes CVE-2026-40356 Integer Underflow (Wrap or Wraparound) 20902-17084 20903-17086 20902-17084 20903-17086 Moderate 20902-17084 Moderate 20903-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20902-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20903-17086 CBL-Mariner Releases 20902-17084 No Security Update 1.21.3-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20902-17084 CBL-Mariner Releases 2.0 2026-05-11T14:42:40 <p>Information published.</p> 1.0 2026-05-01T01:03:54 <p>Information published.</p> shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs Mariner PSF Yes CVE-2026-3087 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 21100-17084 21021-17084 20937-17086 21100-17084 21021-17084 20937-17086 Moderate 21100-17084 Moderate 21021-17084 Moderate 20937-17086 2.0 2026-05-19T01:40:53 <p>Information published.</p> 1.0 2026-05-01T01:04:55 <p>Information published.</p> FRRouting < 10.5.3 Integer Overflow in OSPF TLV Parser Functions Mariner VulnCheck Yes CVE-2026-28532 Integer Overflow or Wraparound 21208-17084 20873-17086 21317-17084 21208-17084 20873-17086 21317-17084 Moderate 21208-17084 Moderate 20873-17086 Moderate 21317-17084 6.5 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21208-17084 6.5 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20873-17086 6.5 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21317-17084 CBL-Mariner Releases 21208-17084 21317-17084 No Security Update 10.5.0-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21208-17084 21317-17084 CBL-Mariner Releases 1.0 2026-05-02T01:01:30 <p>Information published.</p> 3.0 2026-05-05T01:02:55 <p>Information published.</p> 2.0 2026-05-04T14:37:52 <p>Information published.</p> 4.0 2026-05-06T14:44:52 <p>Information published.</p> An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overflow or denial of service. Both values come from the WAV file header and are attacker-controlled. This issue was discovered after an incomplete fix for CVE-2022-33065. Mariner mitre Yes CVE-2026-37555 Integer Overflow or Wraparound 20369-17086 20887-17084 20369-17086 20887-17084 Important 20369-17086 Important 20887-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20369-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20887-17084 1.0 2026-05-03T01:01:33 <p>Information published.</p> 2.0 2026-05-04T14:41:31 <p>Information published.</p> Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions Mariner redhat Yes CVE-2026-6842 Incorrect Permission Assignment for Critical Resource 17720-17084 20092-17086 17720-17084 20092-17086 Low 17720-17084 Low 20092-17086 2.5 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 17720-17084 2.5 2.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U 20092-17086 CBL-Mariner Releases 17720-17084 No Security Update 6.4-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17720-17084 CBL-Mariner Releases 2.0 2026-05-05T01:42:03 <p>Information published.</p> 1.0 2026-05-03T01:02:43 <p>Information published.</p> 3.0 2026-05-08T01:42:25 <p>Information published.</p> Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Shell. While the vulnerability is in MySQL Shell, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Shell accessible data. CVSS 3.1 Base Score 5.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N). Mariner oracle Yes CVE-2026-34318 Exposure of Sensitive Information to an Unauthorized Actor 21155-17086 21155-17086 Moderate 21155-17086 5.8 5.8 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N 21155-17086 1.0 2026-05-07T01:03:34 <p>Information published.</p> KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE Mariner Linux Yes CVE-2026-23401 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 8.4 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-02T01:01:28 <p>Information published.</p> 2.0 2026-04-03T01:39:03 <p>Information published.</p> 3.0 2026-04-18T14:37:27 <p>Information published.</p> 4.0 2026-04-26T01:02:55 <p>Information published.</p> 5.0 2026-04-27T14:41:43 <p>Information published.</p> 6.0 2026-04-29T14:44:05 <p>Information published.</p> OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions. Mariner mitre Yes CVE-2026-35388 Unprotected Alternate Channel 20608-17086 20632-17084 20608-17086 20632-17084 Low 20608-17086 Low 20632-17084 2.5 2.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U 20608-17086 2.5 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N 20632-17084 CBL-Mariner Releases 20632-17084 No Security Update 9.8p1-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20632-17084 CBL-Mariner Releases 1.0 2026-04-04T01:02:08 <p>Information published.</p> 2.0 2026-04-07T01:01:55 <p>Information published.</p> 3.0 2026-04-11T01:39:45 <p>Information published.</p> OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms. Mariner mitre Yes CVE-2026-35387 Always-Incorrect Control Flow Implementation 21261-17084 20632-17084 20608-17086 21261-17084 20632-17084 20608-17086 Low 21261-17084 Low 20632-17084 Low 20608-17086 3.1 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 21261-17084 3.1 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 20632-17084 3.1 2.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U 20608-17086 3.0 2026-04-29T14:44:35 <p>Information published.</p> 1.0 2026-04-04T01:02:26 <p>Information published.</p> 2.0 2026-04-07T01:02:00 <p>Information published.</p> In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode). Mariner mitre Yes CVE-2026-35385 Improper Preservation of Permissions 20608-17086 20632-17084 20608-17086 20632-17084 Moderate 20608-17086 Important 20632-17084 7.5 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U 20608-17086 7.5 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 20632-17084 CBL-Mariner Releases 20632-17084 No Security Update 9.8p1-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20632-17084 CBL-Mariner Releases 1.0 2026-04-04T01:02:32 <p>Information published.</p> 3.0 2026-04-11T01:40:03 <p>Information published.</p> 2.0 2026-04-07T01:02:05 <p>Information published.</p> xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion Mariner GitHub_M Yes CVE-2026-34601 XML Injection (aka Blind XPath Injection) 19693-17084 19712-17086 19693-17084 19712-17086 Important 19693-17084 Important 19712-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 19693-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 19712-17086 1.0 2026-04-04T01:02:47 <p>Information published.</p> 2.0 2026-04-15T01:42:18 <p>Information published.</p> An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256_crypt_r uses alloca. Mariner mitre Yes CVE-2026-35549 Memory Allocation with Excessive Size Value 21054-17084 21054-17084 Moderate 21054-17084 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 21054-17084 1.0 2026-04-04T01:02:53 <p>Information published.</p> OpenPrinting CUPS: Heap overflow in `get_options()` Mariner GitHub_M Yes CVE-2026-34979 Heap-based Buffer Overflow 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 5.3 5.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P 20737-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 20768-17086 CBL-Mariner Releases 20737-17084 No Security Update 2.4.17-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20737-17084 CBL-Mariner Releases 1.0 2026-04-05T01:01:23 <p>Information published.</p> 3.0 2026-04-09T01:01:35 <p>Information published.</p> 2.0 2026-04-07T01:40:39 <p>Information published.</p> 4.0 2026-04-18T14:37:34 <p>Information published.</p> OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network Mariner GitHub_M Yes CVE-2026-34980 Improper Input Validation 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 CBL-Mariner Releases 20737-17084 No Security Update 2.4.17-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20737-17084 CBL-Mariner Releases 1.0 2026-04-05T01:01:28 <p>Information published.</p> 4.0 2026-04-18T14:37:40 <p>Information published.</p> 2.0 2026-04-07T01:40:44 <p>Information published.</p> 3.0 2026-04-09T01:01:40 <p>Information published.</p> OpenPrinting CUPS: Local print admin token disclosure using temporary printers Mariner GitHub_M Yes CVE-2026-34990 Improper Authentication 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 CBL-Mariner Releases 20737-17084 No Security Update 2.4.17-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20737-17084 CBL-Mariner Releases 1.0 2026-04-05T01:01:45 <p>Information published.</p> 2.0 2026-04-07T01:41:00 <p>Information published.</p> 3.0 2026-04-09T01:01:45 <p>Information published.</p> 4.0 2026-04-18T14:38:00 <p>Information published.</p> serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN Mariner Linux Yes CVE-2026-23472 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-05T01:01:55 <p>Information published.</p> 5.0 2026-05-11T01:48:43 <p>Information published.</p> 2.0 2026-04-07T01:41:10 <p>Information published.</p> 3.0 2026-04-29T14:45:00 <p>Information published.</p> 4.0 2026-05-06T14:51:17 <p>Information published.</p> 6.0 2026-05-17T14:49:49 <p>Information published.</p> wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure Mariner Linux Yes CVE-2026-23444 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 1.0 2026-04-05T01:02:07 <p>Information published.</p> 2.0 2026-04-07T01:41:15 <p>Information published.</p> 4.0 2026-04-29T14:45:12 <p>Information published.</p> 5.0 2026-05-02T14:38:26 <p>Information published.</p> 3.0 2026-04-25T01:05:29 <p>Information published.</p> Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold Mariner Linux Yes CVE-2026-31408 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-07T01:01:28 <p>Information published.</p> 2.0 2026-04-18T14:38:07 <p>Information published.</p> 3.0 2026-04-29T14:46:16 <p>Information published.</p> Path traversal issue with zip.vim in Vim Mariner GitHub_M Yes CVE-2026-35177 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 21147-17084 21163-17086 21147-17084 21163-17086 Moderate 21147-17084 Moderate 21163-17086 4.1 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L 21147-17084 4.1 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L 21163-17086 CBL-Mariner Releases 21147-17084 No Security Update 9.2.0315-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21147-17084 CBL-Mariner Releases 1.0 2026-04-08T01:01:25 <p>Information published.</p> 2.0 2026-04-09T01:02:39 <p>Information published.</p> CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer Mariner GitHub_M Yes CVE-2026-39316 Use After Free 20737-17084 20768-17086 20737-17084 20768-17086 Low 20737-17084 Moderate 20768-17086 4.0 3.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U 20737-17084 4.0 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 20768-17086 CBL-Mariner Releases 20737-17084 No Security Update 2.4.17-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20737-17084 CBL-Mariner Releases 1.0 2026-04-09T01:01:51 <p>Information published.</p> 2.0 2026-04-11T01:01:21 <p>Information published.</p> 3.0 2026-04-18T14:38:14 <p>Information published.</p> Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins Mariner redhat Yes CVE-2026-35093 Improper Control of Generation of Code ('Code Injection') 21169-17086 21170-17084 21169-17086 21170-17084 Important 21169-17086 Important 21170-17084 8.8 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 21169-17086 8.8 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 21170-17084 1.0 2026-04-09T01:02:29 <p>Information published.</p> 2.0 2026-04-15T01:42:54 <p>Information published.</p> ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings. Mariner GitHub_M Yes CVE-2026-34445 Improper Input Validation 20972-17084 21103-17086 20972-17084 21103-17086 Important 20972-17084 Important 21103-17086 8.6 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 20972-17084 8.6 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 21103-17086 CBL-Mariner Releases 20972-17084 No Security Update 2.2.2-14 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20972-17084 CBL-Mariner Releases 1.0 2026-04-09T01:02:56 <p>Information published.</p> 2.0 2026-04-17T14:38:06 <p>Information published.</p> Sleuth Kit ISO9660 SUSP Extension Reference Out-of-Bounds Read Mariner VulnCheck Yes CVE-2026-40026 Out-of-bounds Read 20112-17084 21193-17086 20112-17084 21193-17086 Moderate 20112-17084 Moderate 21193-17086 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 20112-17084 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 21193-17086 CBL-Mariner Releases 20112-17084 No Security Update 4.12.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20112-17084 CBL-Mariner Releases 1.0 2026-04-10T01:01:43 <p>Information published.</p> 3.0 2026-04-11T01:40:37 <p>Information published.</p> 2.0 2026-04-11T01:10:43 <p>Information published.</p> Sleuth Kit APFS Keybag Parser Out-of-Bounds Read Mariner VulnCheck Yes CVE-2026-40025 Out-of-bounds Read 20112-17084 21193-17086 20112-17084 21193-17086 Moderate 20112-17084 Moderate 21193-17086 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 20112-17084 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 21193-17086 CBL-Mariner Releases 20112-17084 No Security Update 4.12.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20112-17084 CBL-Mariner Releases 1.0 2026-04-10T01:01:48 <p>Information published.</p> 2.0 2026-04-11T01:10:38 <p>Information published.</p> 3.0 2026-04-11T01:40:44 <p>Information published.</p> Sleuth Kit tsk_recover Path Traversal Mariner VulnCheck Yes CVE-2026-40024 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 20112-17084 21193-17086 20112-17084 21193-17086 Important 20112-17084 Important 21193-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 20112-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 21193-17086 CBL-Mariner Releases 20112-17084 No Security Update 4.12.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20112-17084 CBL-Mariner Releases 1.0 2026-04-10T01:01:54 <p>Information published.</p> 2.0 2026-04-11T01:10:48 <p>Information published.</p> 3.0 2026-04-11T01:40:50 <p>Information published.</p> Vim Ex command injection in Vims NetBeans integration Mariner GitHub_M Yes CVE-2026-39881 Improper Control of Generation of Code ('Code Injection') 21147-17084 21163-17086 21147-17084 21163-17086 Moderate 21147-17084 Moderate 21163-17086 5.0 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N 21147-17084 5.0 4.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N/E:U 21163-17086 CBL-Mariner Releases 21147-17084 No Security Update 9.2.0323-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21147-17084 CBL-Mariner Releases 1.0 2026-04-10T01:01:59 <p>Information published.</p> 2.0 2026-04-11T01:10:54 <p>Information published.</p> 3.0 2026-04-11T01:40:57 <p>Information published.</p> apparmor: fix memory leak in verify_header Mariner Linux Yes CVE-2026-23403 21093-17086 21172-17084 21093-17086 21172-17084 Moderate 21093-17086 Moderate 21172-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21172-17084 CBL-Mariner Releases 21172-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21172-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:07 <p>Information published.</p> 3.0 2026-04-27T14:41:48 <p>Information published.</p> 2.0 2026-04-26T01:03:00 <p>Information published.</p> apparmor: replace recursive profile removal with iterative approach Mariner Linux Yes CVE-2026-23404 21173-17084 21093-17086 21173-17084 21093-17086 Moderate 21173-17084 Moderate 21093-17086 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 21173-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:14 <p>Information published.</p> 3.0 2026-04-27T14:41:54 <p>Information published.</p> 2.0 2026-04-26T01:03:06 <p>Information published.</p> apparmor: fix side-effect bug in match_char() macro usage Mariner Linux Yes CVE-2026-23406 21173-17084 21093-17086 21173-17084 21093-17086 Important 21173-17084 Important 21093-17086 7.8 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 2.0 2026-04-26T01:03:17 <p>Information published.</p> 1.0 2026-04-10T01:02:27 <p>Information published.</p> 3.0 2026-04-29T01:38:51 <p>Information published.</p> apparmor: fix missing bounds check on DEFAULT table in verify_dfa() Mariner Linux Yes CVE-2026-23407 21093-17086 21173-17084 21093-17086 21173-17084 Important 21093-17086 Important 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 2.0 2026-04-26T01:03:22 <p>Information published.</p> 3.0 2026-04-27T14:42:05 <p>Information published.</p> 1.0 2026-04-10T01:02:33 <p>Information published.</p> apparmor: Fix double free of ns_name in aa_replace_profiles() Mariner Linux Yes CVE-2026-23408 21173-17084 21093-17086 21173-17084 21093-17086 Important 21173-17084 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 2.0 2026-04-26T01:03:34 <p>Information published.</p> 3.0 2026-04-27T14:42:17 <p>Information published.</p> 1.0 2026-04-10T01:02:39 <p>Information published.</p> apparmor: fix differential encoding verification Mariner Linux Yes CVE-2026-23409 21173-17084 21093-17086 21173-17084 21093-17086 Moderate 21173-17084 Moderate 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U 21173-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:45 <p>Information published.</p> 2.0 2026-04-26T01:03:39 <p>Information published.</p> 3.0 2026-04-27T14:42:23 <p>Information published.</p> apparmor: fix race on rawdata dereference Mariner Linux Yes CVE-2026-23410 21173-17084 21093-17086 21173-17084 21093-17086 Important 21173-17084 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:51 <p>Information published.</p> 3.0 2026-04-27T14:42:29 <p>Information published.</p> 2.0 2026-04-26T01:03:45 <p>Information published.</p> apparmor: fix race between freeing data and fs accessing it Mariner Linux Yes CVE-2026-23411 21173-17084 21093-17086 21173-17084 21093-17086 Important 21173-17084 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 2.0 2026-04-26T01:03:51 <p>Information published.</p> 3.0 2026-04-27T14:42:34 <p>Information published.</p> 1.0 2026-04-10T01:02:58 <p>Information published.</p> Addressable has a Regular Expression Denial of Service in Addressable templates Mariner GitHub_M Yes CVE-2026-35611 Inefficient Regular Expression Complexity 21174-17084 21175-17086 21174-17084 21175-17086 Important 21174-17084 Important 21175-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21174-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21175-17086 CBL-Mariner Releases 21174-17084 No Security Update 2.9.0-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21174-17084 CBL-Mariner Releases 2.0 2026-04-15T01:43:25 <p>Information published.</p> 1.0 2026-04-11T01:01:39 <p>Information published.</p> Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo Mariner openssl Yes CVE-2026-28389 NULL Pointer Dereference 21250-17084 21266-17084 21168-17084 19805-17086 21154-17084 21176-17084 21059-17084 20963-17084 21110-17084 21123-17084 21185-17086 21192-17084 21217-17084 21267-17084 21259-17084 21249-17084 21370-17084 21250-17084 21266-17084 21168-17084 19805-17086 21154-17084 21176-17084 21059-17084 20963-17084 21110-17084 21123-17084 21185-17086 21192-17084 21217-17084 21267-17084 21259-17084 21249-17084 21370-17084 Moderate 21250-17084 Moderate 21266-17084 Moderate 21168-17084 Moderate 19805-17086 Moderate 21154-17084 Moderate 21176-17084 Moderate 21059-17084 Moderate 20963-17084 Moderate 21110-17084 Moderate 21123-17084 Moderate 21185-17086 Moderate 21192-17084 Moderate 21217-17084 Moderate 21267-17084 Moderate 21259-17084 Moderate 21249-17084 21370-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21250-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21266-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21168-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 19805-17086 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21154-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21176-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21059-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20963-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21110-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21123-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21185-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21192-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21217-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21267-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21259-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21249-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21370-17084 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases CBL-Mariner Releases 21176-17084 21267-17084 No Security Update 20240524git3e722403cd16-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21176-17084 21267-17084 CBL-Mariner Releases CBL-Mariner Releases 21185-17086 No Security Update 1.1.1k-40 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21185-17086 CBL-Mariner Releases 7.0 2026-04-29T14:49:50 <p>Information published.</p> 1.0 2026-04-11T01:02:05 <p>Information published.</p> 2.0 2026-04-12T01:02:02 <p>Information published.</p> 3.0 2026-04-13T14:40:14 <p>Information published.</p> 4.0 2026-04-14T14:45:31 <p>Information published.</p> 4.1 2026-04-15T01:44:54 <p>Information published.</p> 5.0 2026-04-23T14:39:51 <p>Information published.</p> 6.0 2026-04-29T01:38:49 <p>Information published.</p> 8.0 2026-04-30T01:51:05 <p>Information published.</p> 9.0 2026-05-31T01:02:59 <p>Information published.</p> Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo Mariner openssl Yes CVE-2026-28390 NULL Pointer Dereference 21267-17084 21259-17084 21250-17084 21266-17084 21168-17084 19805-17086 21154-17084 21176-17084 21059-17084 20963-17084 21110-17084 21123-17084 21185-17086 21192-17084 21370-17084 21267-17084 21259-17084 21250-17084 21266-17084 21168-17084 19805-17086 21154-17084 21176-17084 21059-17084 20963-17084 21110-17084 21123-17084 21185-17086 21192-17084 21370-17084 Moderate 21267-17084 Moderate 21259-17084 Moderate 21250-17084 Moderate 21266-17084 Moderate 21168-17084 Important 19805-17086 Important 21154-17084 Moderate 21176-17084 Moderate 21059-17084 Moderate 20963-17084 Important 21110-17084 Moderate 21123-17084 Moderate 21185-17086 Moderate 21192-17084 21370-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21267-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21259-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21250-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21266-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21168-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19805-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21154-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21176-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21059-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20963-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21110-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21123-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21185-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21192-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21370-17084 CBL-Mariner Releases 21267-17084 21176-17084 No Security Update 20240524git3e722403cd16-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21267-17084 21176-17084 CBL-Mariner Releases CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases CBL-Mariner Releases 21185-17086 No Security Update 1.1.1k-40 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21185-17086 CBL-Mariner Releases 4.0 2026-04-14T14:45:59 <p>Information published.</p> 5.0 2026-04-15T01:45:23 <p>Information published.</p> 7.0 2026-04-29T01:39:29 <p>Information published.</p> 1.0 2026-04-11T01:02:31 <p>Information published.</p> 2.0 2026-04-12T01:02:07 <p>Information published.</p> 3.0 2026-04-13T14:40:01 <p>Information published.</p> 3.1 2026-04-14T01:44:07 <p>Information published.</p> 6.0 2026-04-23T14:40:06 <p>Information published.</p> 8.0 2026-04-29T14:52:41 <p>Information published.</p> 9.0 2026-04-30T01:52:51 <p>Information published.</p> 10.0 2026-05-31T01:03:34 <p>Information published.</p> OpenTelemetry-Go OTLP HTTP exporters read unbounded HTTP response bodies Mariner GitHub_M Yes CVE-2026-39882 Memory Allocation with Excessive Size Value 21269-17084 21271-17084 21272-17084 21273-17084 21274-17084 21177-17084 20988-17084 20992-17084 20994-17084 21178-17086 21000-17086 21001-17086 21002-17086 20701-17086 21009-17086 21012-17084 21179-17084 21319-17084 21269-17084 21271-17084 21272-17084 21273-17084 21274-17084 21177-17084 20988-17084 20992-17084 20994-17084 21178-17086 21000-17086 21001-17086 21002-17086 20701-17086 21009-17086 21012-17084 21179-17084 21319-17084 Moderate 21269-17084 Moderate 21271-17084 Moderate 21272-17084 Moderate 21273-17084 Moderate 21274-17084 Moderate 21177-17084 Moderate 20988-17084 Moderate 20992-17084 Moderate 20994-17084 Moderate 21178-17086 Moderate 21000-17086 Moderate 21001-17086 Moderate 21002-17086 Moderate 20701-17086 Moderate 21009-17086 Moderate 21012-17084 Moderate 21179-17084 Moderate 21319-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21269-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21271-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21272-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21273-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21274-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21177-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20988-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20992-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20994-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21178-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21000-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21001-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21002-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20701-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21009-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21012-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21179-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21319-17084 CBL-Mariner Releases 21271-17084 20992-17084 No Security Update 0.14.0-11 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21271-17084 20992-17084 CBL-Mariner Releases CBL-Mariner Releases 21272-17084 20994-17084 No Security Update 2.27.0-9 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21272-17084 20994-17084 CBL-Mariner Releases CBL-Mariner Releases 21273-17084 21012-17084 No Security Update 1.7.7-11 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21273-17084 21012-17084 CBL-Mariner Releases CBL-Mariner Releases 21274-17084 No Security Update 25.0.3-17 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21274-17084 CBL-Mariner Releases CBL-Mariner Releases 21177-17084 No Security Update 1.3.0-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21177-17084 CBL-Mariner Releases CBL-Mariner Releases 21179-17084 No Security Update 25.0.3-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21179-17084 CBL-Mariner Releases CBL-Mariner Releases 21319-17084 No Security Update 2.1.6-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21319-17084 CBL-Mariner Releases 7.0 2026-05-12T01:40:31 <p>Information published.</p> 1.0 2026-04-11T01:03:08 <p>Information published.</p> 2.0 2026-04-20T14:38:35 <p>Information published.</p> 3.0 2026-04-23T01:37:50 <p>Information published.</p> 4.0 2026-04-29T14:50:43 <p>Information published.</p> 5.0 2026-05-06T14:51:41 <p>Information published.</p> 6.0 2026-05-11T14:46:38 <p>Information published.</p> Unbounded allocation for old GNU sparse in archive/tar Mariner Go Yes CVE-2026-32288 21276-17084 21278-17084 21274-17084 21280-17084 21186-17086 21187-17086 20989-17084 20688-17086 18315-17084 20519-17086 20387-17086 20997-17084 21113-17084 19792-17086 20701-17086 21116-17084 21117-17086 17793-17084 19712-17086 21179-17084 19693-17084 21188-17086 19668-17086 21189-17084 21021-17084 21203-17084 21206-17084 21276-17084 21278-17084 21274-17084 21280-17084 21186-17086 21187-17086 20989-17084 20688-17086 18315-17084 20519-17086 20387-17086 20997-17084 21113-17084 19792-17086 20701-17086 21116-17084 21117-17086 17793-17084 19712-17086 21179-17084 19693-17084 21188-17086 19668-17086 21189-17084 21021-17084 21203-17084 21206-17084 Moderate 21276-17084 Moderate 21278-17084 Moderate 21274-17084 Moderate 21280-17084 Moderate 21186-17086 Moderate 21187-17086 Moderate 20989-17084 Moderate 20688-17086 Moderate 18315-17084 Moderate 20519-17086 Moderate 20387-17086 Moderate 20997-17084 Moderate 21113-17084 Important 19792-17086 Moderate 20701-17086 Moderate 21116-17084 Moderate 21117-17086 Important 17793-17084 Important 19712-17086 Moderate 21179-17084 Important 19693-17084 Moderate 21188-17086 Important 19668-17086 Moderate 21189-17084 Important 21021-17084 Moderate 21203-17084 Moderate 21206-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21276-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21278-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21274-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21280-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21186-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21187-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20989-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20688-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 18315-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20519-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20387-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20997-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21113-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20701-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21116-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21117-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21179-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21188-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21189-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21203-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21206-17084 CBL-Mariner Releases 21276-17084 20989-17084 No Security Update 1.62.0-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21276-17084 20989-17084 CBL-Mariner Releases CBL-Mariner Releases 21278-17084 No Security Update 2.62.0-15 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21278-17084 CBL-Mariner Releases CBL-Mariner Releases 21274-17084 21179-17084 No Security Update 25.0.3-17 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21274-17084 21179-17084 CBL-Mariner Releases CBL-Mariner Releases 21280-17084 21189-17084 No Security Update 1.14.4-10 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21280-17084 21189-17084 CBL-Mariner Releases CBL-Mariner Releases 20997-17084 No Security Update 2.62.0-14 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20997-17084 CBL-Mariner Releases 3.0 2026-04-15T01:46:07 <p>Information published.</p> 6.0 2026-04-29T14:52:06 <p>Information published.</p> 1.0 2026-04-11T01:06:16 <p>Information published.</p> 2.0 2026-04-14T14:46:32 <p>Information published.</p> 4.0 2026-04-21T01:40:30 <p>Information published.</p> 5.0 2026-04-23T01:38:24 <p>Information published.</p> 7.0 2026-04-30T01:52:26 <p>Information published.</p> Inefficient policy validation in crypto/x509 Mariner Go Yes CVE-2026-32281 20688-17086 20519-17086 18315-17084 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20688-17086 20519-17086 18315-17084 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Moderate 20688-17086 Moderate 20519-17086 Moderate 18315-17084 Moderate 20387-17086 Moderate 21113-17084 Moderate 21116-17084 Moderate 21117-17086 Important 19712-17086 Important 19693-17084 Important 19668-17086 Important 21021-17084 Moderate 21203-17084 Moderate 21206-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20688-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20519-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 18315-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20387-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21113-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21116-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21117-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21203-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21206-17084 3.0 2026-04-15T01:46:32 <p>Information published.</p> 1.0 2026-04-11T01:06:47 <p>Information published.</p> 2.0 2026-04-14T14:47:11 <p>Information published.</p> 4.0 2026-04-30T01:51:24 <p>Information published.</p> JsBraceDepth Context Tracking Bugs (XSS) in html/template Mariner Go Yes CVE-2026-32289 20688-17086 18315-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20688-17086 18315-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Moderate 20688-17086 Moderate 18315-17084 Moderate 20519-17086 Moderate 20387-17086 Moderate 21113-17084 Moderate 21116-17084 Moderate 21117-17086 Moderate 19712-17086 Moderate 19693-17084 Moderate 19668-17086 Moderate 21021-17084 Moderate 21203-17084 Moderate 21206-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 20688-17086 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 18315-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 20519-17086 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 20387-17086 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21113-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21116-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21117-17086 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21203-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21206-17084 1.0 2026-04-11T01:07:20 <p>Information published.</p> 2.0 2026-04-14T14:46:40 <p>Information published.</p> 3.0 2026-04-30T01:51:54 <p>Information published.</p> Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls Mariner Go Yes CVE-2026-32283 20688-17086 18315-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20688-17086 18315-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Moderate 20688-17086 Moderate 18315-17084 Moderate 20519-17086 Moderate 20387-17086 Moderate 21113-17084 Moderate 21116-17084 Moderate 21117-17086 Important 19712-17086 Important 19693-17084 Important 19668-17086 Important 21021-17084 Moderate 21203-17084 Moderate 21206-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20688-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 18315-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20519-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20387-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21113-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21116-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21117-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21203-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21206-17084 3.0 2026-04-15T01:47:16 <p>Information published.</p> 1.0 2026-04-11T01:07:52 <p>Information published.</p> 2.0 2026-04-14T14:46:48 <p>Information published.</p> 4.0 2026-04-30T01:52:10 <p>Information published.</p> Unexpected work during chain building in crypto/x509 Mariner Go Yes CVE-2026-32280 20688-17086 20519-17086 18315-17084 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20688-17086 20519-17086 18315-17084 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Important 20688-17086 Important 20519-17086 Important 18315-17084 Important 20387-17086 Important 21113-17084 Important 21116-17084 Important 21117-17086 Important 19712-17086 Important 19693-17084 Important 19668-17086 Important 21021-17084 Important 21203-17084 Important 21206-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20688-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20519-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18315-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20387-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21113-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21116-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21117-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19712-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19693-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19668-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21021-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21203-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21206-17084 3.0 2026-04-15T01:47:43 <p>Information published.</p> 1.0 2026-04-11T01:08:24 <p>Information published.</p> 2.0 2026-04-14T14:46:55 <p>Information published.</p> Missing bound checks can lead to memory corruption in safe Go in cmd/compile Mariner Go Yes CVE-2026-27143 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Critical 20519-17086 Critical 20387-17086 Critical 21113-17084 Critical 21116-17084 Critical 21117-17086 Critical 19712-17086 Critical 19693-17084 Critical 19668-17086 Critical 21021-17084 Critical 21203-17084 Critical 21206-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 20519-17086 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 20387-17086 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21113-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21116-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21117-17086 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21203-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21206-17084 1.0 2026-04-11T01:09:42 <p>Information published.</p> 2.0 2026-04-14T14:47:19 <p>Information published.</p> 3.0 2026-04-15T01:48:42 <p>Information published.</p> Code execution vulnerability in SWIG code generation in cmd/go Mariner Go Yes CVE-2026-27140 21206-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 Critical 21206-17084 Critical 20519-17086 Critical 20387-17086 Critical 21113-17084 Critical 21116-17084 Critical 21117-17086 Critical 19712-17086 Critical 19693-17084 Critical 19668-17086 Critical 21021-17084 Critical 21203-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21206-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 20519-17086 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 20387-17086 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21113-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21116-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21117-17086 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21203-17084 1.0 2026-04-11T01:10:08 <p>Information published.</p> 2.0 2026-04-14T14:47:03 <p>Information published.</p> 3.0 2026-04-15T01:49:03 <p>Information published.</p> Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass Mariner apache Yes CVE-2026-34477 Improper Validation of Certificate with Host Mismatch 21194-17084 21194-17084 Moderate 21194-17084 1.0 2026-04-13T01:09:45 <p>Information published.</p> 2.0 2026-04-13T14:41:08 <p>Information published.</p> 3.0 2026-04-30T01:53:25 <p>Information published.</p> In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs. Mariner mitre Yes CVE-2026-40386 Integer Underflow (Wrap or Wraparound) 21198-17084 21283-17084 21131-17086 21198-17084 21283-17084 21131-17086 Moderate 21198-17084 Moderate 21283-17084 Moderate 21131-17086 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21198-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21283-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21131-17086 CBL-Mariner Releases 21198-17084 21283-17084 21131-17086 No Security Update 0.6.24-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21198-17084 21283-17084 21131-17086 CBL-Mariner Releases 1.0 2026-04-14T01:01:20 <p>Information published.</p> 4.0 2026-04-15T14:45:23 <p>Information published.</p> 5.0 2026-04-29T14:54:15 <p>Information published.</p> 2.0 2026-04-14T14:48:00 <p>Information published.</p> 3.0 2026-04-15T01:01:34 <p>Information published.</p> net/x25: Fix overflow when accumulating packets Mariner Linux Yes CVE-2026-31417 21094-17084 21094-17084 Important 21094-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-18T14:39:51 <p>Information published.</p> 3.0 2026-04-29T14:55:26 <p>Information published.</p> 1.0 2026-04-14T01:01:54 <p>Information published.</p> net/sched: cls_flow: fix NULL pointer dereference on shared blocks Mariner Linux Yes CVE-2026-31422 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:55:40 <p>Information published.</p> 1.0 2026-04-14T01:01:59 <p>Information published.</p> 2.0 2026-04-18T14:39:57 <p>Information published.</p> netfilter: nf_conntrack_expect: use expect->helper Mariner Linux Yes CVE-2026-31414 21094-17084 21094-17084 Important 21094-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-14T01:02:05 <p>Information published.</p> 2.0 2026-04-18T14:40:04 <p>Information published.</p> 3.0 2026-04-29T14:55:55 <p>Information published.</p> ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() Mariner Linux Yes CVE-2026-31426 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-14T01:02:16 <p>Information published.</p> 2.0 2026-04-18T14:40:18 <p>Information published.</p> 3.0 2026-04-29T14:56:24 <p>Information published.</p> bridge: mrp: reject zero test interval to avoid OOM panic Mariner Linux Yes CVE-2026-31420 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 2.0 2026-04-29T14:56:49 <p>Information published.</p> 1.0 2026-04-14T01:02:27 <p>Information published.</p> 3.0 2026-04-30T01:53:33 <p>Information published.</p> OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS Mariner wolfSSL Yes CVE-2026-5393 Out-of-bounds Read 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:02:08 <p>Information published.</p> 2.0 2026-04-30T01:53:42 <p>Information published.</p> Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass Mariner wolfSSL Yes CVE-2026-5500 Improper Input Validation 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:02:16 <p>Information published.</p> PKCS7 CBC Padding Oracle — Plaintext Recovery Mariner wolfSSL Yes CVE-2026-5504 Improper Validation of Integrity Check Value 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:02:25 <p>Information published.</p> 2.0 2026-04-30T01:53:50 <p>Information published.</p> Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates Mariner wolfSSL Yes CVE-2026-5501 Improper Certificate Validation 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:02:42 <p>Information published.</p> Session Cache Restore — Arbitrary Free via Deserialized Pointer Mariner wolfSSL Yes CVE-2026-5507 Deserialization of Untrusted Data 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:02:51 <p>Information published.</p> 2.0 2026-04-30T01:53:59 <p>Information published.</p> Prefix-substitution forgery via integer overflow in wolfCrypt CMAC Mariner wolfSSL Yes CVE-2026-5477 Integer Overflow or Wraparound 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:03:08 <p>Information published.</p> wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag Mariner wolfSSL Yes CVE-2026-5479 Improper Validation of Integrity Check Value 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:03:16 <p>Information published.</p> out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName Mariner wolfSSL Yes CVE-2026-5503 Out-of-bounds Write 21054-17084 21143-17086 21054-17084 21143-17086 Moderate 21054-17084 Moderate 21143-17086 1.0 2026-04-15T01:03:24 <p>Information published.</p> 2.0 2026-04-30T01:54:08 <p>Information published.</p> Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID Mariner wolfSSL Yes CVE-2026-5295 Stack-based Buffer Overflow 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:03:41 <p>Information published.</p> 2.0 2026-04-30T01:54:16 <p>Information published.</p> Integer underflow in X.509 SAN parsing in wolfSSL Mariner wolfSSL Yes CVE-2026-5188 Integer Underflow (Wrap or Wraparound) 21054-17084 21143-17086 21054-17084 21143-17086 Low 21054-17084 Low 21143-17086 1.0 2026-04-15T01:03:50 <p>Information published.</p> 2.0 2026-04-30T01:54:25 <p>Information published.</p> Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier Mariner wolfSSL Yes CVE-2026-5447 Heap-based Buffer Overflow 21054-17084 21143-17086 21054-17084 21143-17086 Moderate 21054-17084 Moderate 21143-17086 1.0 2026-04-15T01:04:06 <p>Information published.</p> 2.0 2026-04-30T01:38:49 <p>Information published.</p> MatchDomainName 1-Byte Stack Buffer Over-Read in Hostname Validation Mariner wolfSSL Yes CVE-2026-5772 Buffer Over-read 21054-17084 21143-17086 21054-17084 21143-17086 Low 21054-17084 Low 21143-17086 1.0 2026-04-15T01:04:15 <p>Information published.</p> 2.0 2026-04-30T01:39:09 <p>Information published.</p> URI nameConstraints not enforced in ConfirmNameConstraints() Mariner wolfSSL Yes CVE-2026-5263 Improper Certificate Validation 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:04:31 <p>Information published.</p> wolfSSL heap OOB read in PKCS7 SignedData streaming Mariner wolfSSL Yes CVE-2026-5392 Out-of-bounds Read 21143-17086 21054-17084 21143-17086 21054-17084 Low 21143-17086 Low 21054-17084 1.0 2026-04-15T01:04:39 <p>Information published.</p> 2.0 2026-04-30T01:41:19 <p>Information published.</p> 3.0 2026-04-30T14:38:10 <p>Information published.</p> HTTP client proxy tunnel headers not validated for CR/LF Mariner PSF Yes CVE-2026-1502 20937-17086 21021-17084 21100-17084 20937-17086 21021-17084 21100-17084 Moderate 20937-17086 Moderate 21021-17084 Moderate 21100-17084 CBL-Mariner Releases 21100-17084 No Security Update 3.12.9-11 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21100-17084 CBL-Mariner Releases 1.0 2026-04-15T01:04:59 <p>Information published.</p> 2.0 2026-04-30T01:40:12 <p>Information published.</p> 3.0 2026-05-26T01:41:55 <p>Information published.</p> Discount has an Out-of-bounds Read in rdiscount Mariner GitHub_M Yes CVE-2026-35201 Out-of-bounds Read 21089-17086 21088-17084 21089-17086 21088-17084 Moderate 21089-17086 Moderate 21088-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21089-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21088-17084 CBL-Mariner Releases 21089-17086 No Security Update 2.2.0.2-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21089-17086 CBL-Mariner Releases CBL-Mariner Releases 21088-17084 No Security Update 2.2.7.4-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21088-17084 CBL-Mariner Releases 1.0 2026-04-15T01:05:07 <p>Information published.</p> 3.0 2026-04-17T01:40:21 <p>Information published.</p> 2.0 2026-04-15T14:46:03 <p>Information published.</p> Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout Mariner apache Yes CVE-2026-34481 Improper Encoding or Escaping of Output 21194-17084 21194-17084 Low 21194-17084 1.0 2026-04-15T01:05:12 <p>Information published.</p> 1.1 2026-04-17T14:39:37 <p>Information published.</p> 2.0 2026-04-30T01:40:26 <p>Information published.</p> Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters Mariner apache Yes CVE-2026-34479 Improper Encoding or Escaping of Output 21194-17084 21194-17084 Low 21194-17084 1.0 2026-04-15T01:05:18 <p>Information published.</p> 1.1 2026-04-17T14:39:42 <p>Information published.</p> 2.0 2026-04-30T01:40:38 <p>Information published.</p> Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters Mariner apache Yes CVE-2026-34480 Improper Encoding or Escaping of Output 21194-17084 21194-17084 Moderate 21194-17084 1.0 2026-04-15T01:05:23 <p>Information published.</p> 2.0 2026-04-30T01:40:51 <p>Information published.</p> Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain Mariner GitHub_M Yes CVE-2026-40175 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') 19693-17084 19693-17084 Critical 19693-17084 10.0 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 19693-17084 1.0 2026-04-15T01:05:29 <p>Information published.</p> Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF Mariner GitHub_M Yes CVE-2025-62718 Unintended Proxy or Intermediary ('Confused Deputy') 19693-17084 19693-17084 Critical 19693-17084 1.0 2026-04-15T01:05:34 <p>Information published.</p> jq: Integer overflow in jvp_string_append() allows Heap-based Buffer Overflow Mariner GitHub_M Yes CVE-2026-32316 Heap-based Buffer Overflow 20607-17086 19612-17084 20607-17086 19612-17084 Important 20607-17086 Important 19612-17084 8.2 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 20607-17086 8.2 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 19612-17084 CBL-Mariner Releases 20607-17086 No Security Update 1.6-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20607-17086 CBL-Mariner Releases CBL-Mariner Releases 19612-17084 No Security Update 1.7.1-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19612-17084 CBL-Mariner Releases 1.0 2026-04-17T01:01:17 <p>Information published.</p> 2.0 2026-04-18T14:40:46 <p>Information published.</p> 3.0 2026-04-24T14:39:51 <p>Information published.</p> jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted() Mariner GitHub_M Yes CVE-2026-33947 Uncontrolled Recursion 20607-17086 19612-17084 20607-17086 19612-17084 Moderate 20607-17086 Moderate 19612-17084 6.2 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20607-17086 6.2 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19612-17084 CBL-Mariner Releases 20607-17086 No Security Update 1.6-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20607-17086 CBL-Mariner Releases CBL-Mariner Releases 19612-17084 No Security Update 1.7.1-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19612-17084 CBL-Mariner Releases 1.0 2026-04-17T01:01:26 <p>Information published.</p> 2.0 2026-04-18T14:40:53 <p>Information published.</p> 3.0 2026-04-24T14:39:58 <p>Information published.</p> jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers Mariner GitHub_M Yes CVE-2026-39979 Out-of-bounds Read 20607-17086 19612-17084 20607-17086 19612-17084 Moderate 20607-17086 Moderate 19612-17084 CBL-Mariner Releases 20607-17086 No Security Update 1.6-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20607-17086 CBL-Mariner Releases CBL-Mariner Releases 19612-17084 No Security Update 1.7.1-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19612-17084 CBL-Mariner Releases 1.0 2026-04-17T01:01:42 <p>Information published.</p> 2.0 2026-04-18T14:41:07 <p>Information published.</p> 3.0 2026-04-24T14:40:12 <p>Information published.</p> In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable. Mariner mitre Yes CVE-2026-41035 Improper Handling of Length Parameter Inconsistency 20732-17084 20706-17086 20732-17084 20706-17086 Important 20732-17084 Important 20706-17086 7.4 7.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 20732-17084 7.4 7.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 20706-17086 CBL-Mariner Releases 20732-17084 No Security Update 3.4.3-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20732-17084 CBL-Mariner Releases 1.0 2026-04-17T01:02:04 <p>Information published.</p> 3.0 2026-05-23T01:39:39 <p>Information published.</p> 2.0 2026-04-18T01:01:55 <p>Information published.</p> SymCrypt SymCryptXmssSign function - Heap overflow via 64->32-bit leaf-count truncation Mariner GitHub_M Yes CVE-2026-35199 Heap-based Buffer Overflow 21216-17084 21216-17084 Moderate 21216-17084 6.1 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 21216-17084 1.0 2026-04-17T01:02:11 <p>Information published.</p> Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows Mariner redhat Yes CVE-2025-14821 Uncontrolled Search Path Element 20695-17086 21209-17084 20695-17086 21209-17084 Important 20695-17086 Important 21209-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 20695-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21209-17084 1.0 2026-04-17T01:02:27 <p>Information published.</p> 2.0 2026-04-22T01:46:10 <p>Information published.</p> Prometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorer Mariner GitHub_M Yes CVE-2026-40179 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 21009-17086 21009-17086 Moderate 21009-17086 1.0 2026-04-17T01:02:33 <p>Information published.</p> @adonisjs/http-server has an Open Redirect vulnerability Mariner GitHub_M Yes CVE-2026-40255 URL Redirection to Untrusted Site ('Open Redirect') 21220-17084 21220-17084 Moderate 21220-17084 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 21220-17084 1.0 2026-04-18T01:01:32 <p>Information published.</p> Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting (XSS) due to improper ordering of URL validation and normalization. The renderer validates link destinations using a prefix-based check (IsDangerousURL) before resolving HTML entities. This allows an attacker to bypass protocol filtering by encoding dangerous schemes using HTML5 named character references. For example, a payload such as javascript&colon;alert(1) is not recognized as dangerous during validation, leading to arbitrary script execution in the context of applications that render the URL. Mariner snyk Yes CVE-2026-5160 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 21224-17086 21127-17084 21278-17084 21258-17084 20997-17084 21126-17086 21224-17086 21127-17084 21278-17084 21258-17084 20997-17084 21126-17086 Moderate 21224-17086 Moderate 21127-17084 Moderate 21278-17084 Moderate 21258-17084 Moderate 20997-17084 Moderate 21126-17086 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 21224-17086 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 21127-17084 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 21278-17084 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 21258-17084 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 20997-17084 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 21126-17086 CBL-Mariner Releases 21127-17084 21258-17084 No Security Update 1.31.0-19 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21127-17084 21258-17084 CBL-Mariner Releases CBL-Mariner Releases 21278-17084 20997-17084 No Security Update 2.62.0-15 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21278-17084 20997-17084 CBL-Mariner Releases 1.0 2026-04-19T01:01:39 <p>Information published.</p> 3.0 2026-04-22T14:39:10 <p>Information published.</p> 4.0 2026-04-23T01:38:56 <p>Information published.</p> 2.0 2026-04-20T14:39:30 <p>Information published.</p> 5.0 2026-04-29T14:58:47 <p>Information published.</p> Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure Mariner PSF Yes CVE-2026-6100 Use After Free 21100-17084 21100-17084 Important 21100-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21100-17084 1.0 2026-04-19T01:01:45 <p>Information published.</p> 2.0 2026-04-20T14:39:35 <p>Information published.</p> Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open() Mariner PSF Yes CVE-2026-4786 Improper Neutralization of Special Elements used in a Command ('Command Injection') 21100-17084 21021-17084 21100-17084 21021-17084 Important 21100-17084 Important 21021-17084 3.0 2026-04-22T01:37:33 <p>Information published.</p> 1.0 2026-04-19T01:01:53 <p>Information published.</p> 2.0 2026-04-20T14:39:43 <p>Information published.</p> Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. Mariner mitre Yes CVE-2026-41254 Incorrect Behavior Order 21287-17084 21225-17086 21226-17084 21287-17084 21225-17086 21226-17084 Moderate 21287-17084 Moderate 21225-17086 Moderate 21226-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21287-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21225-17086 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21226-17084 CBL-Mariner Releases 21287-17084 21226-17084 No Security Update 2.15-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21287-17084 21226-17084 CBL-Mariner Releases 2.0 2026-04-29T01:41:27 <p>Information published.</p> 1.0 2026-04-21T01:01:24 <p>Information published.</p> 3.0 2026-04-29T14:59:03 <p>Information published.</p> Static buffer overflow in deprecated nis_local_principal Mariner glibc Yes CVE-2026-5358 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 21140-17084 20935-17086 21140-17084 20935-17086 Moderate 21140-17084 Moderate 20935-17086 4.3 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 21140-17084 4.3 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 20935-17086 1.0 2026-04-22T01:01:24 <p>Information published.</p> 2.0 2026-04-23T01:01:23 <p>Information published.</p> scanf %mc off-by-one heap buffer overflow Mariner glibc Yes CVE-2026-5450 Heap-based Buffer Overflow 21140-17084 20935-17086 21140-17084 20935-17086 Low 21140-17084 Critical 20935-17086 3.1 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L 21140-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 20935-17086 2.0 2026-04-25T01:04:16 <p>Information published.</p> 1.0 2026-04-22T01:01:30 <p>Information published.</p> X.509: Fix out-of-bounds access when parsing extensions Mariner Linux Yes CVE-2026-31430 21094-17084 21248-17084 21094-17084 21248-17084 Important 21094-17084 Important 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-29T14:59:13 <p>Information published.</p> 1.0 2026-04-22T01:01:36 <p>Information published.</p> 3.0 2026-05-01T14:38:42 <p>Information published.</p> net: skb: fix cross-cache free of KFENCE-allocated skb head Mariner Linux Yes CVE-2026-31429 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21248-17084 2.0 2026-04-29T14:59:24 <p>Information published.</p> 1.0 2026-04-22T01:01:41 <p>Information published.</p> 3.0 2026-04-30T01:41:58 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34278 Uncontrolled Resource Consumption 21155-17086 21156-17084 21155-17086 21156-17084 Moderate 21155-17086 Moderate 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 CBL-Mariner Releases 21155-17086 21156-17084 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21155-17086 21156-17084 CBL-Mariner Releases 1.0 2026-04-23T01:01:34 <p>Information published.</p> 2.0 2026-04-24T01:04:02 <p>Information published.</p> 3.0 2026-04-24T14:40:47 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-21998 Uncontrolled Resource Consumption 21155-17086 21156-17084 21155-17086 21156-17084 Moderate 21155-17086 Moderate 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 CBL-Mariner Releases 21155-17086 21156-17084 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21155-17086 21156-17084 CBL-Mariner Releases 1.0 2026-04-23T01:01:45 <p>Information published.</p> 2.0 2026-04-24T01:03:00 <p>Information published.</p> 3.0 2026-04-24T14:41:09 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-35237 Improper Access Control 21155-17086 21156-17084 21155-17086 21156-17084 Moderate 21155-17086 Moderate 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 CBL-Mariner Releases 21155-17086 21156-17084 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21155-17086 21156-17084 CBL-Mariner Releases 2.0 2026-04-24T01:04:33 <p>Information published.</p> 1.0 2026-04-23T01:01:51 <p>Information published.</p> 3.0 2026-04-24T14:41:20 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-22009 Uncontrolled Resource Consumption 21155-17086 21156-17084 21155-17086 21156-17084 Moderate 21155-17086 Moderate 21156-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21155-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21156-17084 CBL-Mariner Releases 21155-17086 21156-17084 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21155-17086 21156-17084 CBL-Mariner Releases 1.0 2026-04-23T01:01:56 <p>Information published.</p> 2.0 2026-04-24T01:03:26 <p>Information published.</p> 3.0 2026-04-24T14:41:31 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34270 Uncontrolled Resource Consumption 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21156-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:02:02 <p>Information published.</p> 2.0 2026-04-24T01:03:47 <p>Information published.</p> 3.0 2026-04-24T14:41:42 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34293 Uncontrolled Resource Consumption 21155-17086 21156-17084 21155-17086 21156-17084 Moderate 21155-17086 Moderate 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 CBL-Mariner Releases 21155-17086 21156-17084 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21155-17086 21156-17084 CBL-Mariner Releases 1.0 2026-04-23T01:02:07 <p>Information published.</p> 2.0 2026-04-24T01:04:07 <p>Information published.</p> 3.0 2026-04-24T14:41:53 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-22002 Uncontrolled Resource Consumption 21155-17086 21156-17084 21155-17086 21156-17084 Moderate 21155-17086 Moderate 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 CBL-Mariner Releases 21155-17086 21156-17084 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21155-17086 21156-17084 CBL-Mariner Releases 2.0 2026-04-24T01:03:11 <p>Information published.</p> 3.0 2026-04-24T14:42:15 <p>Information published.</p> 1.0 2026-04-23T01:02:18 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-22017 Uncontrolled Resource Consumption 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21156-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 3.0 2026-04-24T14:42:26 <p>Information published.</p> 1.0 2026-04-23T01:02:24 <p>Information published.</p> 2.0 2026-04-24T01:03:37 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34303 Uncontrolled Resource Consumption 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21156-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:02:40 <p>Information published.</p> 2.0 2026-04-24T01:04:12 <p>Information published.</p> 3.0 2026-04-24T14:42:59 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34308 Uncontrolled Resource Consumption 21155-17086 21156-17084 21155-17086 21156-17084 Moderate 21155-17086 Moderate 21156-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21155-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21156-17084 CBL-Mariner Releases 21155-17086 21156-17084 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21155-17086 21156-17084 CBL-Mariner Releases 1.0 2026-04-23T01:02:46 <p>Information published.</p> 2.0 2026-04-24T01:04:23 <p>Information published.</p> 3.0 2026-04-24T14:43:14 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34304 Uncontrolled Resource Consumption 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:02:51 <p>Information published.</p> 2.0 2026-04-24T01:04:18 <p>Information published.</p> 3.0 2026-04-24T14:43:25 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34276 Uncontrolled Resource Consumption 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21156-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 2.0 2026-04-24T01:03:57 <p>Information published.</p> 1.0 2026-04-23T01:02:57 <p>Information published.</p> 3.0 2026-04-24T14:43:36 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-22004 Uncontrolled Resource Consumption 21155-17086 21156-17084 21155-17086 21156-17084 Moderate 21155-17086 Moderate 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 CBL-Mariner Releases 21155-17086 21156-17084 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21155-17086 21156-17084 CBL-Mariner Releases 1.0 2026-04-23T01:03:08 <p>Information published.</p> 2.0 2026-04-24T01:03:16 <p>Information published.</p> 3.0 2026-04-24T14:43:58 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). Mariner oracle Yes CVE-2026-22001 Exposure of Sensitive Information to an Unauthorized Actor 21156-17084 21155-17086 21156-17084 21155-17086 Low 21156-17084 Low 21155-17086 2.7 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 21156-17084 2.7 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:03:03 <p>Information published.</p> 3.0 2026-04-24T14:43:47 <p>Information published.</p> 2.0 2026-04-24T01:03:06 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-35240 Improper Access Control 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:03:19 <p>Information published.</p> 2.0 2026-04-24T01:04:48 <p>Information published.</p> 3.0 2026-04-24T14:44:20 <p>Information published.</p> Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-35236 Improper Access Control 21156-17084 21155-17086 21156-17084 21155-17086 Moderate 21156-17084 Moderate 21155-17086 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21156-17084 4.9 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21155-17086 CBL-Mariner Releases 21156-17084 21155-17086 No Security Update 8.0.46-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21156-17084 21155-17086 CBL-Mariner Releases 1.0 2026-04-23T01:03:25 <p>Information published.</p> 2.0 2026-04-24T01:04:28 <p>Information published.</p> 3.0 2026-04-24T14:44:31 <p>Information published.</p> In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path (stat, readdir, open) when processing a security descriptor with multiple ACCESS_DENIED ACEs containing WRITE_OWNER from distinct group SIDs. Mariner mitre Yes CVE-2026-40706 Heap-based Buffer Overflow 18117-17084 20129-17086 18117-17084 20129-17086 Important 18117-17084 Important 20129-17086 8.4 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 18117-17084 8.4 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 20129-17086 CBL-Mariner Releases 18117-17084 20129-17086 No Security Update 2022.10.3-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 18117-17084 20129-17086 CBL-Mariner Releases 1.0 2026-04-23T01:03:37 <p>Information published.</p> 2.0 2026-04-24T01:04:53 <p>Information published.</p> 3.0 2026-04-24T14:45:04 <p>Information published.</p> pip doesn't reject concatenated ZIP and tar archives Mariner PSF Yes CVE-2026-3219 20965-17084 21144-17084 21100-17084 21139-17086 21021-17084 20937-17086 20965-17084 21144-17084 21100-17084 21139-17086 21021-17084 20937-17086 Moderate 20965-17084 Moderate 21144-17084 Moderate 21100-17084 Moderate 21139-17086 Moderate 21021-17084 Moderate 20937-17086 CBL-Mariner Releases 20965-17084 No Security Update 24.2-7 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20965-17084 CBL-Mariner Releases CBL-Mariner Releases 21144-17084 No Security Update 20.36.1-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21144-17084 CBL-Mariner Releases 4.0 2026-05-11T14:40:21 <p>Information published.</p> 5.0 2026-05-19T01:39:29 <p>Information published.</p> 1.0 2026-04-23T01:03:56 <p>Information published.</p> 2.0 2026-04-30T01:49:55 <p>Information published.</p> 3.0 2026-05-08T01:40:39 <p>Information published.</p> github.com/gomarkdown/markdown: Out-of-bounds Read in SmartypantsRenderer Mariner GitHub_M Yes CVE-2026-40890 Out-of-bounds Read 21187-17086 21187-17086 Important 21187-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21187-17086 CBL-Mariner Releases 21187-17086 No Security Update 1.22.3-21 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21187-17086 CBL-Mariner Releases 1.0 2026-04-23T01:04:01 <p>Information published.</p> 2.0 2026-04-24T14:44:48 <p>Information published.</p> HID: asus: avoid memory leak in asus_report_fixup() Mariner Linux Yes CVE-2026-31524 21093-17086 21094-17084 21093-17086 21094-17084 Moderate 21093-17086 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:04:07 <p>Information published.</p> 2.0 2026-04-23T14:42:09 <p>Information published.</p> 3.0 2026-04-29T14:59:44 <p>Information published.</p> 4.0 2026-04-30T01:04:37 <p>Information published.</p> hwmon: (pmbus/core) Protect regulator operations with mutex Mariner Linux Yes CVE-2026-31486 21248-17084 21332-17084 21094-17084 21093-17086 21308-17084 21344-17084 21248-17084 21332-17084 21094-17084 21093-17086 21308-17084 21344-17084 Moderate 21248-17084 Moderate 21332-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21308-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 3.0 2026-04-29T14:59:51 <p>Information published.</p> 6.0 2026-05-11T01:49:08 <p>Information published.</p> 1.0 2026-04-23T01:04:13 <p>Information published.</p> 2.0 2026-04-23T14:42:15 <p>Information published.</p> 4.0 2026-04-30T01:04:52 <p>Information published.</p> 5.0 2026-05-06T14:52:27 <p>Information published.</p> 7.0 2026-05-17T14:50:14 <p>Information published.</p> spi: use generic driver_override infrastructure Mariner Linux Yes CVE-2026-31487 21248-17084 21332-17084 21094-17084 21093-17086 21308-17084 21344-17084 21248-17084 21332-17084 21094-17084 21093-17086 21308-17084 21344-17084 Important 21248-17084 Important 21332-17084 Important 21094-17084 Moderate 21093-17086 Important 21308-17084 Moderate 21344-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21332-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-23T01:04:18 <p>Information published.</p> 3.0 2026-04-29T14:59:58 <p>Information published.</p> 4.0 2026-04-30T01:05:08 <p>Information published.</p> 7.1 2026-05-22T01:39:00 <p>Information published.</p> 2.0 2026-04-23T14:42:20 <p>Information published.</p> 5.0 2026-05-06T14:52:35 <p>Information published.</p> 6.0 2026-05-11T01:49:16 <p>Information published.</p> 7.0 2026-05-17T14:50:22 <p>Information published.</p> netfilter: nf_conntrack_expect: skip expectations in other netns via proc Mariner Linux Yes CVE-2026-31496 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T15:00:08 <p>Information published.</p> 1.0 2026-04-23T01:04:24 <p>Information published.</p> 2.0 2026-04-23T14:42:25 <p>Information published.</p> 4.0 2026-04-30T01:05:23 <p>Information published.</p> af_key: validate families in pfkey_send_migrate() Mariner Linux Yes CVE-2026-31515 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T15:00:17 <p>Information published.</p> 1.0 2026-04-23T01:04:29 <p>Information published.</p> 2.0 2026-04-23T14:42:30 <p>Information published.</p> 4.0 2026-04-30T01:05:39 <p>Information published.</p> xfrm: prevent policy_hthresh.work from racing with netns teardown Mariner Linux Yes CVE-2026-31516 21094-17084 21308-17084 21248-17084 21093-17086 21332-17084 21344-17084 21094-17084 21308-17084 21248-17084 21093-17086 21332-17084 21344-17084 Important 21094-17084 Important 21308-17084 Important 21248-17084 Important 21093-17086 Important 21332-17084 Moderate 21344-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21308-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21332-17084 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21344-17084 1.0 2026-04-23T01:04:52 <p>Information published.</p> 6.0 2026-05-11T01:49:25 <p>Information published.</p> 7.1 2026-05-22T01:39:09 <p>Information published.</p> 2.0 2026-04-23T14:42:50 <p>Information published.</p> 3.0 2026-04-29T15:00:53 <p>Information published.</p> 4.0 2026-04-30T01:06:15 <p>Information published.</p> 5.0 2026-05-06T14:52:42 <p>Information published.</p> 7.0 2026-05-17T14:50:30 <p>Information published.</p> drm/amd/display: Do not skip unrelated mode changes in DSC validation Mariner Linux Yes CVE-2026-31488 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H 21248-17084 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H 21308-17084 6.3 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H 21332-17084 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21344-17084 3.0 2026-04-29T15:00:59 <p>Information published.</p> 5.0 2026-05-11T01:49:33 <p>Information published.</p> 6.1 2026-05-22T01:39:18 <p>Information published.</p> 1.0 2026-04-23T01:04:57 <p>Information published.</p> 2.0 2026-04-23T14:42:55 <p>Information published.</p> 4.0 2026-05-06T14:52:49 <p>Information published.</p> 6.0 2026-05-17T14:50:39 <p>Information published.</p> driver core: platform: use generic driver_override infrastructure Mariner Linux Yes CVE-2026-31527 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Important 21094-17084 Important 21248-17084 Important 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 1.0 2026-04-23T01:05:03 <p>Information published.</p> 2.0 2026-04-23T14:43:00 <p>Information published.</p> 3.0 2026-04-29T15:01:07 <p>Information published.</p> 4.0 2026-04-30T01:06:35 <p>Information published.</p> 5.0 2026-04-30T01:43:00 <p>Information published.</p> net: bcmasp: fix double free of WoL irq Mariner Linux Yes CVE-2026-31506 21248-17084 21332-17084 21094-17084 21308-17084 21344-17084 21248-17084 21332-17084 21094-17084 21308-17084 21344-17084 Important 21248-17084 Important 21332-17084 Important 21094-17084 Important 21308-17084 Moderate 21344-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21332-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21308-17084 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 21344-17084 3.0 2026-04-29T15:01:13 <p>Information published.</p> 1.0 2026-04-23T01:05:08 <p>Information published.</p> 2.0 2026-04-23T14:43:05 <p>Information published.</p> 4.0 2026-05-06T14:52:57 <p>Information published.</p> 5.0 2026-05-11T01:49:41 <p>Information published.</p> 6.0 2026-05-17T14:50:47 <p>Information published.</p> 6.1 2026-05-22T01:39:27 <p>Information published.</p> mm/damon/sysfs: check contexts->nr before accessing contexts_arr[0] Mariner Linux Yes CVE-2026-31458 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T15:01:29 <p>Information published.</p> 1.0 2026-04-23T01:05:19 <p>Information published.</p> 2.0 2026-04-23T14:43:16 <p>Information published.</p> net: fix fanout UAF in packet_release() via NETDEV_UP race Mariner Linux Yes CVE-2026-31504 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Important 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T15:01:36 <p>Information published.</p> 4.0 2026-04-30T01:07:11 <p>Information published.</p> 1.0 2026-04-23T01:05:25 <p>Information published.</p> 2.0 2026-04-23T14:43:21 <p>Information published.</p> drm/amdgpu: prevent immediate PASID reuse case Mariner Linux Yes CVE-2026-31462 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 3.0 2026-04-29T15:01:42 <p>Information published.</p> 5.0 2026-05-11T01:49:50 <p>Information published.</p> 1.0 2026-04-23T01:05:30 <p>Information published.</p> 2.0 2026-04-23T14:43:26 <p>Information published.</p> 4.0 2026-05-06T14:37:42 <p>Information published.</p> 6.0 2026-05-17T14:50:55 <p>Information published.</p> nvme-pci: ensure we're polling a polled queue Mariner Linux Yes CVE-2026-31523 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:05:36 <p>Information published.</p> 2.0 2026-04-23T14:43:31 <p>Information published.</p> 3.0 2026-04-29T15:01:50 <p>Information published.</p> 4.0 2026-04-30T01:07:37 <p>Information published.</p> Bluetooth: btusb: clamp SCO altsetting table indices Mariner Linux Yes CVE-2026-31497 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T15:01:57 <p>Information published.</p> 4.0 2026-04-30T01:07:53 <p>Information published.</p> 1.0 2026-04-23T01:05:41 <p>Information published.</p> 2.0 2026-04-23T14:43:36 <p>Information published.</p> dmaengine: idxd: Fix leaking event log memory Mariner Linux Yes CVE-2026-31440 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-23T01:05:47 <p>Information published.</p> 4.0 2026-05-06T14:37:52 <p>Information published.</p> 5.0 2026-05-11T01:49:59 <p>Information published.</p> 7.0 2026-05-22T01:39:40 <p>Information published.</p> 2.0 2026-04-23T14:43:41 <p>Information published.</p> 3.0 2026-04-29T15:02:03 <p>Information published.</p> 6.0 2026-05-17T14:51:03 <p>Information published.</p> iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() Mariner Linux Yes CVE-2026-31505 21248-17084 21332-17084 21094-17084 21308-17084 21344-17084 21248-17084 21332-17084 21094-17084 21308-17084 21344-17084 Important 21248-17084 Important 21332-17084 Important 21094-17084 Important 21308-17084 Moderate 21344-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21248-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21332-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21308-17084 6.1 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 21344-17084 3.0 2026-04-29T15:02:09 <p>Information published.</p> 4.0 2026-05-06T14:38:01 <p>Information published.</p> 6.1 2026-05-22T01:39:49 <p>Information published.</p> 1.0 2026-04-23T01:05:52 <p>Information published.</p> 2.0 2026-04-23T14:43:46 <p>Information published.</p> 5.0 2026-05-11T01:50:07 <p>Information published.</p> 6.0 2026-05-17T14:51:11 <p>Information published.</p> crypto: algif_aead - Revert to operating out-of-place Mariner Linux Yes CVE-2026-31431 21094-17084 21248-17084 21093-17086 21300-17084 21094-17084 21248-17084 21093-17086 21300-17084 Moderate 21094-17084 Important 21248-17084 Important 21093-17086 Important 21300-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21300-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases CBL-Mariner Releases 21300-17084 No Security Update 6.12.85.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21300-17084 CBL-Mariner Releases 3.0 2026-04-29T15:02:16 <p>Information published.</p> 5.0 2026-05-03T01:01:37 <p>Information published.</p> 6.0 2026-05-04T14:38:46 <p>Information published.</p> 7.0 2026-05-05T01:03:40 <p>Information published.</p> 7.1 2026-05-05T14:41:54 <p>Information published.</p> 1.0 2026-04-23T01:05:58 <p>Information published.</p> 2.0 2026-04-23T14:36:58 <p>Information published.</p> 3.1 2026-04-30T14:38:18 <p>Information published.</p> 4.0 2026-05-01T14:38:48 <p>Information published.</p> spi: meson-spicc: Fix double-put in remove path Mariner Linux Yes CVE-2026-31489 21094-17084 21248-17084 21093-17086 21308-17084 21332-17084 21344-17084 21094-17084 21248-17084 21093-17086 21308-17084 21332-17084 21344-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-23T01:06:14 <p>Information published.</p> 3.0 2026-04-29T14:38:31 <p>Information published.</p> 5.0 2026-05-06T14:38:09 <p>Information published.</p> 6.0 2026-05-11T01:50:15 <p>Information published.</p> 2.0 2026-04-23T14:37:19 <p>Information published.</p> 4.0 2026-04-30T01:08:29 <p>Information published.</p> 7.0 2026-05-17T14:51:20 <p>Information published.</p> virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false Mariner Linux Yes CVE-2026-31469 21094-17084 21094-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:06:25 <p>Information published.</p> 2.0 2026-04-23T14:37:30 <p>Information published.</p> 3.0 2026-04-29T14:39:02 <p>Information published.</p> Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb Mariner Linux Yes CVE-2026-31510 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:06:31 <p>Information published.</p> 3.0 2026-04-29T14:39:18 <p>Information published.</p> 2.0 2026-04-23T14:37:35 <p>Information published.</p> 4.0 2026-04-30T01:08:58 <p>Information published.</p> ext4: validate p_idx bounds in ext4_ext_correct_indexes Mariner Linux Yes CVE-2026-31449 21248-17084 21308-17084 21332-17084 21094-17084 21344-17084 21248-17084 21308-17084 21332-17084 21094-17084 21344-17084 Important 21248-17084 Important 21308-17084 Important 21332-17084 Important 21094-17084 Moderate 21344-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21248-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21308-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21332-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 6.1 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H 21344-17084 2.0 2026-04-23T14:37:47 <p>Information published.</p> 4.0 2026-05-06T14:38:18 <p>Information published.</p> 6.1 2026-05-22T01:40:02 <p>Information published.</p> 1.0 2026-04-23T01:06:42 <p>Information published.</p> 3.0 2026-04-29T14:39:46 <p>Information published.</p> 5.0 2026-05-11T01:50:24 <p>Information published.</p> 6.0 2026-05-17T14:51:28 <p>Information published.</p> s390/entry: Scrub r12 register on kernel entry Mariner Linux Yes CVE-2026-31482 21094-17084 21094-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:06:47 <p>Information published.</p> 2.0 2026-04-23T14:37:53 <p>Information published.</p> 3.0 2026-04-29T14:40:02 <p>Information published.</p> 4.0 2026-04-30T01:44:39 <p>Information published.</p> esp: fix skb leak with espintcp and async crypto Mariner Linux Yes CVE-2026-31518 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:40:18 <p>Information published.</p> 1.0 2026-04-23T01:06:53 <p>Information published.</p> 2.0 2026-04-23T14:37:58 <p>Information published.</p> 4.0 2026-04-30T01:09:33 <p>Information published.</p> ext4: fix use-after-free in update_super_work when racing with umount Mariner Linux Yes CVE-2026-31446 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:06:58 <p>Information published.</p> 2.0 2026-04-23T14:38:04 <p>Information published.</p> 3.0 2026-04-29T14:40:33 <p>Information published.</p> HID: apple: avoid memory leak in apple_report_fixup() Mariner Linux Yes CVE-2026-31520 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:40:47 <p>Information published.</p> 1.0 2026-04-23T01:07:04 <p>Information published.</p> 2.0 2026-04-23T14:38:10 <p>Information published.</p> btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create Mariner Linux Yes CVE-2026-31519 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-23T14:38:27 <p>Information published.</p> 3.0 2026-04-29T14:41:28 <p>Information published.</p> 1.0 2026-04-23T01:07:21 <p>Information published.</p> 4.0 2026-04-30T01:10:13 <p>Information published.</p> ksmbd: fix potencial OOB in get_file_all_info() for compound requests Mariner Linux Yes CVE-2026-31433 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:41:43 <p>Information published.</p> 1.0 2026-04-23T01:07:26 <p>Information published.</p> 2.0 2026-04-23T14:38:32 <p>Information published.</p> 4.0 2026-04-30T01:45:42 <p>Information published.</p> spi: spi-fsl-lpspi: fix teardown order issue (UAF) Mariner Linux Yes CVE-2026-31485 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Important 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:41:59 <p>Information published.</p> 1.0 2026-04-23T01:07:32 <p>Information published.</p> 2.0 2026-04-23T14:38:38 <p>Information published.</p> 4.0 2026-04-30T01:10:31 <p>Information published.</p> s390/syscalls: Add spectre boundary for syscall dispatch table Mariner Linux Yes CVE-2026-31483 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-24T01:37:53 <p>Information published.</p> 3.0 2026-04-29T14:42:32 <p>Information published.</p> 4.0 2026-04-30T01:10:57 <p>Information published.</p> 1.0 2026-04-23T01:07:43 <p>Information published.</p> 1.1 2026-04-23T14:38:49 <p>Information published.</p> net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer Mariner Linux Yes CVE-2026-31507 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Important 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:43:09 <p>Information published.</p> 1.0 2026-04-23T01:07:54 <p>Information published.</p> 1.1 2026-04-23T14:39:00 <p>Information published.</p> 2.0 2026-04-24T01:38:04 <p>Information published.</p> 4.0 2026-04-30T01:11:14 <p>Information published.</p> Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock Mariner Linux Yes CVE-2026-31500 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Important 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:08:05 <p>Information published.</p> 2.0 2026-04-24T01:38:12 <p>Information published.</p> 3.0 2026-04-29T14:43:41 <p>Information published.</p> 1.1 2026-04-23T14:39:12 <p>Information published.</p> 4.0 2026-04-30T01:11:31 <p>Information published.</p> ext4: reject mount if bigalloc with s_first_data_block != 0 Mariner Linux Yes CVE-2026-31447 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:08:10 <p>Information published.</p> 3.0 2026-04-29T14:43:57 <p>Information published.</p> 2.0 2026-04-23T14:39:19 <p>Information published.</p> ksmbd: fix use-after-free and NULL deref in smb_grant_oplock() Mariner Linux Yes CVE-2026-31444 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:08:16 <p>Information published.</p> 2.0 2026-04-23T14:39:24 <p>Information published.</p> 3.0 2026-04-29T14:44:13 <p>Information published.</p> HID: magicmouse: avoid memory leak in magicmouse_report_fixup() Mariner Linux Yes CVE-2026-31522 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:08:21 <p>Information published.</p> 3.0 2026-04-29T14:44:29 <p>Information published.</p> 2.0 2026-04-23T14:39:30 <p>Information published.</p> 4.0 2026-04-30T01:11:54 <p>Information published.</p> ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len() Mariner Linux Yes CVE-2026-31478 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Critical 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-24T01:38:26 <p>Information published.</p> 3.0 2026-04-29T01:01:58 <p>Information published.</p> 4.0 2026-04-29T14:44:45 <p>Information published.</p> 1.0 2026-04-23T01:08:27 <p>Information published.</p> 1.1 2026-04-23T14:39:36 <p>Information published.</p> 5.0 2026-04-30T01:46:36 <p>Information published.</p> 6.0 2026-05-01T01:39:24 <p>Information published.</p> nfc: nci: fix circular locking dependency in nci_close_device Mariner Linux Yes CVE-2026-31509 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-23T14:39:47 <p>Information published.</p> 3.0 2026-04-29T14:45:16 <p>Information published.</p> 4.0 2026-04-30T01:12:16 <p>Information published.</p> 1.0 2026-04-23T01:08:38 <p>Information published.</p> ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio Mariner Linux Yes CVE-2026-31451 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:45:32 <p>Information published.</p> 1.0 2026-04-23T01:08:44 <p>Information published.</p> 2.0 2026-04-23T14:39:52 <p>Information published.</p> perf: Make sure to use pmu_ctx->pmu for groups Mariner Linux Yes CVE-2026-31528 21094-17084 21094-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-24T01:38:45 <p>Information published.</p> 3.0 2026-04-29T14:45:59 <p>Information published.</p> 1.0 2026-04-23T01:08:55 <p>Information published.</p> 1.1 2026-04-23T14:40:03 <p>Information published.</p> udp: Fix wildcard bind conflict check when using hash2 Mariner Linux Yes CVE-2026-31503 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:09:06 <p>Information published.</p> 3.0 2026-04-29T14:46:38 <p>Information published.</p> 2.0 2026-04-23T14:40:14 <p>Information published.</p> 4.0 2026-04-30T01:12:38 <p>Information published.</p> Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop Mariner Linux Yes CVE-2026-31498 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:46:55 <p>Information published.</p> 4.0 2026-04-30T01:12:47 <p>Information published.</p> 1.0 2026-04-23T01:09:11 <p>Information published.</p> 2.0 2026-04-23T14:40:20 <p>Information published.</p> 5.0 2026-04-30T01:47:57 <p>Information published.</p> xfs: avoid dereferencing log items after push callbacks Mariner Linux Yes CVE-2026-31453 21094-17084 21094-17084 Important 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:09:17 <p>Information published.</p> 2.0 2026-04-24T01:39:01 <p>Information published.</p> 1.1 2026-04-23T14:40:26 <p>Information published.</p> 3.0 2026-04-29T14:47:12 <p>Information published.</p> bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN Mariner Linux Yes CVE-2026-31525 21094-17084 21094-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:09:22 <p>Information published.</p> 3.0 2026-04-29T14:47:28 <p>Information published.</p> 1.1 2026-04-23T14:40:31 <p>Information published.</p> 2.0 2026-04-24T01:39:07 <p>Information published.</p> erofs: add GFP_NOIO in the bio completion if needed Mariner Linux Yes CVE-2026-31467 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:09:27 <p>Information published.</p> 2.0 2026-04-23T14:40:37 <p>Information published.</p> 3.0 2026-04-29T14:47:45 <p>Information published.</p> RDMA/irdma: Initialize free_qp completion before using it Mariner Linux Yes CVE-2026-31492 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Moderate 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:09:33 <p>Information published.</p> 2.0 2026-04-23T14:40:43 <p>Information published.</p> 3.0 2026-04-29T14:48:01 <p>Information published.</p> 4.0 2026-04-30T01:13:06 <p>Information published.</p> 5.0 2026-04-30T01:48:09 <p>Information published.</p> net: macb: use the current queue number for stats Mariner Linux Yes CVE-2026-31494 21094-17084 21093-17086 21094-17084 21093-17086 Important 21094-17084 Important 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 3.0 2026-04-29T14:48:35 <p>Information published.</p> 1.0 2026-04-23T01:09:44 <p>Information published.</p> 1.1 2026-04-23T14:40:54 <p>Information published.</p> 2.0 2026-04-24T01:39:20 <p>Information published.</p> 4.0 2026-04-30T01:13:23 <p>Information published.</p> media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex Mariner Linux Yes CVE-2026-31473 21093-17086 21094-17084 21093-17086 21094-17084 Important 21093-17086 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-23T01:09:55 <p>Information published.</p> 2.0 2026-04-24T01:39:31 <p>Information published.</p> 3.0 2026-04-29T01:01:42 <p>Information published.</p> 4.0 2026-04-29T14:49:06 <p>Information published.</p> 1.1 2026-04-23T14:41:05 <p>Information published.</p> Dnsmasq: dnsmasq: denial of service due to out-of-bounds write in dhcp bootreply processing Mariner redhat Yes CVE-2026-6507 Out-of-bounds Write 21230-17084 21231-17086 21230-17084 21231-17086 Important 21230-17084 Important 21231-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21230-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21231-17086 1.0 2026-04-23T01:10:16 <p>Information published.</p> ScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch) Mariner EEF Yes CVE-2026-28808 Incorrect Authorization 21268-17084 21095-17084 21145-17086 21268-17084 21095-17084 21145-17086 Important 21268-17084 Important 21095-17084 Important 21145-17086 3.0 2026-05-19T01:39:13 <p>Information published.</p> 1.0 2026-04-23T01:10:24 <p>Information published.</p> 2.0 2026-04-29T14:49:51 <p>Information published.</p> Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input Mariner Google Yes CVE-2026-6409 Improper Input Validation 17664-17084 20026-17086 21156-17084 21155-17086 21233-17086 20972-17084 21103-17086 19668-17086 21021-17084 21270-17084 17868-17086 21232-17084 19693-17084 19712-17086 21262-17084 17664-17084 20026-17086 21156-17084 21155-17086 21233-17086 20972-17084 21103-17086 19668-17086 21021-17084 21270-17084 17868-17086 21232-17084 19693-17084 19712-17086 21262-17084 Important 17664-17084 Important 20026-17086 Important 21156-17084 Important 21155-17086 Important 21233-17086 Important 20972-17084 Important 21103-17086 Important 19668-17086 Important 21021-17084 Important 21270-17084 Important 17868-17086 Important 21232-17084 Important 19693-17084 Important 19712-17086 Important 21262-17084 CBL-Mariner Releases 21232-17084 No Security Update 25.3-7 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21232-17084 CBL-Mariner Releases 1.0 2026-04-23T01:11:06 <p>Information published.</p> 3.0 2026-04-29T14:50:12 <p>Information published.</p> 2.0 2026-04-24T14:44:57 <p>Information published.</p> 4.0 2026-04-30T01:49:27 <p>Information published.</p> Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL Mariner wolfSSL Yes CVE-2026-5187 Heap-based Buffer Overflow 21143-17086 21054-17084 21143-17086 21054-17084 Low 21143-17086 Low 21054-17084 1.0 2026-04-23T01:11:14 <p>Information published.</p> 2.0 2026-04-24T01:39:57 <p>Information published.</p> 3.0 2026-04-30T01:49:37 <p>Information published.</p> can: raw: fix ro->uniq use-after-free in raw_rcv() Mariner Linux Yes CVE-2026-31532 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Important 21094-17084 Important 21248-17084 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-24T01:04:59 <p>Information published.</p> 2.0 2026-04-29T14:50:39 <p>Information published.</p> 3.0 2026-05-01T01:01:37 <p>Information published.</p> 4.0 2026-05-01T14:38:59 <p>Information published.</p> ksmbd: fix use-after-free of share_conf in compound request Mariner Linux Yes CVE-2026-23428 21093-17086 21093-17086 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 1.0 2026-04-25T01:05:04 <p>Information published.</p> 2.0 2026-04-30T01:50:21 <p>Information published.</p> mtd: rawnand: serialize lock/unlock against other NAND operations Mariner Linux Yes CVE-2026-23434 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-25T01:05:09 <p>Information published.</p> Mako: Path traversal via double-slash URI prefix in TemplateLookup Mariner GitHub_M Yes CVE-2026-41205 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 21311-17084 21238-17084 21240-17086 21311-17084 21238-17084 21240-17086 Important 21311-17084 Important 21238-17084 Important 21240-17086 CBL-Mariner Releases 21311-17084 21238-17084 No Security Update 1.2.4-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21311-17084 21238-17084 CBL-Mariner Releases 2.0 2026-04-26T01:04:47 <p>Information published.</p> 3.0 2026-04-27T14:39:53 <p>Information published.</p> 5.0 2026-05-06T14:39:00 <p>Information published.</p> 1.0 2026-04-25T01:05:53 <p>Information published.</p> 4.0 2026-05-06T01:41:40 <p>Information published.</p> Libopensc: opensc: multiple uses of uninitialized variable Mariner redhat Yes CVE-2025-13763 21146-17084 19952-17086 21146-17084 19952-17086 Moderate 21146-17084 Moderate 19952-17086 5.7 5.7 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H 21146-17084 5.7 5.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:P 19952-17086 1.0 2026-04-25T01:05:58 <p>Information published.</p> 2.0 2026-04-29T01:10:21 <p>Information published.</p> 3.0 2026-04-30T01:50:35 <p>Information published.</p> futex: Clear stale exiting pointer in futex_lock_pi() retry path Mariner Linux Yes CVE-2026-31555 21094-17084 21093-17086 21094-17084 21093-17086 Moderate 21094-17084 Moderate 21093-17086 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.1 2026-04-27T14:40:10 <p>Information published.</p> 2.0 2026-04-29T01:02:36 <p>Information published.</p> 4.0 2026-04-29T14:51:52 <p>Information published.</p> 1.0 2026-04-26T01:01:37 <p>Information published.</p> 3.0 2026-04-29T01:40:07 <p>Information published.</p> usbip: validate number_of_packets in usbip_pack_ret_submit() Mariner Linux Yes CVE-2026-31607 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Critical 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U 21094-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U 21248-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:40:28 <p>Information published.</p> 3.0 2026-04-29T14:52:33 <p>Information published.</p> 1.0 2026-04-26T01:01:54 <p>Information published.</p> 2.0 2026-04-29T01:40:20 <p>Information published.</p> 4.0 2026-04-30T01:01:48 <p>Information published.</p> 5.0 2026-05-01T14:39:12 <p>Information published.</p> smb: server: let send_done handle a completion without IB_SEND_SIGNALED Mariner Linux Yes CVE-2026-31536 21248-17084 21332-17084 21094-17084 21093-17086 21308-17084 21344-17084 21248-17084 21332-17084 21094-17084 21093-17086 21308-17084 21344-17084 Moderate 21248-17084 Moderate 21332-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21308-17084 Moderate 21344-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21332-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 6.6 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21308-17084 6.6 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L 21344-17084 1.1 2026-04-27T14:41:03 <p>Information published.</p> 3.0 2026-04-29T14:53:55 <p>Information published.</p> 6.0 2026-05-11T01:51:06 <p>Information published.</p> 1.0 2026-04-26T01:02:31 <p>Information published.</p> 2.0 2026-04-29T01:40:48 <p>Information published.</p> 4.0 2026-04-30T01:02:50 <p>Information published.</p> 5.0 2026-05-06T14:39:25 <p>Information published.</p> 7.0 2026-05-17T14:52:13 <p>Information published.</p> 8.0 2026-05-22T01:40:41 <p>Information published.</p> media: em28xx: fix use-after-free in em28xx_v4l2_open() Mariner Linux Yes CVE-2026-31583 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Important 21093-17086 Moderate 21248-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:41:09 <p>Information published.</p> 2.0 2026-04-29T01:03:55 <p>Information published.</p> 4.0 2026-04-29T14:54:07 <p>Information published.</p> 1.0 2026-04-26T01:02:37 <p>Information published.</p> 3.0 2026-04-29T01:40:57 <p>Information published.</p> 5.0 2026-04-30T01:51:24 <p>Information published.</p> 6.0 2026-05-01T14:39:39 <p>Information published.</p> rxrpc: Only put the call ref if one was acquired Mariner Linux Yes CVE-2026-31638 21248-17084 21094-17084 21248-17084 21094-17084 Moderate 21248-17084 Moderate 21094-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:02:49 <p>Information published.</p> 1.1 2026-04-27T14:41:20 <p>Information published.</p> 2.0 2026-04-29T01:41:15 <p>Information published.</p> 3.0 2026-04-29T14:54:32 <p>Information published.</p> 4.0 2026-05-01T14:39:46 <p>Information published.</p> clockevents: Add missing resets of the next_event_forced flag Mariner Linux Yes CVE-2026-31574 21093-17086 21248-17084 21308-17084 21094-17084 21332-17084 21344-17084 21093-17086 21248-17084 21308-17084 21094-17084 21332-17084 21344-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21308-17084 Moderate 21094-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 CBL-Mariner Releases 21344-17084 No Security Update 6.6.139.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21344-17084 CBL-Mariner Releases 2.0 2026-04-27T14:41:31 <p>Information published.</p> 3.0 2026-04-29T01:03:08 <p>Information published.</p> 4.0 2026-04-29T14:55:01 <p>Information published.</p> 6.0 2026-05-11T01:51:15 <p>Information published.</p> 8.0 2026-05-22T14:38:20 <p>Information published.</p> 1.0 2026-04-26T01:03:01 <p>Information published.</p> 5.0 2026-05-06T14:39:34 <p>Information published.</p> 7.0 2026-05-17T14:52:21 <p>Information published.</p> ocfs2: handle invalid dinode in ocfs2_group_extend Mariner Linux Yes CVE-2026-31596 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:41:43 <p>Information published.</p> 3.0 2026-04-29T14:55:27 <p>Information published.</p> 5.0 2026-05-01T14:40:00 <p>Information published.</p> 1.0 2026-04-26T01:03:13 <p>Information published.</p> 2.0 2026-04-29T01:41:30 <p>Information published.</p> 4.0 2026-05-01T01:01:42 <p>Information published.</p> ALSA: 6fire: fix use-after-free on disconnect Mariner Linux Yes CVE-2026-31581 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Important 21093-17086 Important 21248-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 2.0 2026-04-29T01:03:44 <p>Information published.</p> 4.0 2026-04-29T14:57:54 <p>Information published.</p> 1.0 2026-04-26T01:04:12 <p>Information published.</p> 1.1 2026-04-27T14:42:41 <p>Information published.</p> 3.0 2026-04-29T01:42:35 <p>Information published.</p> 5.0 2026-04-30T01:52:14 <p>Information published.</p> wifi: rtw88: fix device leak on probe failure Mariner Linux Yes CVE-2026-31604 21248-17084 21094-17084 21248-17084 21094-17084 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:42:59 <p>Information published.</p> 3.0 2026-04-29T14:46:51 <p>Information published.</p> 1.0 2026-04-26T01:04:22 <p>Information published.</p> 4.0 2026-05-01T14:45:22 <p>Information published.</p> media: vidtv: fix nfeeds state corruption on start_streaming failure Mariner Linux Yes CVE-2026-31585 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 Moderate 21248-17084 Moderate 21093-17086 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:04:28 <p>Information published.</p> 2.0 2026-04-27T14:43:10 <p>Information published.</p> 3.0 2026-04-29T14:47:03 <p>Information published.</p> 4.0 2026-04-30T01:11:25 <p>Information published.</p> 5.0 2026-05-01T14:45:28 <p>Information published.</p> nilfs2: fix NULL i_assoc_inode dereference in nilfs_mdt_save_to_shadow_map Mariner Linux Yes CVE-2026-31577 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:42:59 <p>Information published.</p> 4.0 2026-04-29T14:58:31 <p>Information published.</p> 1.0 2026-04-26T01:04:30 <p>Information published.</p> 3.0 2026-04-29T01:03:23 <p>Information published.</p> 5.0 2026-05-01T14:40:56 <p>Information published.</p> Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4 Mariner GitHub_M Yes CVE-2026-41140 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 19719-17084 21263-17084 19719-17084 21263-17084 Low 19719-17084 Low 21263-17084 1.0 2026-04-26T01:04:34 <p>Information published.</p> 2.0 2026-04-29T01:39:21 <p>Information published.</p> 3.0 2026-04-29T14:47:17 <p>Information published.</p> netfilter: nft_ct: fix use-after-free in timeout object destroy Mariner Linux Yes CVE-2026-31665 21094-17084 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 Moderate 21094-17084 Moderate 21093-17086 Moderate 21248-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 6.6 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 21093-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:43:09 <p>Information published.</p> 4.0 2026-04-29T14:58:45 <p>Information published.</p> 1.0 2026-04-26T01:04:36 <p>Information published.</p> 2.0 2026-04-29T01:05:56 <p>Information published.</p> 3.0 2026-04-29T01:43:08 <p>Information published.</p> 5.0 2026-05-01T14:41:02 <p>Information published.</p> net: rfkill: prevent unlimited numbers of rfkill events from being created Mariner Linux Yes CVE-2026-31670 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:05:06 <p>Information published.</p> 2.0 2026-04-27T14:43:37 <p>Information published.</p> 3.0 2026-04-29T01:06:16 <p>Information published.</p> 4.0 2026-04-29T14:59:36 <p>Information published.</p> 5.0 2026-05-01T14:41:29 <p>Information published.</p> rxrpc: Fix call removal to use RCU safe deletion Mariner Linux Yes CVE-2026-31642 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 21248-17084 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:44:05 <p>Information published.</p> 2.0 2026-04-29T01:04:50 <p>Information published.</p> 3.0 2026-04-29T01:43:58 <p>Information published.</p> 4.0 2026-04-29T15:00:12 <p>Information published.</p> 1.0 2026-04-26T01:05:39 <p>Information published.</p> 5.0 2026-05-01T14:41:49 <p>Information published.</p> smb: client: fix OOB reads parsing symlink error response Mariner Linux Yes CVE-2026-31613 21332-17084 21094-17084 21248-17084 21308-17084 21344-17084 21332-17084 21094-17084 21248-17084 21308-17084 21344-17084 Moderate 21332-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21308-17084 Important 21344-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21332-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 7.0 6.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21308-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21344-17084 1.1 2026-04-27T14:44:34 <p>Information published.</p> 1.0 2026-04-26T01:06:08 <p>Information published.</p> 2.0 2026-04-29T01:44:24 <p>Information published.</p> 3.0 2026-04-29T15:00:49 <p>Information published.</p> 4.0 2026-05-06T14:41:21 <p>Information published.</p> 5.0 2026-05-11T01:51:49 <p>Information published.</p> 6.0 2026-05-17T14:52:56 <p>Information published.</p> 6.1 2026-05-22T01:41:10 <p>Information published.</p> net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() Mariner Linux Yes CVE-2026-31623 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 6.6 6.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21094-17084 6.6 6.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:44:45 <p>Information published.</p> 3.0 2026-04-29T15:01:03 <p>Information published.</p> 1.0 2026-04-26T01:06:21 <p>Information published.</p> 2.0 2026-04-29T01:44:36 <p>Information published.</p> 4.0 2026-04-30T01:07:06 <p>Information published.</p> 5.0 2026-05-01T14:42:17 <p>Information published.</p> PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown Mariner Linux Yes CVE-2026-31594 21248-17084 21094-17084 21248-17084 21094-17084 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:44:39 <p>Information published.</p> 3.0 2026-04-29T15:00:56 <p>Information published.</p> 1.0 2026-04-26T01:06:15 <p>Information published.</p> 4.0 2026-05-01T14:42:10 <p>Information published.</p> smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() Mariner Linux Yes CVE-2026-31609 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Important 21094-17084 Important 21248-17084 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.0 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.4 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21094-17084 21248-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:06:38 <p>Information published.</p> 1.1 2026-04-27T14:45:01 <p>Information published.</p> 2.0 2026-04-29T14:38:59 <p>Information published.</p> 3.0 2026-04-30T14:38:37 <p>Information published.</p> 4.0 2026-05-01T01:02:29 <p>Information published.</p> rust-openssl: Out-of-bounds read in PEM password callback when user callback returns an oversized length Mariner GitHub_M Yes CVE-2026-41677 Out-of-bounds Read 21108-17086 21165-17084 21110-17084 21255-17084 21254-17084 21249-17084 21266-17084 21223-17084 20878-17086 21136-17084 21123-17084 21241-17084 21291-17084 21108-17086 21165-17084 21110-17084 21255-17084 21254-17084 21249-17084 21266-17084 21223-17084 20878-17086 21136-17084 21123-17084 21241-17084 21291-17084 Low 21108-17086 Low 21165-17084 Low 21110-17084 Low 21255-17084 Low 21254-17084 Low 21249-17084 Low 21266-17084 Low 21223-17084 Low 20878-17086 Low 21136-17084 Low 21123-17084 Low 21241-17084 Low 21291-17084 1.0 2026-04-26T01:06:59 <p>Information published.</p> 2.0 2026-04-27T14:45:25 <p>Information published.</p> 3.0 2026-04-29T01:40:33 <p>Information published.</p> 4.0 2026-04-29T14:49:51 <p>Information published.</p> 5.0 2026-04-30T01:12:41 <p>Information published.</p> 6.0 2026-04-30T01:49:43 <p>Information published.</p> usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() Mariner Linux Yes CVE-2026-31616 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Important 21094-17084 Important 21248-17084 Moderate 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-26T01:07:16 <p>Information published.</p> 1.1 2026-04-27T14:45:37 <p>Information published.</p> 3.0 2026-04-29T14:40:18 <p>Information published.</p> 4.0 2026-04-30T01:08:12 <p>Information published.</p> 2.0 2026-04-29T01:45:13 <p>Information published.</p> 5.0 2026-04-30T01:40:49 <p>Information published.</p> vfio/xe: Reorganize the init to decouple migration from reset Mariner Linux Yes CVE-2026-31601 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 2.0 2026-04-27T14:45:29 <p>Information published.</p> 1.0 2026-04-26T01:07:10 <p>Information published.</p> 3.0 2026-04-29T14:40:06 <p>Information published.</p> seg6: separate dst_cache for input and output paths in seg6 lwtunnel Mariner Linux Yes CVE-2026-31668 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Critical 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:07:28 <p>Information published.</p> 2.0 2026-04-27T14:45:48 <p>Information published.</p> 4.0 2026-04-29T14:40:44 <p>Information published.</p> 3.0 2026-04-29T01:06:06 <p>Information published.</p> 5.0 2026-05-01T14:42:51 <p>Information published.</p> hwmon: (powerz) Fix use-after-free on USB disconnect Mariner Linux Yes CVE-2026-31582 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 Important 21093-17086 Important 21094-17084 Important 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21248-17084 1.1 2026-04-27T14:46:39 <p>Information published.</p> 2.0 2026-04-29T01:03:50 <p>Information published.</p> 4.0 2026-04-29T14:42:42 <p>Information published.</p> 1.0 2026-04-26T01:08:23 <p>Information published.</p> 3.0 2026-04-29T01:46:07 <p>Information published.</p> 5.0 2026-04-30T01:42:36 <p>Information published.</p> rxrpc: only handle RESPONSE during service challenge Mariner Linux Yes CVE-2026-31676 21248-17084 21094-17084 21248-17084 21094-17084 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-27T14:46:09 <p>Information published.</p> 3.0 2026-04-29T14:52:41 <p>Information published.</p> 4.0 2026-05-01T14:45:49 <p>Information published.</p> 1.0 2026-04-26T01:08:27 <p>Information published.</p> KVM: x86: Use scratch field in MMIO fragment to hold small write values Mariner Linux Yes CVE-2026-31588 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Important 21093-17086 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21094-17084 6.6 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U 21248-17084 8.8 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.1 2026-04-27T14:37:41 <p>Information published.</p> 3.0 2026-04-29T14:43:09 <p>Information published.</p> 5.0 2026-05-01T14:43:39 <p>Information published.</p> 1.0 2026-04-26T01:08:35 <p>Information published.</p> 2.0 2026-04-29T01:46:21 <p>Information published.</p> 4.0 2026-04-30T01:09:31 <p>Information published.</p> crypto: af_alg - limit RX SG extraction by receive buffer budget Mariner Linux Yes CVE-2026-31677 21332-17084 21094-17084 21248-17084 21308-17084 21344-17084 21332-17084 21094-17084 21248-17084 21308-17084 21344-17084 Moderate 21332-17084 Moderate 21094-17084 Moderate 21248-17084 Moderate 21308-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 1.0 2026-04-26T01:08:34 <p>Information published.</p> 2.0 2026-04-27T14:46:14 <p>Information published.</p> 3.0 2026-04-29T14:52:53 <p>Information published.</p> 4.0 2026-05-06T14:42:47 <p>Information published.</p> 5.0 2026-05-11T01:38:31 <p>Information published.</p> 6.0 2026-05-17T14:39:18 <p>Information published.</p> net/sched: sch_netem: fix out-of-bounds access in packet corruption Mariner Linux Yes CVE-2026-31675 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.1 2026-04-27T14:46:03 <p>Information published.</p> 3.0 2026-04-29T14:52:28 <p>Information published.</p> 1.0 2026-04-26T01:08:22 <p>Information published.</p> 2.0 2026-04-29T01:41:43 <p>Information published.</p> rxrpc: fix reference count leak in rxrpc_server_keyring() Mariner Linux Yes CVE-2026-31634 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:09:04 <p>Information published.</p> 2.0 2026-04-27T14:38:10 <p>Information published.</p> 3.0 2026-04-29T01:04:40 <p>Information published.</p> 4.0 2026-04-29T14:44:12 <p>Information published.</p> 5.0 2026-05-01T14:44:08 <p>Information published.</p> net: sched: act_csum: validate nested VLAN headers Mariner Linux Yes CVE-2026-31684 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:08:57 <p>Information published.</p> 2.0 2026-04-27T14:46:37 <p>Information published.</p> 3.0 2026-04-29T14:53:53 <p>Information published.</p> 4.0 2026-05-01T14:46:02 <p>Information published.</p> net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() Mariner Linux Yes CVE-2026-31658 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 21093-17086 Moderate 21094-17084 Moderate 21248-17084 Moderate 21093-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-26T01:09:54 <p>Information published.</p> 1.1 2026-04-27T14:39:02 <p>Information published.</p> 4.0 2026-04-29T14:45:41 <p>Information published.</p> 2.0 2026-04-29T01:05:16 <p>Information published.</p> 3.0 2026-04-29T01:47:26 <p>Information published.</p> 5.0 2026-05-01T14:44:48 <p>Information published.</p> PostCSS has XSS via Unescaped </style> in its CSS Stringify Output Mariner GitHub_M Yes CVE-2026-41305 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 19693-17084 19693-17084 Moderate 19693-17084 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 19693-17084 1.0 2026-04-27T01:05:05 <p>Information published.</p> 2.0 2026-04-27T14:48:10 <p>Information published.</p> 3.0 2026-04-30T01:52:52 <p>Information published.</p> Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes Mariner PSF Yes CVE-2026-3298 Out-of-bounds Write 21100-17084 21100-17084 Important 21100-17084 1.0 2026-04-27T01:05:10 <p>Information published.</p> 2.0 2026-04-27T14:48:15 <p>Information published.</p> 3.0 2026-04-30T01:52:58 <p>Information published.</p> EDAC/mc: Fix error path ordering in edac_mc_alloc() Mariner Linux Yes CVE-2026-31689 21094-17084 21248-17084 21094-17084 21248-17084 Moderate 21094-17084 Moderate 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-29T01:01:26 <p>Information published.</p> 3.0 2026-05-01T14:46:18 <p>Information published.</p> 2.0 2026-04-29T14:58:12 <p>Information published.</p> driver core: enforce device_lock for driver_match_device() Mariner Linux Yes CVE-2026-31688 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 21094-17084 21248-17084 21308-17084 21332-17084 21344-17084 Important 21094-17084 Important 21248-17084 Important 21308-17084 Important 21332-17084 Moderate 21344-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21308-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21332-17084 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21344-17084 1.0 2026-04-29T01:01:38 <p>Information published.</p> 2.0 2026-04-29T14:58:36 <p>Information published.</p> 5.1 2026-05-22T01:41:50 <p>Information published.</p> 3.0 2026-05-06T14:43:00 <p>Information published.</p> 4.0 2026-05-11T01:38:40 <p>Information published.</p> 5.0 2026-05-17T14:39:29 <p>Information published.</p> wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down Mariner Linux Yes CVE-2026-31548 21093-17086 21093-17086 Important 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 1.0 2026-04-29T01:02:09 <p>Information published.</p> i2c: cp2615: fix serial string NULL-deref at probe Mariner Linux Yes CVE-2026-31549 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-29T01:02:15 <p>Information published.</p> pmdomain: bcm: bcm2835-power: Increase ASB control timeout Mariner Linux Yes CVE-2026-31550 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-29T01:02:20 <p>Information published.</p> wifi: mac80211: Fix static_branch_dec() underflow for aql_disable. Mariner Linux Yes CVE-2026-31551 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-29T01:02:26 <p>Information published.</p> wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom Mariner Linux Yes CVE-2026-31552 21093-17086 21093-17086 Important 21093-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-29T01:02:32 <p>Information published.</p> media: mediatek: vcodec: fix use-after-free in encoder release path Mariner Linux Yes CVE-2026-31584 21093-17086 21094-17084 21248-17084 21093-17086 21094-17084 21248-17084 Important 21093-17086 Important 21094-17084 Important 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 1.0 2026-04-29T01:04:04 <p>Information published.</p> 2.0 2026-04-29T14:59:07 <p>Information published.</p> 3.0 2026-04-30T01:53:23 <p>Information published.</p> wifi: brcmsmac: Fix dma_free_coherent() size Mariner Linux Yes CVE-2026-31661 21093-17086 21248-17084 21094-17084 21093-17086 21248-17084 21094-17084 Moderate 21093-17086 Moderate 21248-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 2.0 2026-04-29T14:59:27 <p>Information published.</p> 3.0 2026-05-01T14:46:38 <p>Information published.</p> 1.0 2026-04-29T01:05:35 <p>Information published.</p> net: macb: Use dev_consume_skb_any() to free TX SKBs Mariner Linux Yes CVE-2026-31563 21094-17084 21094-17084 Important 21094-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.134.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-29T01:06:32 <p>Information published.</p> 2.0 2026-04-29T14:58:53 <p>Information published.</p> mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() Mariner Linux Yes CVE-2026-31648 21094-17084 21248-17084 21094-17084 21248-17084 Important 21094-17084 Important 21248-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21248-17084 CBL-Mariner Releases 21248-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21248-17084 CBL-Mariner Releases 1.0 2026-04-29T01:06:38 <p>Information published.</p> 2.0 2026-04-29T14:59:17 <p>Information published.</p> 3.0 2026-05-01T14:46:31 <p>Information published.</p> In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. Mariner mitre Yes CVE-2026-40225 Incorrect Resource Transfer Between Spheres 21125-17086 21282-17084 21060-17084 21125-17086 21282-17084 21060-17084 Moderate 21125-17086 Moderate 21282-17084 Moderate 21060-17084 6.4 5.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21125-17086 6.4 5.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21282-17084 6.4 5.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21060-17084 CBL-Mariner Releases 21282-17084 No Security Update 255-28 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21282-17084 CBL-Mariner Releases 1.0 2026-04-29T01:06:51 <p>Information published.</p> 2.0 2026-04-29T14:59:35 <p>Information published.</p> 3.0 2026-05-27T01:42:56 <p>Information published.</p> Potential buffer overflow in ns_sprintrrf TSIG handling path Mariner glibc Yes CVE-2026-5435 Out-of-bounds Write 21140-17084 20935-17086 21140-17084 20935-17086 Important 21140-17084 Important 20935-17086 8.6 7.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:U 21140-17084 7.3 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 20935-17086 1.0 2026-04-29T01:07:02 <p>Information published.</p> 2.0 2026-04-30T01:09:35 <p>Information published.</p> Insecure Directory Permissions in GNU nano Leading to Privilege Abuse Mariner CERT-PL Yes CVE-2026-40556 Incorrect Permission Assignment for Critical Resource 17720-17084 17720-17084 17720-17084 1.0 2026-04-29T01:07:07 <p>Information published.</p> Emacs: emacs: memory corruption vulnerability when processing svg css Mariner redhat Yes CVE-2026-6861 Off-by-one Error 17557-17084 17168-17086 21314-17084 17557-17084 17168-17086 21314-17084 Moderate 17557-17084 Moderate 17168-17086 Moderate 21314-17084 6.1 5.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H/E:U 17557-17084 6.1 5.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H/E:U 17168-17086 6.1 5.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H/E:U 21314-17084 CBL-Mariner Releases 17557-17084 21314-17084 No Security Update 29.4-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17557-17084 21314-17084 CBL-Mariner Releases 1.0 2026-04-29T01:09:36 <p>Information published.</p> 2.0 2026-05-04T14:42:28 <p>Information published.</p> 3.0 2026-05-06T14:43:22 <p>Information published.</p> Libsoup: libsoup: http request smuggling via duplicate content-length headers Mariner redhat Yes CVE-2026-2708 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') 21115-17086 21202-17084 21115-17086 21202-17084 Low 21115-17086 Low 21202-17084 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U 21115-17086 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U 21202-17084 1.0 2026-04-29T01:09:44 <p>Information published.</p> 2.0 2026-04-30T01:54:45 <p>Information published.</p> Libxml2: libxml2: denial of service via crafted xsd-validated document Mariner redhat Yes CVE-2026-6732 Access of Resource Using Incompatible Type ('Type Confusion') 20940-17086 20960-17084 20940-17086 20960-17084 Moderate 20940-17086 Moderate 20960-17084 6.5 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20940-17086 6.5 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20960-17084 1.0 2026-04-29T01:09:52 <p>Information published.</p> 2.0 2026-04-30T01:54:53 <p>Information published.</p> BaseCookie.js_output() does not neutralize embedded characters Mariner PSF Yes CVE-2026-6019 Improper Neutralization of Escape, Meta, or Control Sequences 20937-17086 21100-17084 21021-17084 20937-17086 21100-17084 21021-17084 Low 20937-17086 Low 21100-17084 Low 21021-17084 1.0 2026-04-29T01:10:33 <p>Information published.</p> 2.0 2026-04-30T01:55:25 <p>Information published.</p> Xorg: xwayland: x.org x server: use-after-free vulnerability leads to server crash and potential memory corruption Mariner redhat Yes CVE-2026-34001 Expired Pointer Dereference 20351-17086 21247-17084 21316-17084 20351-17086 21247-17084 21316-17084 Important 20351-17086 Important 21247-17084 Important 21316-17084 7.8 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 20351-17086 7.8 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21247-17084 7.8 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21316-17084 CBL-Mariner Releases 21247-17084 21316-17084 No Security Update 24.1.6-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21247-17084 21316-17084 CBL-Mariner Releases 2.0 2026-05-06T01:42:06 <p>Information published.</p> 1.0 2026-04-29T01:11:22 <p>Information published.</p> 3.0 2026-05-06T14:44:03 <p>Information published.</p> Xorg: xwayland: x.org x server: information exposure and denial of service via out-of-bounds memory access Mariner redhat Yes CVE-2026-34003 Out-of-bounds Read 20351-17086 21247-17084 21316-17084 20351-17086 21247-17084 21316-17084 Moderate 20351-17086 Moderate 21247-17084 Moderate 21316-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 20351-17086 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21247-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21316-17084 CBL-Mariner Releases 21247-17084 21316-17084 No Security Update 24.1.6-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21247-17084 21316-17084 CBL-Mariner Releases 2.0 2026-05-06T01:42:20 <p>Information published.</p> 1.0 2026-04-29T01:11:30 <p>Information published.</p> 3.0 2026-05-06T14:44:12 <p>Information published.</p> net: openvswitch: Avoid releasing netdev before teardown completes Mariner Linux Yes CVE-2026-31508 21093-17086 21094-17084 21093-17086 21094-17084 Important 21093-17086 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21093-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.137.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-30T01:09:52 <p>Information published.</p> 2.0 2026-05-01T14:46:44 <p>Information published.</p> drm/i915/gt: Check set_default_submission() before deferencing Mariner Linux Yes CVE-2026-31540 21093-17086 21093-17086 Moderate 21093-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21093-17086 1.0 2026-04-30T01:10:00 <p>Information published.</p> Buffer overread in ns_printrrf with corrupted RDATA field Mariner glibc Yes CVE-2026-6238 Buffer Over-read 21140-17084 20935-17086 21140-17084 20935-17086 Moderate 21140-17084 Moderate 20935-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 21140-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 20935-17086 2.0 2026-05-01T01:01:23 <p>Information published.</p> 1.0 2026-04-30T01:10:27 <p>Information published.</p> Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() Mariner Linux Yes CVE-2026-31499 21248-17084 21308-17084 21332-17084 21344-17084 21248-17084 21308-17084 21332-17084 21344-17084 Moderate 21248-17084 Moderate 21308-17084 Moderate 21332-17084 Moderate 21344-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21248-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21332-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 3.0 2026-05-11T01:38:48 <p>Information published.</p> 1.0 2026-04-30T01:10:36 <p>Information published.</p> 2.0 2026-05-06T14:44:21 <p>Information published.</p> 4.0 2026-05-17T14:39:39 <p>Information published.</p> Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error. Mariner apache Yes CVE-2025-48431 Mismatched Memory Management Routines 20704-17086 17626-17084 20704-17086 17626-17084 Important 20704-17086 Moderate 17626-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20704-17086 6.2 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 17626-17084 CBL-Mariner Releases 17626-17084 No Security Update 0.15.0-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17626-17084 CBL-Mariner Releases 1.0 2026-04-30T01:10:55 <p>Information published.</p> 2.0 2026-05-01T01:04:14 <p>Information published.</p> 3.0 2026-05-13T01:39:49 <p>Information published.</p> Apache Thrift: Go TFramedTransport uint32 overflow Mariner apache Yes CVE-2026-41602 Integer Overflow or Wraparound 21281-17084 21284-17084 20394-17086 21258-17084 17626-17084 21252-17084 20704-17086 20393-17086 21126-17086 21281-17084 21284-17084 20394-17086 21258-17084 17626-17084 21252-17084 20704-17086 20393-17086 21126-17086 Important 21281-17084 Important 21284-17084 Important 20394-17086 Important 21258-17084 Important 17626-17084 Important 21252-17084 Important 20704-17086 Important 20393-17086 Important 21126-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21281-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21284-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20394-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21258-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 17626-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21252-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20704-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20393-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21126-17086 CBL-Mariner Releases 21281-17084 No Security Update 2.7.5-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21281-17084 CBL-Mariner Releases CBL-Mariner Releases 21284-17084 No Security Update 3.19.1.kata3-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21284-17084 CBL-Mariner Releases CBL-Mariner Releases 21258-17084 No Security Update 1.31.0-20 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21258-17084 CBL-Mariner Releases CBL-Mariner Releases 17626-17084 No Security Update 0.15.0-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17626-17084 CBL-Mariner Releases CBL-Mariner Releases 21252-17084 No Security Update 3.15.0.aks0-10 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21252-17084 CBL-Mariner Releases 3.0 2026-05-13T01:40:05 <p>Information published.</p> 4.0 2026-05-15T14:38:48 <p>Information published.</p> 1.0 2026-04-30T01:11:04 <p>Information published.</p> 2.0 2026-05-01T01:03:27 <p>Information published.</p> Apache Thrift: Swift Range crash in skip() Mariner apache Yes CVE-2026-41604 Out-of-bounds Read 17626-17084 20704-17086 17626-17084 20704-17086 Important 17626-17084 Important 20704-17086 8.2 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H 17626-17084 8.2 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U 20704-17086 2.0 2026-05-01T01:04:03 <p>Information published.</p> 3.0 2026-05-19T01:40:12 <p>Information published.</p> 1.0 2026-04-30T01:11:22 <p>Information published.</p> Apache Thrift: Swift Compact Protocol integer overflow Mariner apache Yes CVE-2026-41605 Integer Overflow or Wraparound 17626-17084 20704-17086 17626-17084 20704-17086 Important 17626-17084 Moderate 20704-17086 7.3 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 17626-17084 7.3 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U 20704-17086 CBL-Mariner Releases 17626-17084 No Security Update 0.15.0-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17626-17084 CBL-Mariner Releases 3.0 2026-05-13T01:40:21 <p>Information published.</p> 1.0 2026-04-30T01:11:30 <p>Information published.</p> 2.0 2026-05-01T01:04:28 <p>Information published.</p> Apache Thrift: c_glib dispatch stack overflow Mariner apache Yes CVE-2026-41606 Uncontrolled Recursion 17626-17084 20704-17086 17626-17084 20704-17086 Moderate 17626-17084 Moderate 20704-17086 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 17626-17084 5.3 4.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U 20704-17086 2.0 2026-05-01T01:03:58 <p>Information published.</p> 1.0 2026-04-30T01:11:39 <p>Information published.</p> rtnetlink: add missing netlink_ns_capable() check for peer netns Mariner Linux Yes CVE-2026-31692 21248-17084 21332-17084 21308-17084 21344-17084 21248-17084 21332-17084 21308-17084 21344-17084 Moderate 21248-17084 Moderate 21332-17084 Moderate 21308-17084 Moderate 21344-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U 21248-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U 21332-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U 21308-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21344-17084 3.0 2026-05-11T01:38:56 <p>Information published.</p> 4.1 2026-05-22T01:42:37 <p>Information published.</p> 1.0 2026-05-01T01:02:51 <p>Information published.</p> 2.0 2026-05-06T14:44:29 <p>Information published.</p> 4.0 2026-05-17T14:39:49 <p>Information published.</p> In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message. Mariner mitre Yes CVE-2026-40355 NULL Pointer Dereference 20902-17084 20903-17086 20902-17084 20903-17086 Moderate 20902-17084 Moderate 20903-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20902-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20903-17086 CBL-Mariner Releases 20902-17084 No Security Update 1.21.3-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20902-17084 CBL-Mariner Releases 1.0 2026-05-01T01:03:46 <p>Information published.</p> 2.0 2026-05-11T14:42:26 <p>Information published.</p> Binutils: binutils: denial of service via crafted elf file Mariner redhat Yes CVE-2026-6845 NULL Pointer Dereference 20936-17086 21200-17084 20936-17086 21200-17084 Moderate 20936-17086 Moderate 21200-17084 5.0 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H 20936-17086 5.0 4.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:U 21200-17084 1.0 2026-05-03T01:01:52 <p>Information published.</p> 2.0 2026-05-04T14:41:45 <p>Information published.</p> Binutils: binutils: arbitrary code execution via malformed xcoff object file processing Mariner redhat Yes CVE-2026-6846 Heap-based Buffer Overflow 21201-17084 20936-17086 21200-17084 20598-17086 21201-17084 20936-17086 21200-17084 20598-17086 Important 21201-17084 Important 20936-17086 Important 21200-17084 Important 20598-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 21201-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 20936-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 21200-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 20598-17086 CBL-Mariner Releases 21201-17084 No Security Update 13.2-8 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21201-17084 CBL-Mariner Releases CBL-Mariner Releases 21200-17084 No Security Update 2.41-12 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21200-17084 CBL-Mariner Releases 2.0 2026-05-04T14:42:00 <p>Information published.</p> 3.0 2026-05-15T14:39:01 <p>Information published.</p> 1.0 2026-05-03T01:02:05 <p>Information published.</p> A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3.41 when parsing job files containing the fdp_pli option. The callback function str_fdp_pli_cb() does not validate the input pointer and calls strdup() on a NULL value when the option is specified without an argument. This results in a segmentation fault and process crash. Mariner mitre Yes CVE-2026-30656 NULL Pointer Dereference 20574-17084 20544-17086 20574-17084 20544-17086 Important 20574-17084 Important 20544-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20574-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20544-17086 CBL-Mariner Releases 20574-17084 No Security Update 3.37-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20574-17084 CBL-Mariner Releases 2.0 2026-05-04T14:42:08 <p>Information published.</p> 3.0 2026-05-15T14:39:08 <p>Information published.</p> 1.0 2026-05-03T01:02:35 <p>Information published.</p> Nano: nano: format string vulnerability leads to denial of service Mariner redhat Yes CVE-2026-6843 Use of Externally-Controlled Format String 20092-17086 17720-17084 20092-17086 17720-17084 Moderate 20092-17086 Moderate 17720-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20092-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 17720-17084 CBL-Mariner Releases 17720-17084 No Security Update 6.4-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 17720-17084 CBL-Mariner Releases 1.0 2026-05-03T01:02:51 <p>Information published.</p> 2.0 2026-05-04T14:42:18 <p>Information published.</p> 3.0 2026-05-08T01:42:31 <p>Information published.</p> Storable versions before 3.05 for Perl has a stack overflow Mariner CPANSec Yes CVE-2017-20230 Stack-based Buffer Overflow 20310-17086 20313-17084 20310-17086 20313-17084 Critical 20310-17086 Critical 20313-17084 10.0 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 20310-17086 10.0 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 20313-17084 1.0 2026-05-03T01:03:00 <p>Information published.</p> 2.0 2026-05-04T14:42:27 <p>Information published.</p> Lockfile checksums not verified in Hex allows dependency integrity bypass Mariner EEF Yes CVE-2026-32148 Improper Validation of Integrity Check Value 19983-17086 19983-17086 Important 19983-17086 1.0 2026-05-03T01:03:30 <p>Information published.</p> 2.0 2026-05-04T14:42:57 <p>Information published.</p> Little CMS (lcms2) 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c. Mariner mitre Yes CVE-2026-42798 Integer Overflow or Wraparound 21225-17086 21287-17084 21225-17086 21287-17084 Moderate 21225-17086 Moderate 21287-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21225-17086 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21287-17084 1.0 2026-05-05T01:03:12 <p>Information published.</p> ngtcp2 has a qlog transport parameter serialization stack buffer overflow Mariner GitHub_M Yes CVE-2026-40170 Stack-based Buffer Overflow 21130-17086 21251-17084 21259-17084 21130-17086 21251-17084 21259-17084 Important 21130-17086 Moderate 21251-17084 Moderate 21259-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21130-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21251-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21259-17084 1.0 2026-05-05T01:03:34 <p>Information published.</p> 2.0 2026-05-19T01:44:38 <p>Information published.</p> Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Shell. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34317 Improper Resource Shutdown or Release 21155-17086 21155-17086 Moderate 21155-17086 5.0 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H 21155-17086 1.0 2026-05-07T01:03:27 <p>Information published.</p> Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Shell. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H). Mariner oracle Yes CVE-2026-34319 Observable Response Discrepancy 21155-17086 21155-17086 Moderate 21155-17086 5.0 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H 21155-17086 1.0 2026-05-07T01:03:41 <p>Information published.</p> Gnutls: gnutls: denial of service via dtls zero-length fragment Mariner redhat Yes CVE-2026-33845 Integer Underflow (Wrap or Wraparound) 20912-17086 20911-17084 20912-17086 20911-17084 Important 20912-17086 Important 20911-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20912-17086 8.2 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U 20911-17084 CBL-Mariner Releases 20911-17084 No Security Update 3.8.3-9 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20911-17084 CBL-Mariner Releases 1.0 2026-05-07T01:10:44 <p>Information published.</p> 2.0 2026-05-17T14:48:30 <p>Information published.</p> Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison Mariner redhat Yes CVE-2026-3833 Improper Handling of Case Sensitivity 20912-17086 20911-17084 20912-17086 20911-17084 Moderate 20912-17086 Moderate 20911-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 20912-17086 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 20911-17084 1.0 2026-05-07T01:10:52 <p>Information published.</p> 2.0 2026-05-19T01:46:32 <p>Information published.</p> Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response Mariner redhat Yes CVE-2026-3832 Incorrect Behavior Order: Early Validation 20912-17086 20911-17084 20912-17086 20911-17084 Low 20912-17086 Low 20911-17084 3.7 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 20912-17086 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U 20911-17084 1.0 2026-05-07T01:11:00 <p>Information published.</p> 2.0 2026-05-09T01:39:42 <p>Information published.</p> Kubevirt: kubevirt: unauthorized subresource access due to improper rbac evaluation Mariner redhat Yes CVE-2026-6383 Incorrect Authorization 20947-17086 21299-17084 20947-17086 21299-17084 Moderate 20947-17086 Moderate 21299-17084 5.4 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 20947-17086 5.4 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N 21299-17084 1.0 2026-05-07T01:12:30 <p>Information published.</p> An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys. Mariner mitre Yes CVE-2026-34875 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 21259-17084 21370-17084 21259-17084 21370-17084 Critical 21259-17084 21370-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21259-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21370-17084 1.0 2026-05-07T01:12:41 <p>Information published.</p> 2.0 2026-05-14T14:38:43 <p>Information published.</p> 3.0 2026-05-31T01:03:44 <p>Information published.</p> An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0. Mariner mitre Yes CVE-2026-34874 NULL Pointer Dereference 21259-17084 21370-17084 21259-17084 21370-17084 Moderate 21259-17084 21370-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21259-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21370-17084 1.0 2026-05-07T01:12:47 <p>Information published.</p> 2.0 2026-05-19T01:47:32 <p>Information published.</p> 3.0 2026-05-31T01:04:01 <p>Information published.</p> An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtls_ccm_finish() in library/ccm.c allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized tag_len parameter. This is caused by missing validation of the tag_len parameter against the size of the internal 16-byte authentication buffer. The issue affects the public multipart CCM API in Mbed TLS 3.x, where mbedtls_ccm_finish() can be invoked directly by applications. In Mbed TLS 4.x versions prior to the fix, the same missing validation exists in the internal implementation; however, the function is not exposed as part of the public API. Exploitation requires application-level invocation of the multipart CCM API. Mariner mitre Yes CVE-2026-34876 Out-of-bounds Read 21259-17084 21370-17084 21259-17084 21370-17084 Moderate 21259-17084 21370-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U 21259-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 21370-17084 1.0 2026-05-07T01:12:52 <p>Information published.</p> 2.0 2026-05-19T01:47:37 <p>Information published.</p> 3.0 2026-05-31T01:02:44 <p>Information published.</p> Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG). Mariner mitre Yes CVE-2026-25835 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) 21259-17084 21370-17084 21259-17084 21370-17084 Important 21259-17084 21370-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U 21259-17084 7.7 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 21370-17084 2.0 2026-05-19T01:47:43 <p>Information published.</p> 1.0 2026-05-07T01:12:58 <p>Information published.</p> 3.0 2026-05-31T01:03:22 <p>Information published.</p> In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected. Mariner mitre Yes CVE-2025-66442 Covert Timing Channel 21259-17084 21370-17084 21259-17084 21370-17084 Moderate 21259-17084 21370-17084 5.1 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U 21259-17084 5.1 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 21370-17084 1.0 2026-05-07T01:13:04 <p>Information published.</p> 2.0 2026-05-19T01:47:48 <p>Information published.</p> 3.0 2026-05-31T01:02:49 <p>Information published.</p> An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session. Mariner mitre Yes CVE-2026-34873 Improper Authentication 21259-17084 21370-17084 21259-17084 21370-17084 Moderate 21259-17084 21370-17084 7.4 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U 21259-17084 9.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 21370-17084 1.0 2026-05-07T01:13:10 <p>Information published.</p> 2.0 2026-05-19T01:47:54 <p>Information published.</p> 3.0 2026-05-31T01:04:07 <p>Information published.</p> An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG). Mariner mitre Yes CVE-2026-34871 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 21259-17084 21370-17084 21259-17084 21370-17084 Moderate 21259-17084 21370-17084 6.7 6.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U 21259-17084 6.7 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N 21370-17084 1.0 2026-05-07T01:13:15 <p>Information published.</p> 2.0 2026-05-19T01:48:00 <p>Information published.</p> 3.0 2026-05-31T01:03:39 <p>Information published.</p> An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values (lack of contributory behavior). This is a problem for protocols that depend on contributory behavior (which is not the case for TLS). The attack can be carried by the peer, or depending on the protocol by an active network attacker (person in the middle). Mariner mitre Yes CVE-2026-34872 Improper Verification of Cryptographic Signature 21259-17084 21370-17084 21259-17084 21370-17084 Moderate 21259-17084 21370-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U 21259-17084 9.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 21370-17084 2.0 2026-05-19T01:48:06 <p>Information published.</p> 1.0 2026-05-07T01:13:21 <p>Information published.</p> 3.0 2026-05-31T01:03:10 <p>Information published.</p> Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade. Mariner mitre Yes CVE-2026-25834 Improper Certificate Validation 21259-17084 21370-17084 21259-17084 21370-17084 Moderate 21259-17084 21370-17084 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U 21259-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 21370-17084 1.0 2026-05-07T01:13:26 <p>Information published.</p> 2.0 2026-05-19T01:48:11 <p>Information published.</p> 3.0 2026-05-31T01:04:17 <p>Information published.</p> Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function Mariner mitre Yes CVE-2026-25833 Stack-based Buffer Overflow 21259-17084 21370-17084 21259-17084 21370-17084 Moderate 21259-17084 21370-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21259-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21370-17084 1.0 2026-05-07T01:13:32 <p>Information published.</p> 2.0 2026-05-19T01:48:17 <p>Information published.</p> 3.0 2026-05-31T01:04:22 <p>Information published.</p> In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. Mariner mitre Yes CVE-2026-41082 Path Traversal: '../filedir' 21322-17084 21322-17084 Important 21322-17084 7.3 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L 21322-17084 2.0 2026-05-19T01:48:22 <p>Information published.</p> 1.0 2026-05-07T01:13:38 <p>Information published.</p> Pallets Click contains a command injection via Unsanitized Filename "click.edit()" Mariner certcc Yes CVE-2026-7246 21343-17084 21021-17084 21343-17084 21021-17084 Important 21343-17084 Important 21021-17084 7.2 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H 21343-17084 7.2 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H 21021-17084 CBL-Mariner Releases 21343-17084 No Security Update 8.1.7-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21343-17084 CBL-Mariner Releases 3.0 2026-05-19T01:49:36 <p>Information published.</p> 4.0 2026-05-23T01:44:47 <p>Information published.</p> 1.0 2026-05-17T01:01:44 <p>Information published.</p> 2.0 2026-05-18T14:39:52 <p>Information published.</p> Microsoft Dynamics 365 (online) Spoofing Vulnerability <p>Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Microsoft Dynamics 365 (Online) Microsoft No CVE-2026-32210 Server-Side Request Forgery (SSRF) 21219 Spoofing 21219 Critical 21219 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 9.3 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 21219 <a href="https://x.com/nmdhkr">Brad Schlintz (nmdhkr)</a> <a href="https://nl.linkedin.com/in/sander-meijering">Sander Meijering</a> with <a href="https://hackify.nl/">Hackify</a> Gavin Davies with CCL Solutions Group 1.0 2026-04-23T07:00:00 <p>Information published.</p> Microsoft 365 Copilot Elevation of Privilege Vulnerability <p>Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> M365 Copilot Microsoft No CVE-2026-33102 URL Redirection to Untrusted Site ('Open Redirect') 16765 Elevation of Privilege 16765 Critical 16765 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 9.3 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 16765 Henrique Pereira with Microsoft Rodrigo Silva with Microsoft Bushra Aloraini with Microsoft 1.0 2026-04-23T07:00:00 <p>Information published.</p> Microsoft Bing Remote Code Execution Vulnerability <p>Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Microsoft Bing Microsoft No CVE-2026-33819 Deserialization of Untrusted Data 12500 Remote Code Execution 12500 Critical 12500 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 10.0 8.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12500 1.0 2026-04-23T07:00:00 <p>Information published.</p> Windows Management Services Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows Management Services Microsoft Yes CVE-2026-20930 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix <p>Missing cryptographic step in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass Secure Boot.</p> <p><strong>Why is this vulnerability being published under a MITRE CVE rather than a Microsoft‑assigned CVE?</strong></p> <p>The vulnerability exists in third‑party firmware rather than Microsoft‑developed code. Although Windows is affected, the CVE is issued by MITRE in accordance with standard disclosure practices while Microsoft provides mitigations to help protect customers.</p> Windows Secure Boot MITRE Yes CVE-2026-25250 Missing Cryptographic Step 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20854 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20853 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11568 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11569 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11929 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11930 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11931 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12097 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12098 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12099 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12437 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20437 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20438 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12242 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12243 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12389 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12390 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12436 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10852 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10853 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10816 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10855 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10378 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10379 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10483 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 L&#233;o Muff Stas Lyakhov with <a href="https://eclypsium.com/">Eclypsium</a> Mickey Shkatov with <a href="https://eclypsium.com/">Eclypsium</a> Stas Lyakhov with <a href="https://eclypsium.com/">Eclypsium</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability <p>Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an authorized attacker to disclose information over a network.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could disclose the contents of the Model Context Protocol (MCP) when using Copilot.</p> GitHub Copilot and Visual Studio Code Microsoft Yes CVE-2026-23653 Improper Neutralization of Special Elements used in a Command ('Command Injection') 16782 Information Disclosure 16782 Important 16782 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.7 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 16782 Release Notes https://code.visualstudio.com/Download 16782 Maybe Security Update 0.37.3 https://github.com/microsoft/vscode/ 16782 Release Notes Jose Rodrigo Sanchez Vicarte with Microsoft Jose Rodrigo Sanchez Vicarte with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Applocker Filter Driver (applockerfltr.sys) Microsoft Yes CVE-2026-25184 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://x.com/dark_puzzle">Souhail Hammou</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft SharePoint Server Spoofing Vulnerability <p>Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?</strong></p> <p>This means an authenticated user can upload malicious content, but exploitation only occurs if they convince another user to visit or interact with that content.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).</p> <p><strong>There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?</strong></p> <p>Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.</p> Microsoft Office SharePoint Microsoft Yes CVE-2026-20945 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 10950 11585 11961 Spoofing 10950 Spoofing 11585 Spoofing 11961 Important 10950 Important 11585 Important 11961 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 4.6 4.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C 10950 4.6 4.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C 11585 4.6 4.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C 11961 5002861 https://www.microsoft.com/en-us/download/details.aspx?id=108611 5002850 10950 Maybe Security Update 16.0.5548.1003 https://support.microsoft.com/help/5002861 10950 5002861 5002862 https://www.microsoft.com/en-us/download/details.aspx?id=108604 5002851 10950 Maybe Security Update 16.0.5548.1003 https://support.microsoft.com/help/5002862 10950 5002862 5002854 https://www.microsoft.com/en-us/download/details.aspx?id=108608 5002845 11585 Maybe Security Update 16.0.10417.20114 https://support.microsoft.com/help/5002854 11585 5002854 5002856 https://www.microsoft.com/en-us/download/details.aspx?id=108605 5002847 11585 Maybe Security Update 16.0.10417.20114 https://support.microsoft.com/help/5002856 11585 5002856 5002853 https://www.microsoft.com/en-us/download/details.aspx?id=108607 5002843 11961 Maybe Security Update 16.0.19725.20210 https://support.microsoft.com/help/5002853 11961 5002853 Felix B. 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability <p>Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass the Virtualization‑Based Security (VBS) feature, specifically the Virtual Secure Mode (VSM) isolation between Virtual Trust Level 0 (VTL0) and Virtual Trust Level 1 (VTL1). This could allow a compromised Windows kernel to modify memory belonging to the secure kernel, breaking the intended isolation guarantees provided by VBS.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.</p> Windows Virtualization-Based Security (VBS) Enclave Microsoft Yes CVE-2026-23670 Untrusted Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20854 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20853 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11568 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11569 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11929 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11930 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11931 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12097 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12098 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12099 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12437 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20437 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20438 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12242 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12243 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12389 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12390 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12436 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10852 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10853 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10816 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Sam Collins, University of Birmingham in collaboration with Prof Tom Chothia and Dr Marius Muench 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Power Apps Desktop Client Spoofing Vulnerability <p>Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R) and privileges required are Low (PR:L). What does that mean for this vulnerability?</strong></p> <p>A user must interact with a malicious Power Apps canvas app, such as by opening or using it. Additionally, an attacker only needs basic capabilities to create or share a Power App; they do not need administrative access.</p> <p><strong>According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker could create a malicious Power Apps canvas app that includes an external protocol link disguised with leading whitespace. When a user opens the app, the resulting warning dialog may appear incomplete or misleading. If the user proceeds, the app could trigger an external protocol call that performs unintended actions on the user’s device.</p> Microsoft Power Apps Microsoft Yes CVE-2026-26149 Improper Neutralization of Escape, Meta, or Control Sequences 16748 Spoofing 16748 Important 16748 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 9.0 7.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C 16748 Release Notes https://apps.microsoft.com/detail/9mvc8p1q3b29?hl=en-US&gl=US 16748 Maybe Security Update 3.26032.10.0 https://apps.microsoft.com/detail/9mvc8p1q3b29?hl=en-US&gl=US 16748 Release Notes <a href="https://www.linkedin.com/in/alasdair-gorniak/">Alasdair Gorniak</a> with <a href="https://delta.cyberm.ca/">Delta Obscura</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> 2.1 2026-04-27T07:00:00 2.0 2026-04-20T07:00:00 Remote Desktop Spoofing Vulnerability <p>Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and some loss of integrity (I:L), but no loss of availability (A:N). What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could view sensitive information, (Confidentiality), and make some changes to disclosed information (Integrity), but they would not be able to affect Availability.</p> <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted file that is designed to exploit the vulnerability.</p> <p>In any case an attacker would have no way to force a user to view attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could entice a user to either click a link that directs the user to the attacker's site or send a malicious attachment.</p> <p><strong>Where can I finder more information about this update</strong></p> <p>Starting with the April 2026 security update, the Remote Desktop Connection app shows new security warnings when you open RDP files. This article explains what these warnings mean and how to respond to them safely: <a href="https://go.microsoft.com/fwlink/?linkid=2347342">https://go.microsoft.com/fwlink/?linkid=2347342</a></p> Windows Remote Desktop Microsoft Yes CVE-2026-26151 Insufficient UI Warning of Dangerous Operations 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Spoofing 20854 Spoofing 20853 Spoofing 11568 Spoofing 11569 Spoofing 11571 Spoofing 11572 Spoofing 11923 Spoofing 11924 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 12097 Spoofing 12098 Spoofing 12099 Spoofing 12437 Spoofing 20437 Spoofing 20438 Spoofing 12242 Spoofing 12243 Spoofing 12244 Spoofing 12389 Spoofing 12390 Spoofing 12436 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 10378 Spoofing 10379 Spoofing 10483 Spoofing 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20854 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20853 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11568 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11569 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11571 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11572 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11923 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11924 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11929 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11930 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11931 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12097 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12098 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12099 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12437 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20437 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20438 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12242 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12243 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12244 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12389 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12390 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12436 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10852 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10853 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10816 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10855 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10378 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10379 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10483 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 The UK's National Cyber Security Centre (NCSC) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Server Update Service (WSUS) Tampering Vulnerability <p>Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of availability (A:H). What does that mean for this vulnerability?</strong></p> <p>An attacker can send specially crafted packets which could affect availability of the service and result in Denial of Service (DoS).</p> Windows Server Update Service Microsoft Yes CVE-2026-26154 Improper Input Validation 11571 11572 11923 11924 12437 12244 12436 10816 10855 10378 10379 10483 10543 Tampering 11571 Tampering 11572 Tampering 11923 Tampering 11924 Tampering 12437 Tampering 12244 Tampering 12436 Tampering 10816 Tampering 10855 Tampering 10378 Tampering 10379 Tampering 10483 Tampering 10543 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12244 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12436 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 f7d8c52bec79e42795cf15888b85cbad 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.</p> Windows Local Security Authority Subsystem Service (LSASS) Microsoft Yes CVE-2026-26155 Buffer Over-read 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Howard McGreehan with MSRC V&M 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Desktop Licensing Service Elevation of Privilege Vulnerability <p>Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Remote Desktop Licensing Service Microsoft Yes CVE-2026-26160 Missing Authentication for Critical Function 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Howard McGreehan with MSRC V&M 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Sensor Data Service Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Sensor Data Service Microsoft Yes CVE-2026-26161 Untrusted Pointer Dereference Improper Input Validation 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://twitter.com/arudd1ck">Andrew Ruddick</a> with Microsoft Red Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows OLE Elevation of Privilege Vulnerability <p>Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows OLE Microsoft Yes CVE-2026-26162 Access of Resource Using Incompatible Type ('Type Confusion') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Hart Wilson with <a href="https://www.microsoft.com/">Microsoft</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Elevation of Privilege Vulnerability <p>Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Shell Microsoft Yes CVE-2026-26165 Use After Free 20854 20853 11923 11924 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11923 Important 11924 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Elevation of Privilege Vulnerability <p>Double free in Windows Shell allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Shell Microsoft Yes CVE-2026-26166 Double Free 11923 11924 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11923 Important 11924 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows Push Notifications Microsoft Yes CVE-2026-26167 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 <a href="https://x.com/h4urek">h4urek</a> with <a href="https://secsys.fudan.edu.cn/">secsys lab</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Update Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires that the target system be set up in a specific manner and the attacker to have knowledge of that setup.</p> Windows Server Update Service Microsoft Yes CVE-2026-26174 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Boot Manager Security Feature Bypass Vulnerability <p>Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass Secure Boot.</p> Windows Boot Manager Microsoft Yes CVE-2026-26175 Use of Uninitialized Resource 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Elevation of Privilege Vulnerability <p>Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Kernel Microsoft Yes CVE-2026-26179 Double Free 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 fastfail working with TrendAI Zero Day Initiative 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Elevation of Privilege Vulnerability <p>Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Kernel Microsoft Yes CVE-2026-26180 Heap-based Buffer Overflow 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Jason Lin 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Brokering File System Elevation of Privilege Vulnerability <p>Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Microsoft Brokering File System Microsoft Yes CVE-2026-26181 Use After Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 hazard 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability <p>Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows RPC API Microsoft Yes CVE-2026-26183 Improper Access Control 11571 11572 11923 11924 12437 12244 12436 10816 10855 10378 10379 10483 10543 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 12244 Elevation of Privilege 12436 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/ecthr0s">George Hughey</a> with MSRC Vulnerabilities &amp; Mitigations 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Hello Security Feature Bypass Vulnerability <p>Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>This vulnerability could allow an attacker with administrative control of the operating system to bypass protection mechanisms that rely on trusted, non‑rollback TPM counters. Specifically, it could undermine Windows Hello’s safeguards that prevent reuse of pre‑generated authentication keys and Recall’s protections against loading older, potentially tampered‑with settings.</p> Windows Hello Microsoft Yes CVE-2026-27906 Improper Input Validation 11929 11930 11931 12097 12098 12099 20437 20438 12242 12243 12389 12390 20854 20853 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 20854 Security Feature Bypass 20853 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 20437 Important 20438 Important 12242 Important 12243 Important 12389 Important 12390 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Nate Jones with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Storage Spaces Controller Elevation of Privilege Vulnerability <p>Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Storage Spaces Controller Microsoft Yes CVE-2026-27907 Integer Underflow (Wrap or Wraparound) 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Kang Minchae with Best of Best 14th Team JUSTWIN (Kim Dowon, Kang Minju, Kim Donggeon, Wi Siyeon, Yoon Junghyun) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability <p>Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows TDI Translation Driver (tdx.sys) Microsoft Yes CVE-2026-27908 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploits this vulnerability could gain access to a limited set of administrator-protected objects.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27915 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability <p>Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Microsoft Yes CVE-2026-27917 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Shell Microsoft Yes CVE-2026-27918 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 [h4urek](https://x.com/h4urek) with [secsys lab](https://security.fudan.edu.cn/) [h4urek](https://x.com/h4urek) with [secsys lab](https://security.fudan.edu.cn/) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27919 Untrusted Pointer Dereference 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows TCP/IP Microsoft Yes CVE-2026-27921 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Desktop Window Manager Microsoft Yes CVE-2026-27924 Use After Free 11923 11924 11929 11930 11931 12097 12098 12099 12242 12243 12244 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12242 Important 12243 Important 12244 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 Varun Goel 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Cloud Files Mini Filter Driver Microsoft Yes CVE-2026-27926 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11572 11569 11568 11571 11924 11923 11929 11930 11931 12097 12098 12437 12099 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11572 Elevation of Privilege 11569 Elevation of Privilege 11568 Elevation of Privilege 11571 Elevation of Privilege 11924 Elevation of Privilege 11923 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 12099 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11572 Important 11569 Important 11568 Important 11571 Important 11924 Important 11923 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12437 Important 12099 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11572 11569 11568 11571 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11572 11569 11568 11571 5082123 5082123 https://support.microsoft.com/help/5082123 11572 11569 11568 11571 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-27927 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11924 11923 11568 11929 11930 11569 11931 12097 11572 11571 12098 12099 12437 20437 12243 20438 12242 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11924 Elevation of Privilege 11923 Elevation of Privilege 11568 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11569 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 11572 Elevation of Privilege 11571 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 12243 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11924 Important 11923 Important 11568 Important 11929 Important 11930 Important 11569 Important 11931 Important 12097 Important 11572 Important 11571 Important 12098 Important 12099 Important 12437 Important 20437 Important 12243 Important 20438 Important 12242 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11572 11571 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11572 11571 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11572 11571 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12243 12242 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12243 12242 5082052 5082052 https://support.microsoft.com/help/5082052 12243 12242 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability <p>Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows LUAFV Microsoft Yes CVE-2026-27929 Time-of-check Time-of-use (TOCTOU) Race Condition 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://x.com/dark_puzzle">Souhail Hammou</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows GDI Information Disclosure Vulnerability <p>Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>This vulnerability may allow an attacker to access small portions of memory from the affected application when it processes a specially crafted Enhanced Metafile (EMF). This issue is an out‑of‑bounds read, any disclosure would be limited to whatever data happens to reside in adjacent memory at the time.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>The user would have to open or preview content that contains the malicious Enhanced Metafile (EMF).</p> Windows GDI Microsoft Yes CVE-2026-27931 Out-of-bounds Read 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 20854 Information Disclosure 20853 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 xina1i@psbc 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability <p>Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.</p> Windows Local Security Authority Subsystem Service (LSASS) Microsoft Yes CVE-2026-32071 NULL Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Denial of Service 20854 Denial of Service 20853 Denial of Service 11568 Denial of Service 11569 Denial of Service 11571 Denial of Service 11572 Denial of Service 11923 Denial of Service 11924 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 12097 Denial of Service 12098 Denial of Service 12099 Denial of Service 12437 Denial of Service 20437 Denial of Service 20438 Denial of Service 12242 Denial of Service 12243 Denial of Service 12244 Denial of Service 12389 Denial of Service 12390 Denial of Service 12436 Denial of Service 10852 Denial of Service 10853 Denial of Service 10816 Denial of Service 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20854 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12097 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12098 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12099 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20438 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12242 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12243 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12244 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12389 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12390 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12436 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Howard McGreehan with MSRC V&amp;M 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-32073 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous working with TrendAI Zero Day Initiative Anonymous working with TrendAI Zero Day Initiative 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>A high attack complexity means that successful exploitation is complex and time‑consuming, requiring significant effort and precise conditions for an attacker to reliably exploit the vulnerability.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-32075 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Package Catalog Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained (&quot;sandboxed&quot;) execution environment.</p> <p>Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows File Explorer Microsoft Yes CVE-2026-32081 Exposure of Sensitive Information to an Unauthorized Actor 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows SSDP Service Microsoft Yes CVE-2026-32082 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows SSDP Service Microsoft Yes CVE-2026-32083 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Procedure Call Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address.</p> Windows Remote Procedure Call Microsoft Yes CVE-2026-32085 Exposure of Sensitive Information to an Unauthorized Actor 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability <p>Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Function Discovery Service (fdwsd.dll) Microsoft Yes CVE-2026-32087 Heap-based Buffer Overflow 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Speech Brokered Api Elevation of Privilege Vulnerability <p>Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Speech Brokered Api Microsoft Yes CVE-2026-32089 Use After Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Speech Brokered Api Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Speech Brokered Api Microsoft Yes CVE-2026-32090 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Function Discovery Service (fdwsd.dll) Microsoft Yes CVE-2026-32093 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Time-of-check Time-of-use (TOCTOU) Race Condition Heap-based Buffer Overflow 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Desktop Window Manager Microsoft Yes CVE-2026-32152 Use After Free 11923 11924 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11923 Important 11924 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Desktop Window Manager Microsoft Yes CVE-2026-32154 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Remote Code Execution Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-32156 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Remote Code Execution 20854 Remote Code Execution 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Desktop Client Remote Code Execution Vulnerability <p>Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.</p> <p><strong>According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?</strong></p> <p>This attack requires an authorized user on the client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the machine when a victim connects to the attacking server with a vulnerable Remote Desktop Client.</p> Remote Desktop Client Microsoft Yes CVE-2026-32157 Use After Free 20854 20853 12457 11568 11569 11571 11572 11849 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Remote Code Execution 20854 Remote Code Execution 20853 Remote Code Execution 12457 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11849 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Critical 20854 Critical 20853 Critical 12457 Critical 11568 Critical 11569 Critical 11571 Critical 11572 Critical 11849 Critical 11923 Critical 11924 Critical 11929 Critical 11930 Critical 11931 Critical 12097 Critical 12098 Critical 12099 Critical 12437 Critical 20437 Critical 20438 Critical 12242 Critical 12243 Critical 12244 Critical 12389 Critical 12390 Critical 12436 Critical 10852 Critical 10853 Critical 10816 Critical 10855 Critical 10378 Critical 10379 Critical 10483 Critical 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12457 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11849 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Release Notes https://learn.microsoft.com/en-us/windows-app/whats-new?toc=admins%2Ftoc.json&tabs=windows 12457 11849 Maybe Security Update 2.0.1070.0 https://learn.microsoft.com/en-us/windows-app/whats-new?toc=admins%2Ftoc.json&tabs=windows 12457 11849 Release Notes 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 pwn2addr 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Push Notifications Microsoft Yes CVE-2026-32158 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Yun Cong with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.</p> Windows Push Notifications Microsoft Yes CVE-2026-32159 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Yun Cong with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.</p> Windows Push Notifications Microsoft Yes CVE-2026-32160 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Yun Cong with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> UEFI Secure Boot Security Feature Bypass Vulnerability <p>Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>The authentication feature could be bypassed as this vulnerability allows impersonation.</p> Windows Boot Loader Microsoft Yes CVE-2026-0390 Reliance on Untrusted Inputs in a Security Decision 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 10852 10853 10816 10855 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 <a href="https://x.com/alon_leviev">Alon Leviev</a> with Microsoft (STORM) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows User Interface Core Elevation of Privilege Vulnerability <p>Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> Windows User Interface Core Microsoft Yes CVE-2026-32165 Use After Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> SQL Server Elevation of Privilege Vulnerability <p>Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SQL sysadmin privileges.</p> <p><strong>I am running SQL Server on my system. What action do I need to take?</strong></p> <p>Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.</p> <p><strong>There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?</strong></p> <ul> <li>First, determine your SQL Server version number. For more information on determining your SQL Server version number, see <a href="https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates">Microsoft Knowledge Base Article 321185</a> - How to determine the version, edition, and update level of SQL Server and its components.</li> <li>Second, in the following table, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.</li> </ul> <p><strong>Note</strong> If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product to apply this and future security updates.</p> <table> <thead> <tr> <th>Update Number</th> <th>Title</th> <th>Version</th> <th>Apply if current product version is…</th> <th>This security update also includes servicing releases up through…</th> </tr> </thead> <tbody> <tr> <td><strong>5083245</strong></td> <td>Security update for SQL Server 2025 CU3+GDR</td> <td>17.0.4030.1</td> <td>17.0.4006.2 - 17.0.4025.3</td> <td>KB5077896 - Previous SQL2025 RTM CU3</td> </tr> <tr> <td><strong>5084814</strong></td> <td>Security update for SQL Server 2025 RTM+GDR</td> <td>17.0.1110.1</td> <td>17.0.1000.7 - 17.0.1105.2</td> <td>KB5077468 - Previous SQL2025 RTM GDR</td> </tr> <tr> <td><strong>5083252</strong></td> <td>Security update for SQL Server 2022 CU24+GDR</td> <td>16.0.4250.1</td> <td>16.0.4003.1 - 16.0.4245.2</td> <td>KB5080999 - Previous SQL2022 RTM CU24</td> </tr> <tr> <td><strong>5084815</strong></td> <td>Security update for SQL Server 2022 RTM+GDR</td> <td>16.0.1175.1</td> <td>16.0.1000.6 - 16.0.1170.5</td> <td>KB5077465 - Previous SQL2022 RTM GDR</td> </tr> <tr> <td><strong>5084816</strong></td> <td>Security update for SQL Server 2019 CU32+GDR</td> <td>15.0.4465.1</td> <td>15.0.4003.23 - 15.0.4460.4</td> <td>KB 5077469 - Previous SQL2019 RTM CU32 GDR</td> </tr> <tr> <td><strong>5084817</strong></td> <td>Security update for SQL Server 2019 RTM+GDR</td> <td>15.0.2165.1</td> <td>15.0.2000.5 - 15.0.2160.4</td> <td>KB 5077470 - Previous SQL2019 RTM GDR</td> </tr> <tr> <td><strong>5084818</strong></td> <td>Security update for SQL Server 2017 CU31+GDR</td> <td>14.0.3525.1</td> <td>14.0.3006.16 - 14.0.3520.4</td> <td>KB 5077471 - Previous SQL2017 RTM CU31 GDR</td> </tr> <tr> <td><strong>5084819</strong></td> <td>Security update for SQL Server 2017 RTM+GDR</td> <td>14.0.2105.1</td> <td>14.0.1000.169 - 14.0.2100.4</td> <td>KB 5077472 - Previous SQL2017 RTM GDR</td> </tr> <tr> <td><strong>5084820</strong></td> <td>Security update for SQL Server 2016 Azure Connect Feature Pack+GDR</td> <td>13.0.7080.1</td> <td>13.0.7000.253 - 13.0.7075.5</td> <td>KB 5077473 - Previous SQL2016 Azure Connect Feature Pack GDR</td> </tr> <tr> <td><strong>5084821</strong></td> <td>Security update for SQL Server 2016 SP3+GDR</td> <td>13.0.6485.1</td> <td>13.0.6300.2 - 13.0.6480.4</td> <td>KB 5077474 - Previous SQL2016 RTM GDR</td> </tr> </tbody> </table> <p><strong>What are the GDR and CU update designations and how do they differ?</strong></p> <p>The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.</p> <ul> <li>GDR updates – cumulatively only contain security updates for the given baseline.</li> <li>CU updates – cumulatively contain all functional fixes and security updates for the given baseline.</li> </ul> <p>For any given baseline, either the GDR or CU updates could be options (see below).</p> <ul> <li>If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.</li> <li>If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.</li> <li>If SQL Server installation has intentionally installed previous CU updates, then choose to install the CU security update package.</li> </ul> <p><strong>Note:</strong> You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.</p> <p><strong>Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?</strong></p> <p>Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.</p> SQL Server Microsoft Yes CVE-2026-32167 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 21090 21091 11478 11821 12048 12053 12147 12145 20748 16785 Elevation of Privilege 21090 Elevation of Privilege 21091 Elevation of Privilege 11478 Elevation of Privilege 11821 Elevation of Privilege 12048 Elevation of Privilege 12053 Elevation of Privilege 12147 Elevation of Privilege 12145 Elevation of Privilege 20748 Elevation of Privilege 16785 Important 21090 Important 21091 Important 11478 Important 11821 Important 12048 Important 12053 Important 12147 Important 12145 Important 20748 Important 16785 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 21090 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 21091 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11478 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11821 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12048 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12053 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12147 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12145 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20748 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16785 5083245 https://www.microsoft.com/en-us/download/details.aspx?id=108618 21090 Maybe Security Update 17.0.4030.1 https://support.microsoft.com/help/5083245 21090 5083245 5083252 https://www.microsoft.com/en-us/download/details.aspx?id=108620 21091 Maybe Security Update 16.0.4250.1 https://support.microsoft.com/help/5083252 21091 5083252 5084819 https://www.microsoft.com/en-us/download/details.aspx?id=108621 11478 Maybe Security Update 14.0.2105.1 https://support.microsoft.com/help/5084819 11478 5084819 5084817 https://www.microsoft.com/en-us/download/details.aspx?id=108619 11821 Maybe Security Update 15.0.2165.1 https://support.microsoft.com/help/5084817 11821 5084817 5084821 https://www.microsoft.com/en-us/download/details.aspx?id=108617 12048 Maybe Security Update 13.0.6485.1 https://support.microsoft.com/help/5084821 12048 5084821 5084820 https://www.microsoft.com/en-us/download/details.aspx?id=108624 12053 Maybe Security Update 13.0.7080.1 https://support.microsoft.com/help/5084820 12053 5084820 5084815 https://www.microsoft.com/en-us/download/details.aspx?id=108622 12147 Maybe Security Update 16.0.1175.1 https://support.microsoft.com/help/5084815 12147 5084815 5084818 https://www.microsoft.com/en-us/download/details.aspx?id=108623 12145 Maybe Security Update 14.0.3525.1 https://support.microsoft.com/help/5084818 12145 5084818 5084814 https://www.microsoft.com/en-us/download/details.aspx?id=108625 20748 Maybe Security Update 17.0.1110.1 https://support.microsoft.com/help/5084814 20748 5084814 5084816 https://www.microsoft.com/en-us/download/details.aspx?id=108626 16785 Maybe Security Update 15.0.4465.1 https://support.microsoft.com/help/5084816 16785 5084816 Dimitri Furman with Microsoft Dimitri Furman with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Azure Monitor Agent Elevation of Privilege Vulnerability <p>Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could an attacker gain with successful exploitation?</strong></p> <p>An attacker who successfully exploited the vulnerability could elevate their privileges to 'root' user.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker with the ability to run code as the syslog user on an affected Azure Linux Virtual Machine could modify specific configuration files used by the Azure Monitor agent. The agent processes these files with root‑level permissions and does not properly validate their contents, a malicious modification could cause the agent to execute unintended commands with elevated privileges. If exploited, the attacker could gain root access on the affected VM.</p> Azure Monitor Agent Microsoft Yes CVE-2026-32168 Improper Input Validation 12331 Elevation of Privilege 12331 Important 12331 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12331 Release Notes https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-manage?tabs=azure-cli 12331 No Security Update 1.35.9 https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-extension-versions 12331 Release Notes P1hcn 1.0 2026-04-14T07:00:00 <p>Information published.</p> .NET Spoofing Vulnerability <p>Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.</p> .NET Microsoft Yes CVE-2026-32178 Improper Neutralization of Special Elements 12459 16767 20837 20838 20839 12260 12415 12414 12416 12432 12434 12433 Spoofing 12459 Spoofing 16767 Spoofing 20837 Spoofing 20838 Spoofing 20839 Spoofing 12260 Spoofing 12415 Spoofing 12414 Spoofing 12416 Spoofing 12432 Spoofing 12434 Spoofing 12433 Important 12459 Important 16767 Important 20837 Important 20838 Important 20839 Important 12260 Important 12415 Important 12414 Important 12416 Important 12432 Important 12434 Important 12433 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12459 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 16767 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20837 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20838 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20839 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12260 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12415 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12414 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12416 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12432 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12434 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12433 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.12 12459 Maybe Security Update 17.12.19 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 12459 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.14 16767 Maybe Security Update 17.14.30 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 16767 Release Notes 5086095 https://dotnet.microsoft.com/download/dotnet/10.0 20837 20838 20839 Maybe Security Update 10.0.6 https://support.microsoft.com/help/5086095 20837 20838 20839 5086095 5086096 https://dotnet.microsoft.com/download/dotnet/8.0 12260 12415 12414 12416 Maybe Security Update 8.0.26 https://support.microsoft.com/help/5086096 12260 12415 12414 12416 5086096 5086097 https://dotnet.microsoft.com/download/dotnet/9.0 12432 12434 12433 Maybe Security Update 9.0.15 https://support.microsoft.com/help/5086097 12432 12434 12433 5086097 Ludvig Pedersen 1.0 2026-04-14T07:00:00 <p>Information published.</p> Connected User Experiences and Telemetry Service Denial of Service Vulnerability <p>Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.</p> Microsoft Windows Microsoft Yes CVE-2026-32181 Improper Privilege Management 20854 20853 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Denial of Service 20854 Denial of Service 20853 Denial of Service 11923 Denial of Service 11924 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 12097 Denial of Service 12098 Denial of Service 12099 Denial of Service 12437 Denial of Service 20437 Denial of Service 20438 Denial of Service 12242 Denial of Service 12243 Denial of Service 12244 Denial of Service 12389 Denial of Service 12390 Denial of Service 12436 Important 20854 Important 20853 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://x.com/h4urek">h4urek</a> with <a href="https://secsys.fudan.edu.cn/">secsys lab</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability <p>Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>What do customers need to do to mitigate this vulnerability?</strong></p> <p>Customers should install the latest security update for <strong>HPC Pack 2019 Update 3</strong> on affected systems. Microsoft has released HPC Pack 2019 Update 3 Fixes (<strong>Build 6.3.8355</strong>), which includes all previously released fixes for this vulnerability. Customers running HPC Pack 2019 Update 3 can apply this update directly, regardless of whether earlier fixes were installed. Customers using earlier versions of HPC Pack must first upgrade to HPC Pack 2019 Update 3 (Build 6.3.8328) before applying the fix. HPC Pack 2016 is not supported for this update; customers using that version must migrate to HPC Pack 2019 Update 3 to be protected. This update applies <strong>only to head nodes</strong> and updates a limited set of binaries related to the HPC Scheduler and Management services. Other node types are not affected and do not require action.</p> <p><strong>Is a fix available for HPC Pack 2016?</strong></p> <p>No. There are no QFE updates available for HPC Pack 2016. Customers using HPC Pack 2016 must migrate to HPC Pack 2019 Update 3 and then apply the available QFE to receive the fix.</p> <p><strong>Do I need to apply the QFE to all nodes in an HPC Pack cluster?</strong></p> <p>No. The QFE only needs to be applied to the head nodes of the HPC Pack cluster. Compute nodes are not affected and do not require the update.</p> Microsoft High Performance Compute Pack (HPC) Microsoft Yes CVE-2026-32184 Deserialization of Untrusted Data 12455 Elevation of Privilege 12455 Important 12455 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12455 Release Notes https://www.microsoft.com/en-us/download/details.aspx?id=108564 12455 No Security Update 6.3.8355 https://github.com/Azure/hpcpack/blob/master/CHANGELOG.md#hpc-pack-2019-update-3-qfe-kb5081004-638355---2212026 12455 Release Notes Long Zhang Long Zhang 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Information Disclosure Vulnerability <p>Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32188 Out-of-bounds Read 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Information Disclosure 10836 Information Disclosure 11573 Information Disclosure 11574 Information Disclosure 11762 Information Disclosure 11763 Information Disclosure 11951 Information Disclosure 11952 Information Disclosure 11953 Information Disclosure 12420 Information Disclosure 12421 Information Disclosure 12440 Information Disclosure 10739 Information Disclosure 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 10836 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11573 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11574 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11762 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11763 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11951 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11952 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11953 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 12420 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 12421 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 12440 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 10739 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 <a href="https://x.com/dnpushme">f4 &amp; Zhiniang Peng with HUST</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32189 Use After Free 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Remote Code Execution 10836 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10739 Remote Code Execution 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10836 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 Quan Jin with DBAPPSecurity WeBin Lab 1.0 2026-04-14T07:00:00 <p>Information published.</p> Azure Monitor Agent Elevation of Privilege Vulnerability <p>Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Azure Monitor Agent Microsoft Yes CVE-2026-32192 Deserialization of Untrusted Data 12331 Elevation of Privilege 12331 Important 12331 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12331 Release Notes https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-manage?tabs=azure-portal 12331 Maybe Security Update 1.41.0 https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-extension-versions 12331 Release Notes P1hcn 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Elevation of Privilege Vulnerability <p>Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows Kernel Microsoft Yes CVE-2026-32195 Stack-based Buffer Overflow 20854 20853 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://linkedin.com/in/jongseongkim">Jongseong Kim (nevul37), SEC-agent team</a> <a href="https://linkedin.com/in/hwiwonlee">Hwiwon Lee (hwiwonl), SEC-agent team</a> Gwanhyun Lee Dongjun Kim Anonymous <a href="https://x.com/x0rb1ts">0rb1t</a> with <a href="http://www.0rb1t.top/">None</a> <a href="https://github.com/qanux">Qanux</a> with None 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Spoofing Vulnerability <p>Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker would have to send the victim a malicious file that the victim would have to execute.</p> Windows Shell Microsoft Yes CVE-2026-32202 Protection Mechanism Failure 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Spoofing 11568 Spoofing 11569 Spoofing 11571 Spoofing 11572 Spoofing 11923 Spoofing 11924 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 12097 Spoofing 12098 Spoofing 12099 Spoofing 12437 Spoofing 20437 Spoofing 20438 Spoofing 12242 Spoofing 12243 Spoofing 12244 Spoofing 12389 Spoofing 12390 Spoofing 12436 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 10378 Spoofing 10379 Spoofing 10483 Spoofing 10543 Spoofing 20854 Spoofing 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11568 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11569 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11571 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11572 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11923 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11924 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11929 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11930 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 11931 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12097 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12098 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12099 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12437 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 20437 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 20438 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12242 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12243 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12244 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12389 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12390 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 12436 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 10852 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 10853 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 10816 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 10855 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 10378 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 10379 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 10483 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 10543 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 20854 4.3 4.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://www.linkedin.com/in/maorisio/">Maor Dahan</a> with <a href="https://www.akamai.com/blog/security-research">Akamai</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-27T07:00:00 <p>Corrected the Exploitability Index, Exploited flag and CVSS vector which was incorrect at the time of publication on 4/14/2026. This is an informational change only.</p> Windows Kernel Information Disclosure Vulnerability <p>Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.</p> Windows Kernel Microsoft Yes CVE-2026-32215 Insertion of Sensitive Information into Log File 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 MasterOogway 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Redirected Drive Buffering System Denial of Service Vulnerability <p>Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally.</p> Windows Redirected Drive Buffering Microsoft Yes CVE-2026-32216 NULL Pointer Dereference 20854 20853 Denial of Service 20854 Denial of Service 20853 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20853 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://bsky.app/profile/hexnomad.bsky.social">Erik Egsgard</a> with <a href="https://fieldeffect.com/">Field Effect</a> Xinyu Yu with Tsinghua University <a href="https://zhangshuqiao.org/">Shuqiao Zhang</a> with Tsinghua University ziiiro 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Information Disclosure Vulnerability <p>Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities.</p> Windows Kernel Microsoft Yes CVE-2026-32217 Insertion of Sensitive Information into Log File 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 MasterOogway 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Information Disclosure Vulnerability <p>Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities.</p> Windows Kernel Microsoft Yes CVE-2026-32218 Insertion of Sensitive Information into Log File 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 20854 Information Disclosure 20853 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 MasterOogway 1.0 2026-04-14T07:00:00 <p>Information published.</p> AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability <p>The vulnerability assigned to this CVE could lead to corruption of guest encrypted memory. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability.</p> <p>Please see the following for more information:</p> <ul> <li>[https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3016.html]</li> </ul> Input-Output Memory Management Unit (IOMMU) AMD Yes CVE-2023-20585 12437 20438 12390 12436 Tampering 12437 Tampering 20438 Tampering 12390 Tampering 12436 Important 12437 Important 20438 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.3 4.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C 12437 5.3 4.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C 20438 5.3 4.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C 12390 5.3 4.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C 12436 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20438 12390 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12390 5083769 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Brokering File System Elevation of Privilege Vulnerability <p>Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Microsoft Brokering File System Microsoft Yes CVE-2026-32219 Double Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 12437 20437 20438 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 hazard 1.0 2026-04-14T07:00:00 <p>Information published.</p> UEFI Secure Boot Security Feature Bypass Vulnerability <p>Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass the <a href="https://learn.microsoft.com/windows-hardware/design/device-experiences/oem-vbs">Virtualization-based Security</a> feature.</p> Windows Virtualization-Based Security (VBS) Enclave Microsoft Yes CVE-2026-32220 Improper Access Control 20854 20853 12437 20437 20438 12389 12390 12436 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Important 20854 Important 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 20854 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 20853 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12437 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 20437 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 20438 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12389 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12390 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Graphics Component Remote Code Execution Vulnerability <p>Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> Microsoft Graphics Component Microsoft Yes CVE-2026-32221 Heap-based Buffer Overflow 12437 20437 20438 12389 12390 12436 20854 20853 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 20854 Remote Code Execution 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Win32k Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Win32K - ICOMP Microsoft Yes CVE-2026-32222 Untrusted Pointer Dereference 20854 20853 12437 20437 20438 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability <p>Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows USB Print Driver Microsoft Yes CVE-2026-32223 Heap-based Buffer Overflow 12437 20437 20438 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Jongseong Kim (nevul37) working with ENKI Whitehat <a href="https://x.com/h4urek">hao huang</a> with <a href="https://secsys.fudan.edu.cn/">Fudan University secsys lab</a> Thanatos Tian &amp; @2st__ with Diffract &amp; Zhiniang Peng with HUST Dongjun Kim (smiljun), working with ENKI WhiteHat <a href="https://x.com/_patchpoint_">Donghyeon Oh</a> with <a href="https://patchpoint.io/">Patchpoint</a> Jonghoi Kim 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-16T07:00:00 <p>Acknowledgement added. This is an informational change only.</p> 1.3 2026-04-21T07:00:00 <p>Acknowledgement added. This is an informational change only.</p> Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability <p>Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires that the target system be set up in a specific manner and the attacker to have knowledge of that setup.</p> Windows Server Update Service Microsoft Yes CVE-2026-32224 Use After Free 20854 20853 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Word Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> Microsoft Office Word Microsoft Yes CVE-2026-33095 Use After Free 11762 11763 11951 11952 11953 12420 12421 12440 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 Click to Run 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes Haifei Li with <a href="https://pub.expmon.com/">EXPMON</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> HTTP.sys Denial of Service Vulnerability <p>Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.</p> Windows HTTP.sys Microsoft Yes CVE-2026-33096 Out-of-bounds Read 20854 20853 11923 11924 12437 20437 20438 12242 12243 12244 12389 12390 12436 Denial of Service 20854 Denial of Service 20853 Denial of Service 11923 Denial of Service 11924 Denial of Service 12437 Denial of Service 20437 Denial of Service 20438 Denial of Service 12242 Denial of Service 12243 Denial of Service 12244 Denial of Service 12389 Denial of Service 12390 Denial of Service 12436 Important 20854 Important 20853 Important 11923 Important 11924 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20854 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20438 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12242 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12243 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12244 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12389 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12390 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <p><a href="https://www.microsoft.com/en-us/msrc/glossary#Mitigation">Mitigation</a> refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability.</p> <p><strong>The following mitigating factors might help in your situation:</strong></p> <p><strong>Caution</strong> Follow these steps carefully. Serious problems might occur if you modify the registry incorrectly.</p> <p>To disable HTTP/3, remove the following registry values from the specified key:</p> <ol> <li>Open Registry Editor (regedit.exe).</li> <li>Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters.</li> <li>Back up the key: select <strong>Parameters</strong>, then select <strong>File</strong> &gt; <strong>Export</strong>, and save the .reg file to a secure location.</li> <li>If present, delete the <strong>EnableHttp3</strong> value.</li> <li>If present, delete the <strong>EnableAltSvc</strong> value.</li> <li>Restart the device after making these changes.</li> </ol> <p>After the restart, all http.sys-based server applications on that device will no longer serve HTTP/3 clients.</p> <p>Note: If either value is not present, no change is required for that value.</p> <p><strong>Restore:</strong> To undo this change, double-click the exported .reg file (or in Registry Editor, select <strong>File</strong> &gt; <strong>Import</strong>) to restore the previous settings.</p> <p>After you install the security update, you no longer need this mitigation.</p> WARP & MORSE teams at Microsoft Milad Nasr (Anthropic) and Calif.io with Claude WARP & MORSE teams at Microsoft Milad Nasr (Anthropic) and Calif.io with Claude 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability <p>Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Container Isolation FS Filter Driver Microsoft Yes CVE-2026-33098 Use After Free 11572 11924 11569 11571 11923 11929 11930 11931 12097 12099 20437 20438 12437 12098 12242 12243 11568 12244 12390 12389 12436 20854 20853 10852 10853 10816 10855 Elevation of Privilege 11572 Elevation of Privilege 11924 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11923 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12099 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12437 Elevation of Privilege 12098 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 11568 Elevation of Privilege 12244 Elevation of Privilege 12390 Elevation of Privilege 12389 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11572 Important 11924 Important 11569 Important 11571 Important 11923 Important 11929 Important 11930 Important 11931 Important 12097 Important 12099 Important 20437 Important 20438 Important 12437 Important 12098 Important 12242 Important 12243 Important 11568 Important 12244 Important 12390 Important 12389 Important 12436 Important 20854 Important 20853 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11572 11569 11571 11568 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11572 11569 11571 11568 5082123 5082123 https://support.microsoft.com/help/5082123 11572 11569 11571 11568 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12099 12098 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12099 12098 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12099 12098 5082200 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12390 12389 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12390 12389 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12390 12389 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability <p>Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.</p> .NET, .NET Framework, Visual Studio Microsoft Yes CVE-2026-33116 Loop with Unreachable Exit Condition ('Infinite Loop') Uncontrolled Resource Consumption Improper Input Validation 20838 20839 12260 12414 12415 12432 12416 12434 12433 11650-10852 11650-10853 11650-10378 11650-10379 11650-10483 11650-10543 11676-11568 11676-11569 11676-11570 11676-11923 11676-11924 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 11677-11568 11677-11569 11677-11570 11863-10378 11863-10379 11863-10483 11863-10543 12079-11923 12079-11924 12079-11929 12079-11930 12079-11931 12079-12085 12079-12086 12079-12097 12079-12098 12079-12099 12079-20437 12079-20438 12079-12242 12079-12243 12079-12244 12079-12389 12079-12390 2472-10378 2472-10379 2472-10483 2472-10543 12079-12436 12079-20854 12079-12437 12079-21196 Denial of Service 20838 Denial of Service 20839 Denial of Service 12260 Denial of Service 12414 Denial of Service 12415 Denial of Service 12432 Denial of Service 12416 Denial of Service 12434 Denial of Service 12433 Denial of Service 11650-10852 Denial of Service 11650-10853 Denial of Service 11650-10378 Denial of Service 11650-10379 Denial of Service 11650-10483 Denial of Service 11650-10543 Denial of Service 11676-11568 Denial of Service 11676-11569 Denial of Service 11676-11570 Denial of Service 11676-11923 Denial of Service 11676-11924 Denial of Service 11676-11929 Denial of Service 11676-11930 Denial of Service 11676-11931 Denial of Service 11676-12097 Denial of Service 11676-12098 Denial of Service 11676-12099 Denial of Service 11677-11568 Denial of Service 11677-11569 Denial of Service 11677-11570 Denial of Service 11863-10378 Denial of Service 11863-10379 Denial of Service 11863-10483 Denial of Service 11863-10543 Denial of Service 12079-11923 Denial of Service 12079-11924 Denial of Service 12079-11929 Denial of Service 12079-11930 Denial of Service 12079-11931 Denial of Service 12079-12085 Denial of Service 12079-12086 Denial of Service 12079-12097 Denial of Service 12079-12098 Denial of Service 12079-12099 Denial of Service 12079-20437 Denial of Service 12079-20438 Denial of Service 12079-12242 Denial of Service 12079-12243 Denial of Service 12079-12244 Denial of Service 12079-12389 Denial of Service 12079-12390 Denial of Service 2472-10378 Denial of Service 2472-10379 Denial of Service 2472-10483 Denial of Service 2472-10543 Denial of Service 12079-12436 Denial of Service 12079-20854 Denial of Service 12079-12437 Denial of Service 12079-21196 Important 20838 Important 20839 Important 12260 Important 12414 Important 12415 Important 12432 Important 12416 Important 12434 Important 12433 Important 11650-10852 Important 11650-10853 Important 11650-10378 Important 11650-10379 Important 11650-10483 Important 11650-10543 Important 11676-11568 Important 11676-11569 Important 11676-11570 Important 11676-11923 Important 11676-11924 Important 11676-11929 Important 11676-11930 Important 11676-11931 Important 11676-12097 Important 11676-12098 Important 11676-12099 Important 11677-11568 Important 11677-11569 Important 11677-11570 Important 11863-10378 Important 11863-10379 Important 11863-10483 Important 11863-10543 Important 12079-11923 Important 12079-11924 Important 12079-11929 Important 12079-11930 Important 12079-11931 Important 12079-12085 Important 12079-12086 Important 12079-12097 Important 12079-12098 Important 12079-12099 Important 12079-20437 Important 12079-20438 Important 12079-12242 Important 12079-12243 Important 12079-12244 Important 12079-12389 Important 12079-12390 Important 2472-10378 Important 2472-10379 Important 2472-10483 Important 2472-10543 Important 12079-12436 Important 12079-20854 Important 12079-12437 Important 12079-21196 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20838 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20839 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12260 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12414 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12415 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12432 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12416 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12434 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12433 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12097 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12098 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12099 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12085 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12086 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12097 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12098 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12099 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20438 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12242 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12243 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12244 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12389 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12390 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12436 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20854 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-21196 5086095 https://dotnet.microsoft.com/download/dotnet/10.0 20838 20839 Maybe Security Update 10.0.6 https://support.microsoft.com/help/5086095 20838 20839 5086095 5086096 https://dotnet.microsoft.com/download/dotnet/8.0 12260 12414 12415 12416 Maybe Security Update 8.0.26 https://support.microsoft.com/help/5086096 12260 12414 12415 12416 5086096 5086097 https://dotnet.microsoft.com/download/dotnet/9.0 12432 12434 12433 Maybe Security Update 9.0.15 https://support.microsoft.com/help/5086097 12432 12434 12433 5086097 5082411 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082411 11650-10852 11650-10853 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082411 11650-10852 11650-10853 5082411 5082403 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082403 11650-10378 11650-10379 11650-10483 11650-10543 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082403 11650-10378 11650-10379 11650-10483 11650-10543 5082403 5082414 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082414 11676-11568 11676-11569 11676-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.8.4801.0 https://support.microsoft.com/help/5082414 11676-11568 11676-11569 11676-11570 5082414 5082427 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082427 11676-11923 11676-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082427 11676-11923 11676-11924 5082427 5082426 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 5082426 5082426 https://support.microsoft.com/help/5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 5082413 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082413 11677-11568 11677-11569 11677-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.0 https://support.microsoft.com/help/5082413 11677-11568 11677-11569 11677-11570 5082413 5082400 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082400 11863-10378 11863-10379 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082400 11863-10378 11863-10379 5082400 5082402 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082402 11863-10483 11863-10543 Maybe Security Update 4.7.4141.0 https://support.microsoft.com/help/5082402 11863-10483 11863-10543 5082402 5082425 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082425 12079-11923 12079-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082425 12079-11923 12079-11924 5082425 5082419 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 5082419 5082419 https://support.microsoft.com/help/5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 5082424 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082424 12079-12085 12079-12086 12079-12242 12079-12243 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082424 12079-12085 12079-12086 12079-12242 12079-12243 5082424 5082417 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082417 12079-20437 12079-20438 12079-12436 12079-12437 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082417 12079-20437 12079-20438 12079-12436 12079-12437 5082417 5082418 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082418 12079-12244 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082418 12079-12244 5082418 5082420 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082420 12079-12389 12079-12390 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082420 12079-12389 12079-12390 5082420 5082398 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082398 2472-10378 2472-10379 2472-10483 2472-10543 Maybe Security Update 2.0.50727.8982 & 3.0.30729.8976 https://support.microsoft.com/help/5082398 2472-10378 2472-10379 2472-10483 2472-10543 5082398 5082421 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082421 12079-20854 12079-21196 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082421 12079-20854 12079-21196 5082421 Ludvig Pedersen 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft SQL Server Remote Code Execution Vulnerability <p>Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SQL sysadmin privileges.</p> <p><strong>I am running SQL Server on my system. What action do I need to take?</strong></p> <p>Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.</p> <p><strong>There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?</strong></p> <ul> <li>First, determine your SQL Server version number. For more information on determining your SQL Server version number, see <a href="https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates">Microsoft Knowledge Base Article 321185</a> - How to determine the version, edition, and update level of SQL Server and its components.</li> <li>Second, in the following table, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.</li> </ul> <p><strong>Note</strong> If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product to apply this and future security updates.</p> <table> <thead> <tr> <th>Update Number</th> <th>Title</th> <th>Version</th> <th>Apply if current product version is…</th> <th>This security update also includes servicing releases up through…</th> </tr> </thead> <tbody> <tr> <td><strong>5083245</strong></td> <td>Security update for SQL Server 2025 CU3+GDR</td> <td>17.0.4030.1</td> <td>17.0.4006.2 - 17.0.4025.3</td> <td>KB5077896 - Previous SQL2025 RTM CU3</td> </tr> <tr> <td><strong>5084814</strong></td> <td>Security update for SQL Server 2025 RTM+GDR</td> <td>17.0.1110.1</td> <td>17.0.1000.7 - 17.0.1105.2</td> <td>KB5077468 - Previous SQL2025 RTM GDR</td> </tr> <tr> <td><strong>5083252</strong></td> <td>Security update for SQL Server 2022 CU24+GDR</td> <td>16.0.4250.1</td> <td>16.0.4003.1 - 16.0.4245.2</td> <td>KB5080999 - Previous SQL2022 RTM CU24</td> </tr> <tr> <td><strong>5084815</strong></td> <td>Security update for SQL Server 2022 RTM+GDR</td> <td>16.0.1175.1</td> <td>16.0.1000.6 - 16.0.1170.5</td> <td>KB5077465 - Previous SQL2022 RTM GDR</td> </tr> <tr> <td><strong>5084816</strong></td> <td>Security update for SQL Server 2019 CU32+GDR</td> <td>15.0.4465.1</td> <td>15.0.4003.23 - 15.0.4460.4</td> <td>KB 5077469 - Previous SQL2019 RTM CU32 GDR</td> </tr> <tr> <td><strong>5084817</strong></td> <td>Security update for SQL Server 2019 RTM+GDR</td> <td>15.0.2165.1</td> <td>15.0.2000.5 - 15.0.2160.4</td> <td>KB 5077470 - Previous SQL2019 RTM GDR</td> </tr> <tr> <td><strong>5084818</strong></td> <td>Security update for SQL Server 2017 CU31+GDR</td> <td>14.0.3525.1</td> <td>14.0.3006.16 - 14.0.3520.4</td> <td>KB 5077471 - Previous SQL2017 RTM CU31 GDR</td> </tr> <tr> <td><strong>5084819</strong></td> <td>Security update for SQL Server 2017 RTM+GDR</td> <td>14.0.2105.1</td> <td>14.0.1000.169 - 14.0.2100.4</td> <td>KB 5077472 - Previous SQL2017 RTM GDR</td> </tr> <tr> <td><strong>5084820</strong></td> <td>Security update for SQL Server 2016 Azure Connect Feature Pack+GDR</td> <td>13.0.7080.1</td> <td>13.0.7000.253 - 13.0.7075.5</td> <td>KB 5077473 - Previous SQL2016 Azure Connect Feature Pack GDR</td> </tr> <tr> <td><strong>5084821</strong></td> <td>Security update for SQL Server 2016 SP3+GDR</td> <td>13.0.6485.1</td> <td>13.0.6300.2 - 13.0.6480.4</td> <td>KB 5077474 - Previous SQL2016 RTM GDR</td> </tr> </tbody> </table> <p><strong>What are the GDR and CU update designations and how do they differ?</strong></p> <p>The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.</p> <ul> <li>GDR updates – cumulatively only contain security updates for the given baseline.</li> <li>CU updates – cumulatively contain all functional fixes and security updates for the given baseline.</li> </ul> <p>For any given baseline, either the GDR or CU updates could be options (see below).</p> <ul> <li>If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.</li> <li>If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.</li> <li>If SQL Server installation has intentionally installed previous CU updates, then choose to install the CU security update package.</li> </ul> <p><strong>Note:</strong> You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.</p> <p><strong>Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?</strong></p> <p>Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.</p> SQL Server Microsoft Yes CVE-2026-33120 Untrusted Pointer Dereference 12147 Remote Code Execution 12147 Important 12147 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12147 5084815 https://www.microsoft.com/en-us/download/details.aspx?id=108622 12147 Maybe Security Update 16.0.1175.1 https://support.microsoft.com/help/5084815 12147 5084815 David Hayman 1.0 2026-04-14T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5289 Use after free in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5289 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:55 <p>Information published.</p> Chromium: CVE-2026-5286 Use after free in Dawn <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5286 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:53 <p>Information published.</p> Chromium: CVE-2026-5287 Use after free in PDF <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5287 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:54 <p>Information published.</p> Chromium: CVE-2026-5285 Use after free in WebGL <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5285 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:52 <p>Information published.</p> Chromium: CVE-2026-5284 Use after free in Dawn <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5284 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:51 <p>Information published.</p> Chromium: CVE-2026-5283 Inappropriate implementation in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5283 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:50 <p>Information published.</p> Chromium: CVE-2026-5281 Use after free in Dawn <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information. Google is aware that an exploit for CVE-2026-5281 exists in the wild.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5281 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:49 <p>Information published.</p> Chromium: CVE-2026-5280 Use after free in WebCodecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5280 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:48 <p>Information published.</p> Chromium: CVE-2026-5279 Object corruption in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5279 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:47 <p>Information published.</p> Microsoft Word Information Disclosure Vulnerability <p>Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office Word Microsoft Yes CVE-2026-33822 Out-of-bounds Read 11762 11763 11951 12440 Information Disclosure 11762 Information Disclosure 11763 Information Disclosure 11951 Information Disclosure 12440 Important 11762 Important 11763 Important 11951 Important 12440 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C 11762 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C 11763 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C 11951 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C 12440 Click to Run 11762 11763 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes wh1tc@Kunlun lab&amp; devoke &amp; Zhiniang Peng with HUST 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Defender Elevation of Privilege Vulnerability <p>Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.</p> <table> <thead> <tr> <th>References</th> <th>Identification</th> </tr> </thead> <tbody> <tr> <td>Last version of the Microsoft Defender Antimalware Platform affected by this vulnerability</td> <td>Version 4.18.26020.6</td> </tr> <tr> <td>First version of the Microsoft Defender Antimalware Platform with this vulnerability addressed</td> <td>Version 4.18.26030.3011</td> </tr> </tbody> </table> <p>See <a href="https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus">Manage Updates Baselines Microsoft Defender Antivirus</a> for more information.</p> <p><strong>Microsoft Defender is disabled in my environment, why are vulnerability scanners showing that I am vulnerable to this issue?</strong></p> <p>Vulnerability scanners are looking for specific binaries and version numbers on devices. Microsoft Defender files are still on disk even when disabled. Systems that have disabled Microsoft Defender are not in an exploitable state.</p> <p><strong>Why is no action required to install this update?</strong></p> <p>In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Windows Defender Antimalware Platform. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner.</p> <p>For enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Windows Defender Antimalware Platform are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating.</p> <p>Best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Windows Defender Antimalware Platform updates and malware definitions, is working as expected in their environment.</p> <p><strong>How often are the Microsoft Defender Antimalware Platform and malware definitions updated?</strong></p> <p>Microsoft typically releases an update for the Microsoft Defender Antimalware Platform once a month or as needed to protect against new threats. Microsoft also typically updates the malware definitions three times daily and can increase the frequency when needed.</p> <p>Depending on which Microsoft antimalware software is used and how it is configured, the software may search for platform, engine and definition updates every day when connected to the Internet, up to multiple times daily. Customers can also choose to manually check for updates at any time.</p> <p><strong>What is the Microsoft Defender Antimalware Platform?</strong></p> <p>The Microsoft Defender Antimalware Platform is a collection of user-mode binaries (e.g. MsMpEng.exe) and kernel-mode drivers that run on top of Windows to keep devices protected against new and prevalent threats.</p> <p><strong>Microsoft Defender uses the Windows Defender Antimalware Platform. On which products is Defender installed and active by default?</strong></p> <p>Defender runs on all supported versions of Windows.</p> <p><strong>Are there other products that use the Microsoft Defender Antimalware Platform?</strong></p> <p>Yes, Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft System Center 2012 Endpoint Protection and Microsoft Security Essentials.</p> <p><strong>Does this update contain any additional security-related changes to functionality?</strong></p> <p>Yes.  In addition to the changes that are listed for this vulnerability, this update includes defense-in-depth updates to help improve security-related features.</p> <h2 id="suggested-actions">Suggested Actions</h2> <p><strong>Verify that the update is installed</strong></p> <p>Customers should verify that the latest version of the Microsoft Malware Protection Platform and definition updates are being actively downloaded and installed for their Microsoft antimalware products.</p> <ol> <li>Open the Windows Security program. For example, type Security in the Search bar, and select the Windows Security program.</li> <li>In the navigation pane, select Virus &amp; threat protection.</li> <li>Then click on <strong>Protection Updates</strong> in the Virus &amp; threat protection section updates.</li> <li>Select <strong>Check for updates</strong>.</li> <li>In the navigation pane, select <strong>Settings</strong>, and then select <strong>About</strong>.</li> <li>Examine the <strong>Antimalware ClientVersion</strong> number. The update was successfully installed if the Malware Protection Platform version number or the signature package version number matches or exceeds the version number that you are trying to verify as installed.</li> </ol> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Microsoft Defender Microsoft Yes CVE-2026-33825 Insufficient Granularity of Access Control 11744 Elevation of Privilege 11744 Important 11744 Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11744 Release Notes 11744 Maybe Security Update 4.18.26030.3011 https://www.microsoft.com/en-us/wdsi/defenderupdates 11744 Release Notes Yuanpei XU (HUST) with Diffract & 0x25028335 & 0xa773900 Yuanpei XU (HUST) with Diffract & 0x25028335 & 0xa773900 <a href="https://github.com/steadytao">Zen Dodd</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-30T07:00:00 <p>Added FAQ information. This is an informational change only.</p> Windows Active Directory Remote Code Execution Vulnerability <p>Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>To exploit this vulnerability, an authenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service.</p> <p><strong>According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires that an attacker needs to be in the same restricted Active Directory domain as the target system. The attack surface is not reachable from broader networks, which is why the attack vector is considered adjacent (AV:A).</p> Windows Active Directory Microsoft Yes CVE-2026-33826 Improper Input Validation 11571 11572 11923 11924 12437 12244 12436 10816 10855 10483 10543 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 12437 Remote Code Execution 12244 Remote Code Execution 12436 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10483 Remote Code Execution 10543 Critical 11571 Critical 11572 Critical 11923 Critical 11924 Critical 12437 Critical 12244 Critical 12436 Critical 10816 Critical 10855 Critical 10483 Critical 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10816 10855 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/aniqfakhrul">Aniq Fakhrul</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability <p>Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>This vulnerability could allow a local, non‑administrator attacker to read any files that are accessible to the UPnP Device Host Service, which runs under the LOCAL SERVICE account. This may include restricted system files or configuration data that the attacker would not normally be able to access. The specific information exposed depends on the files that the service is permitted to read.</p> Universal Plug and Play (upnp.dll) Microsoft Yes CVE-2026-32212 Improper Link Resolution Before File Access ('Link Following') Improper Privilege Management 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashes <p><a href="https://www.cve.org/CVERecord?id=CVE-2026-32631">CVE-2026-32631</a> is regarding a vulnerability where it is possible to obtain a user's NTLM hash by tricking them into cloning a malicious repository, or checking out a malicious branch that accesses an attacker-controlled server. By default, NTLM authentication does not need any user interaction. GitHub created this CVE on their behalf. The documented Visual Studio updates incorporate updates in Git which address this vulnerability.</p> <p>Please see <a href="https://www.cve.org/CVERecord?id=CVE-2026-32631">CVE-2026-32631</a> for more information.</p> GitHub Repo: Git for Windows GitHub Yes CVE-2026-32631 Exposure of Private Personal Information to an Unauthorized Actor 11720 11600 12459 16767 21166 Information Disclosure 11720 Information Disclosure 11600 Information Disclosure 12459 Information Disclosure 16767 Information Disclosure 21166 Important 11720 Important 11600 Important 12459 Important 16767 Important 21166 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 11720 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 11600 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 12459 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 16767 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 21166 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 16.11 11720 Maybe Security Update 16.11.55 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 11720 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 15.9 11600 Maybe Security Update 15.9.79 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 11600 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.12 12459 Maybe Security Update 17.12.19 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 12459 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.14 16767 Maybe Security Update 17.14.30 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 16767 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2026 version 18.4 21166 Maybe Security Update 18.4.4 https://learn.microsoft.com/en-us/visualstudio/releases/2026/release-notes 21166 Release Notes 1.0 2026-04-14T07:00:00 <p>Information published.</p> HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers <p><a href="https://www.cve.org/CVERecord?id=CVE-2026-21637">CVE-2026-21637</a> is regarding a vulnerability in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. HackerOne created this CVE on their behalf. The documented Visual Studio updates incorporate updates in Node.js which address this vulnerability.</p> <p>Please see <a href="https://www.cve.org/CVERecord?id=CVE-2026-21637">CVE-2026-21637</a> for more information.</p> Node.js HackerOne Yes CVE-2026-21637 Uncontrolled Resource Consumption 11935 12459 16767 Denial of Service 11935 Denial of Service 12459 Denial of Service 16767 Moderate 11935 Moderate 12459 Moderate 16767 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11935 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12459 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 16767 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 16.11 11935 Maybe Security Update 16.11.55 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 11935 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.12 12459 Maybe Security Update 17.12.19 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 12459 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.14 16767 Maybe Security Update 17.14.30 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 16767 Release Notes 1.0 2026-04-14T07:00:00 <p>Information published.</p> Chromium: CVE-2026-6920 Out of bounds read in GPU <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.87</td> <td>04/248/2026</td> <td>147.0.7727.118</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6920 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.87 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-28T07:00:42 <p>Information published.</p> Microsoft Bing Elevation of Privilege Vulnerability <p>Server-side request forgery (ssrf) in Microsoft Bing allows an unauthorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Microsoft Bing Microsoft No CVE-2026-32186 Server-Side Request Forgery (SSRF) 12500 Elevation of Privilege 12500 Critical 12500 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 10.0 8.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12500 Sriharsha Pallekonda with Microsoft 1.0 2026-04-02T07:00:00 <p>Information published.</p> 1.1 2026-04-07T07:00:00 <p>Updated information to include CVSS scores. This is an informational change only.</p> Azure Databricks Elevation of Privilege Vulnerability <p>Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Azure Databricks Microsoft No CVE-2026-33107 Server-Side Request Forgery (SSRF) 11994 Elevation of Privilege 11994 Critical 11994 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 10.0 8.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11994 <a href="https://twitter.com/stargravy">Evan Grant</a> 1.0 2026-04-02T07:00:00 <p>Information published.</p> Windows Recovery Environment Security Feature Bypass Vulnerability <p>Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.</p> Windows Recovery Environment Agent Microsoft Yes CVE-2026-20928 Improper Removal of Sensitive Information Before Storage or Transfer 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 20854 Security Feature Bypass 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://dfir.ru/">Maxim Suhanov</a> with CICADA8 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows COM Server Information Disclosure Vulnerability <p>Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could potentially read User Mode Service Memory.</p> Windows COM Microsoft Yes CVE-2026-20806 Access of Resource Using Incompatible Type ('Type Confusion') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Pwnforr777 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Word Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> Microsoft Office Word Microsoft Yes CVE-2026-23657 Use After Free 11762 11763 12420 12421 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 12420 Remote Code Execution 12421 Important 11762 Important 11763 Important 12420 Important 12421 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 Click to Run 11762 11763 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 12420 12421 Click to Run Haifei Li with <a href="https://pub.expmon.com/">EXPMON</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> .NET Framework Denial of Service Vulnerability <p>Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.</p> .NET Framework Microsoft Yes CVE-2026-23666 Improper Handling of Exceptional Conditions 11650-10852 11650-10853 11650-10378 11650-10379 11650-10483 11650-10543 11676-11568 11676-11569 11676-11570 11676-11923 11676-11924 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 11677-11568 11677-11569 11677-11570 11863-10378 11863-10379 11863-10483 11863-10543 12079-11923 12079-11924 12079-11929 12079-11930 12079-11931 12079-12085 12079-12086 12079-12097 12079-12098 12079-12099 12079-20437 12079-20438 12079-12242 12079-12243 12079-12244 12079-12389 12079-12390 2472-10378 2472-10379 2472-10483 2472-10543 12079-12437 12079-20853 12079-12436 12079-20854 Denial of Service 11650-10852 Denial of Service 11650-10853 Denial of Service 11650-10378 Denial of Service 11650-10379 Denial of Service 11650-10483 Denial of Service 11650-10543 Denial of Service 11676-11568 Denial of Service 11676-11569 Denial of Service 11676-11570 Denial of Service 11676-11923 Denial of Service 11676-11924 Denial of Service 11676-11929 Denial of Service 11676-11930 Denial of Service 11676-11931 Denial of Service 11676-12097 Denial of Service 11676-12098 Denial of Service 11676-12099 Denial of Service 11677-11568 Denial of Service 11677-11569 Denial of Service 11677-11570 Denial of Service 11863-10378 Denial of Service 11863-10379 Denial of Service 11863-10483 Denial of Service 11863-10543 Denial of Service 12079-11923 Denial of Service 12079-11924 Denial of Service 12079-11929 Denial of Service 12079-11930 Denial of Service 12079-11931 Denial of Service 12079-12085 Denial of Service 12079-12086 Denial of Service 12079-12097 Denial of Service 12079-12098 Denial of Service 12079-12099 Denial of Service 12079-20437 Denial of Service 12079-20438 Denial of Service 12079-12242 Denial of Service 12079-12243 Denial of Service 12079-12244 Denial of Service 12079-12389 Denial of Service 12079-12390 Denial of Service 2472-10378 Denial of Service 2472-10379 Denial of Service 2472-10483 Denial of Service 2472-10543 Denial of Service 12079-12437 Denial of Service 12079-20853 Denial of Service 12079-12436 Denial of Service 12079-20854 Critical 11650-10852 Critical 11650-10853 Critical 11650-10378 Critical 11650-10379 Critical 11650-10483 Critical 11650-10543 Critical 11676-11568 Critical 11676-11569 Critical 11676-11570 Critical 11676-11923 Critical 11676-11924 Critical 11676-11929 Critical 11676-11930 Critical 11676-11931 Critical 11676-12097 Critical 11676-12098 Critical 11676-12099 Critical 11677-11568 Critical 11677-11569 Critical 11677-11570 Critical 11863-10378 Critical 11863-10379 Critical 11863-10483 Critical 11863-10543 Critical 12079-11923 Critical 12079-11924 Critical 12079-11929 Critical 12079-11930 Critical 12079-11931 Critical 12079-12085 Critical 12079-12086 Critical 12079-12097 Critical 12079-12098 Critical 12079-12099 Critical 12079-20437 Critical 12079-20438 Critical 12079-12242 Critical 12079-12243 Critical 12079-12244 Critical 12079-12389 Critical 12079-12390 Critical 2472-10378 Critical 2472-10379 Critical 2472-10483 Critical 2472-10543 Critical 12079-12437 Critical 12079-20853 Critical 12079-12436 Critical 12079-20854 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10852 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10853 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10378 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10379 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10483 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10543 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11568 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11569 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11570 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11923 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11924 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11929 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11930 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11931 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-12097 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-12098 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-12099 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11677-11568 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11677-11569 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11677-11570 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11863-10378 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11863-10379 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11863-10483 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11863-10543 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11923 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11924 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11929 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11930 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11931 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12085 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12086 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12097 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12098 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12099 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-20437 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-20438 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12242 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12243 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12244 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12389 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12390 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 2472-10378 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 2472-10379 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 2472-10483 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 2472-10543 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12437 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-20853 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12436 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-20854 5082411 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082411 11650-10852 11650-10853 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082411 11650-10852 11650-10853 5082411 5082403 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082403 11650-10378 11650-10379 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082403 11650-10378 11650-10379 5082403 5082404 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082404 11650-10483 11650-10543 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082404 11650-10483 11650-10543 5082404 5082414 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082414 11676-11568 11676-11569 11676-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.8.4801.0 https://support.microsoft.com/help/5082414 11676-11568 11676-11569 11676-11570 5082414 5082427 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082427 11676-11923 11676-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082427 11676-11923 11676-11924 5082427 5082426 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 5082426 5082426 https://support.microsoft.com/help/5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 5082413 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082413 11677-11568 11677-11569 11677-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.0 https://support.microsoft.com/help/5082413 11677-11568 11677-11569 11677-11570 5082413 5082400 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082400 11863-10378 11863-10379 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082400 11863-10378 11863-10379 5082400 5082402 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082402 11863-10483 11863-10543 Maybe Security Update 4.7.4141.0 https://support.microsoft.com/help/5082402 11863-10483 11863-10543 5082402 5082425 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082425 12079-11923 12079-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082425 12079-11923 12079-11924 5082425 5082419 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 5082419 5082419 https://support.microsoft.com/help/5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 5082424 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082424 12079-12085 12079-12086 12079-12242 12079-12243 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082424 12079-12085 12079-12086 12079-12242 12079-12243 5082424 5082417 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082417 12079-20437 12079-20438 12079-12437 12079-12436 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082417 12079-20437 12079-20438 12079-12437 12079-12436 5082417 5082418 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082418 12079-12244 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082418 12079-12244 5082418 5082420 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082420 12079-12389 12079-12390 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082420 12079-12389 12079-12390 5082420 5082398 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082398 2472-10378 2472-10379 Maybe Security Update 2.0.50727.8982 & 3.0.30729.8976 https://support.microsoft.com/help/5082398 2472-10378 2472-10379 5082398 5082406 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082406 2472-10483 2472-10543 Maybe Security Update 2.0.50727.8982 & 3.0.30729.8976 https://support.microsoft.com/help/5082406 2472-10483 2472-10543 5082406 5082421 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082421 12079-20853 12079-20854 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082421 12079-20853 12079-20854 5082421 Anonymous 1.1 2026-04-15T07:00:00 <p>Executive Summary updated</p> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft PowerShell Security Feature Bypass Vulnerability <p>Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker would have to send the victim a malicious file that the victim would have to execute.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>Exploiting this vulnerability bypasses dynamic-expression security checks which may lead to arbitrary code execution when then -SkipLimitCheck is used with Import-PowerShellDataFile. If you do not use the -SkipLimitCheck switch, you are not affected.</p> <p><strong>Is the Windows native version of PowerShell affected by this vulnerability?</strong></p> <p>No, this vulnerability was introduced after PowerShell was forked from Windows powerShell so the inbox version is not affected.</p> <p>The current store app addresses the vulnerability.</p> Microsoft PowerShell Microsoft Yes CVE-2026-26143 Improper Input Validation 16787 12262 Security Feature Bypass 16787 Security Feature Bypass 12262 Important 16787 Important 12262 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16787 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12262 Release Notes https://github.com/PowerShell/Announcements/issues/82 16787 Maybe Security Update 7.5.5 https://github.com/PowerShell/Announcements/issues/82 16787 Release Notes Release Notes https://github.com/PowerShell/Announcements/issues/82 12262 Maybe Security Update 7.4.14 https://github.com/PowerShell/Announcements/issues/82 12262 Release Notes <a href="https://github.com/surfingoldelephant">surfingoldelephant</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Cryptographic Services Elevation of Privilege Vulnerability <p>Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment.</p> Windows Cryptographic Services Microsoft Yes CVE-2026-26152 Insecure Storage of Sensitive Information 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability <p>Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Encrypting File System (EFS) Microsoft Yes CVE-2026-26153 Out-of-bounds Read 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Hangyu Hua(@HBh25Y) with Shuffle Team and Hunan University Hangyu Hua(@HBh25Y) with Shuffle Team and Hunan University 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Hyper-V Remote Code Execution Vulnerability <p>Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.</p> <p>For example, when the score indicates that the <strong>Attack Vector</strong> is <strong>Local</strong> and <strong>User Interaction</strong> is <strong>Required</strong>, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.</p> Role: Windows Hyper-V Microsoft Yes CVE-2026-26156 Heap-based Buffer Overflow Out-of-bounds Read Improper Input Validation 20854 20853 11569 11571 11572 11923 11924 11931 12097 12437 20437 20438 12242 12243 12244 12389 12390 12436 10853 10816 10855 Remote Code Execution 20854 Remote Code Execution 20853 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Important 20854 Important 20853 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11931 Important 12097 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11931 12097 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10853 10816 10855 cyanbamboo and b2ahex 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Desktop Licensing Service Elevation of Privilege Vulnerability <p>Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Remote Desktop Licensing Service Microsoft Yes CVE-2026-26159 Missing Authentication for Critical Function 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Howard McGreehan with MSRC V&M 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Elevation of Privilege Vulnerability <p>Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Kernel Microsoft Yes CVE-2026-26163 Double Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Samer Karim with Microsoft Inc. 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Memory Information Disclosure Vulnerability <p>Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>Exploiting this vulnerability could allow the disclosure of certain kernel memory content.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and some loss of integrity (I:L), but no loss of availability (A:N). What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could view sensitive information, (Confidentiality), and make some changes to disclosed information (Integrity), but they would not be able to affect Availability.</p> Windows Kernel Memory Microsoft Yes CVE-2026-26169 Buffer Over-read 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20854 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20853 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11568 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11569 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11571 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11572 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11923 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11924 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11929 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11930 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11931 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12097 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12098 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12099 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12437 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20437 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20438 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12242 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12243 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12244 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12389 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12390 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12436 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10852 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10853 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10816 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Faiustov Denis with GMO Cybersecurity by Ierae, Inc. Masahiro Kawada with GMO Cybersecurity by Ierae, Inc. 1.0 2026-04-14T07:00:00 <p>Information published.</p> PowerShell Elevation of Privilege Vulnerability <p>Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Microsoft PowerShell Microsoft Yes CVE-2026-26170 Improper Input Validation 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows Push Notifications Microsoft Yes CVE-2026-26172 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-26173 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free NULL Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability <p>Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Client Side Caching driver (csc.sys) Microsoft Yes CVE-2026-26176 Heap-based Buffer Overflow 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://github.com/cbwang505">ChengBin Wang</a> with <a href="https://www.guolisec.com/">ZheJiang Guoli Security Technology</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-26177 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/her0m4nt">her0m4nt</a> <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability <p>Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker could create malicious WebGL content that triggers an unsafe buffer copy inside D3D10Warp.dll(Direct3D 10 WARP (Windows Advanced Rasterization Platform)).</p> <p>When a user’s browser processes this content, the attacker‑controlled parameters can cause a buffer overflow in the Windows graphics component, potentially enabling elevated privileges on the system.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>A user would need to visit a website or open content that uses WebGL features such as gl.texStorage3D or gl.texSubImage3D inside a Chromium‑based browser. No additional actions beyond loading this content are required.</p> Windows Advanced Rasterization Platform Microsoft Yes CVE-2026-26178 Incorrect Conversion between Numeric Types Integer Overflow or Wraparound 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Dongzhuo Zhao working with ADLab of Venustech Dongzhuo Zhao working with ADLab of Venustech 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-26182 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-26184 Buffer Over-read 20854 20853 11571 11569 11568 11923 11572 11924 11930 11931 11929 12097 12099 12098 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11571 Elevation of Privilege 11569 Elevation of Privilege 11568 Elevation of Privilege 11923 Elevation of Privilege 11572 Elevation of Privilege 11924 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 11929 Elevation of Privilege 12097 Elevation of Privilege 12099 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11571 Important 11569 Important 11568 Important 11923 Important 11572 Important 11924 Important 11930 Important 11931 Important 11929 Important 12097 Important 12099 Important 12098 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11569 11568 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11569 11568 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11569 11568 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11930 11931 11929 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11930 11931 11929 5082200 5082200 https://support.microsoft.com/help/5082200 11930 11931 11929 12097 12099 12098 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12099 12098 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12099 12098 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Search Service Elevation of Privilege Vulnerability <p>Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Microsoft Windows Search Component Microsoft Yes CVE-2026-27909 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://linkedin.com/in/jongseongkim">Jongseong Kim (nevul37), SEC-agent team</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Installer Elevation of Privilege Vulnerability <p>Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Installer Microsoft Yes CVE-2026-27910 Improper Handling of Insufficient Permissions or Privileges 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://infosec.exchange/@jagotu">JaGoTu</a> with <a href="https://www.dcit.cz/">DCIT, a.s.</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows User Interface Core Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows User Interface Core Microsoft Yes CVE-2026-27911 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kerberos Elevation of Privilege Vulnerability <p>Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.</p> <p><strong>According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires that an attacker needs to be in the same restricted Active Directory domain as the target system. The attack surface is not reachable from broader networks, which is why the attack vector is considered adjacent (AV:A).</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Kerberos Microsoft Yes CVE-2026-27912 Improper Authorization 11571 11572 11923 11924 12437 12244 12436 10816 10855 10378 10379 10483 10543 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 12244 Elevation of Privilege 12436 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://www.linkedin.com/in/shailaron">Shai Laron</a> with Semperis 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows BitLocker Security Feature Bypass Vulnerability <p>Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass Secure Boot.</p> Windows BitLocker Microsoft Yes CVE-2026-27913 Improper Input Validation 11571 12244 10816 10855 11572 11923 10379 10378 10483 10543 11924 Security Feature Bypass 11571 Security Feature Bypass 12244 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 10379 Security Feature Bypass 10378 Security Feature Bypass 10483 Security Feature Bypass 10543 Security Feature Bypass 11924 Important 11571 Important 12244 Important 10816 Important 10855 Important 11572 Important 11923 Important 10379 Important 10378 Important 10483 Important 10543 Important 11924 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10816 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10855 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10379 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10378 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10483 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10543 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10816 10855 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10379 10378 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10379 10378 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/alon_leviev">Alon Leviev</a> with Microsoft (STORM) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Management Console Elevation of Privilege Vulnerability <p>Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Microsoft Management Console Microsoft Yes CVE-2026-27914 Improper Access Control 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://twitter.com/filip_dragovic">Filip Dragović</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploits this vulnerability could gain access to a limited set of administrator-protected objects.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27916 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27920 Untrusted Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-27922 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Desktop Window Manager Microsoft Yes CVE-2026-27923 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Varun Goel 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Information Disclosure Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27925 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Hello Security Feature Bypass Vulnerability <p>Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.</p> <p><strong>According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass the MFA required for Windows Hello for Business PIN provisioning.</p> <p><strong>Where can I find more information about Windows Hello for Business PIN provisioning?</strong></p> <p>Please see <a href="https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/how-it-works-provisioning">Windows Hello for Business PIN provisioning</a> for updated details.</p> Windows Hello Microsoft Yes CVE-2026-27928 Improper Input Validation 11571 11572 11923 11924 12437 12244 12436 10816 10855 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 12437 Security Feature Bypass 12244 Security Feature Bypass 12436 Security Feature Bypass 10816 Security Feature Bypass 10855 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 12437 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 12436 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 10816 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10816 10855 sec-42a020b982ef sec-42a020b982ef 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows GDI Information Disclosure Vulnerability <p>Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>This vulnerability may allow an attacker to access small portions of memory from the affected application when it processes a specially crafted Enhanced Metafile (EMF). This issue is an out‑of‑bounds read, any disclosure would be limited to whatever data happens to reside in adjacent memory at the time.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>The user would have to open or preview content that contains the malicious Enhanced Metafile (EMF).</p> Windows GDI Microsoft Yes CVE-2026-27930 Out-of-bounds Read 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Information Disclosure 20854 Information Disclosure 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 xina1i@psbc 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows SSDP Service Microsoft Yes CVE-2026-32068 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-32069 Double Free 11924 11923 11571 11929 11930 11572 11931 11568 11569 12097 12098 12437 12099 20438 20437 12242 12243 12244 12390 12389 12436 20854 20853 Elevation of Privilege 11924 Elevation of Privilege 11923 Elevation of Privilege 11571 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11572 Elevation of Privilege 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 12099 Elevation of Privilege 20438 Elevation of Privilege 20437 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12390 Elevation of Privilege 12389 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11924 Important 11923 Important 11571 Important 11929 Important 11930 Important 11572 Important 11931 Important 11568 Important 11569 Important 12097 Important 12098 Important 12437 Important 12099 Important 20438 Important 20437 Important 12242 Important 12243 Important 12244 Important 12390 Important 12389 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 11568 11569 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 11568 11569 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 11568 11569 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 20437 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 20437 5083769 5083769 https://support.microsoft.com/help/5083769 20438 20437 12390 12389 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12390 12389 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12390 12389 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Common Log File System Driver Elevation of Privilege Vulnerability <p>Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Common Log File System Driver Microsoft Yes CVE-2026-32070 Use After Free 20854 20853 11923 11568 11571 11569 11924 11572 11930 11931 11929 12097 12098 12437 12099 20438 20437 12244 12243 12242 12389 12390 12436 10853 10852 10816 10855 10379 10378 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11923 Elevation of Privilege 11568 Elevation of Privilege 11571 Elevation of Privilege 11569 Elevation of Privilege 11924 Elevation of Privilege 11572 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 11929 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 12099 Elevation of Privilege 20438 Elevation of Privilege 20437 Elevation of Privilege 12244 Elevation of Privilege 12243 Elevation of Privilege 12242 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10853 Elevation of Privilege 10852 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10379 Elevation of Privilege 10378 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11923 Important 11568 Important 11571 Important 11569 Important 11924 Important 11572 Important 11930 Important 11931 Important 11929 Important 12097 Important 12098 Important 12437 Important 12099 Important 20438 Important 20437 Important 12244 Important 12243 Important 12242 Important 12389 Important 12390 Important 12436 Important 10853 Important 10852 Important 10816 Important 10855 Important 10379 Important 10378 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11571 11569 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11571 11569 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11571 11569 11572 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11930 11931 11929 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11930 11931 11929 5082200 5082200 https://support.microsoft.com/help/5082200 11930 11931 11929 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 20437 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 20437 5083769 5083769 https://support.microsoft.com/help/5083769 20438 20437 12389 12390 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12243 12242 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12243 12242 5082052 5082052 https://support.microsoft.com/help/5082052 12243 12242 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10853 10852 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10853 10852 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10853 10852 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10379 10378 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10379 10378 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security <a href="https://www.linkedin.com/in/daniel-dutra-4671a72a0/">Daniel Dutra</a> with <a href="https://templo.tech/">Templo</a> <a href="https://www.linkedin.com/in/henrique-antonov-3b7471236/">Henrique</a> with <a href="https://templo.tech/">Templo</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Active Directory Spoofing Vulnerability <p>Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.</p> Windows Active Directory Microsoft Yes CVE-2026-32072 Improper Authentication 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Spoofing 11568 Spoofing 11569 Spoofing 11571 Spoofing 11572 Spoofing 11923 Spoofing 11924 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 12097 Spoofing 12098 Spoofing 12099 Spoofing 12437 Spoofing 20437 Spoofing 20438 Spoofing 12242 Spoofing 12243 Spoofing 12244 Spoofing 12389 Spoofing 12390 Spoofing 12436 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 20854 Spoofing 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-32074 Double Free 20854 20853 11571 11572 11569 11923 11924 11568 11929 11930 11931 12097 12099 12098 12437 20438 20437 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11569 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11568 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12099 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 20438 Elevation of Privilege 20437 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11571 Important 11572 Important 11569 Important 11923 Important 11924 Important 11568 Important 11929 Important 11930 Important 11931 Important 12097 Important 12099 Important 12098 Important 12437 Important 20438 Important 20437 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 11569 11568 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 11569 11568 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 11569 11568 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12099 12098 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12099 12098 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12099 12098 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 20437 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 20437 5083769 5083769 https://support.microsoft.com/help/5083769 20438 20437 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Storage Spaces Controller Elevation of Privilege Vulnerability <p>Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Storage Spaces Controller Microsoft Yes CVE-2026-32076 Out-of-bounds Read 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Yoon Jung Hyun(Yuil Muil (@YuilMuil) / X) Yoon Jung Hyun(Yuil Muil (@YuilMuil) / X) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-32077 Untrusted Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082806 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082806 5078738 10378 10379 10483 10543 Yes IE Cumulative 1.000 https://support.microsoft.com/help/5082806 10378 10379 10483 10543 5082806 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-20T07:00:00 <p>Added Security Only packages to Windows Server 2012 security updates. This is an informational change only.</p> Web Account Manager Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained (&quot;sandboxed&quot;) execution environment.</p> <p>Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows File Explorer Microsoft Yes CVE-2026-32079 Exposure of Sensitive Information to an Unauthorized Actor 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 20854 Information Disclosure 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows WalletService Elevation of Privilege Vulnerability <p>Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows WalletService Microsoft Yes CVE-2026-32080 Use After Free 11571 11572 11923 11924 12437 12244 12436 10816 10855 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 12244 Elevation of Privilege 12436 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10816 10855 <a href="https://twitter.com/hillstone_lab">Zhang WangJunJie, He YiSheng</a> with <a href="https://www.hillstonenet.com/">Hillstone Networks</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Print Spooler Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained (&quot;sandboxed&quot;) execution environment.</p> <p>Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows File Explorer Microsoft Yes CVE-2026-32084 Exposure of Sensitive Information to an Unauthorized Actor 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Information Disclosure 20854 Information Disclosure 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Function Discovery Service (fdwsd.dll) Microsoft Yes CVE-2026-32086 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Biometric Service Security Feature Bypass Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>This vulnerability could allow an attacker to bypass the Windows biometric authentication feature. A malicious biometric device could be incorrectly recognized as trusted, allowing an attacker to falsely present biometric data and potentially gain access to the device without the legitimate user's fingerprint or face.</p> Windows Biometric Service Microsoft Yes CVE-2026-32088 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20854 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20853 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11568 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11569 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11929 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11930 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11931 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12097 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12098 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12099 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12437 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20437 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20438 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12242 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12243 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12389 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12390 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://www.linkedin.com/in/paragmali/">Parag Mali</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Brokering File System Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain the privileges of the logged-on user.</p> Microsoft Brokering File System Microsoft Yes CVE-2026-32091 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Hyper-V Remote Code Execution Vulnerability <p>Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. The vulnerable endpoint is only available over the local VM interface as all external communication is blocked. This means an attacker needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?</strong></p> <p>An authorized attacker with privileges could send controlled inputs to exploit this vulnerability.</p> Role: Windows Hyper-V Microsoft Yes CVE-2026-32149 Improper Input Validation Integer Underflow (Wrap or Wraparound) Heap-based Buffer Overflow 20854 20853 11569 11571 11572 11923 11924 11931 12097 12437 20437 20438 12242 12243 12244 12389 12390 12436 10853 10816 10855 Remote Code Execution 20854 Remote Code Execution 20853 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Important 20854 Important 20853 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11931 Important 12097 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11931 12097 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10853 10816 10855 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Function Discovery Service (fdwsd.dll) Microsoft Yes CVE-2026-32150 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address.</p> Windows Shell Microsoft Yes CVE-2026-32151 Exposure of Sensitive Information to an Unauthorized Actor 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Information Disclosure 20854 Information Disclosure 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Speech Runtime Elevation of Privilege Vulnerability <p>Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Microsoft Windows Speech Microsoft Yes CVE-2026-32153 Use After Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11929 11930 11931 12097 12098 12099 20437 20438 12242 12243 12389 12390 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 20437 Important 20438 Important 12242 Important 12243 Important 12389 Important 12390 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.</p> Desktop Window Manager Microsoft Yes CVE-2026-32155 Use After Free 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows COM Elevation of Privilege Vulnerability <p>Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows COM Microsoft Yes CVE-2026-32162 Acceptance of Extraneous Untrusted Data With Trusted Data 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Faiustov Denis with GMO Cybersecurity by Ierae, Inc. Masahiro Kawada with GMO Cybersecurity by Ierae, Inc. 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows User Interface Core Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows User Interface Core Microsoft Yes CVE-2026-32163 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows User Interface Core Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows User Interface Core Microsoft Yes CVE-2026-32164 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Azure Logic Apps Elevation of Privilege Vulnerability <p>Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>An attacker could create a forged authentication token and use it to access administrative function APIs. This may allow them to retrieve keys, access the file system, and deploy unauthorized code within the Logic Apps environment.</p> <p><strong>How do customers mitigate this vulnerability?</strong></p> <p>Customers are protected through service-side (control plane) updates, which are automatically applied—there is no download, build number, or manual update required to receive the fix.</p> <p>The only exception is for existing Logic Apps that were created when WEBSITE_AUTH_ENCRYPTION_KEY was configured as an environment variable. For those existing apps, customers must make a small update (edit any environment variable) to trigger the change and fully mitigate the issue.</p> <p>New or updated Logic Apps already use a secret reference for the auth key and are automatically mitigated without any customer action.</p> Azure Logic Apps Microsoft Yes CVE-2026-32171 Insufficiently Protected Credentials 12228 Elevation of Privilege 12228 Important 12228 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12228 Nick Wojciechowski 1.0 2026-04-14T07:00:00 <p>Information published.</p> SQL Server Elevation of Privilege Vulnerability <p>Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SQL sysadmin privileges.</p> <p><strong>I am running SQL Server on my system. What action do I need to take?</strong></p> <p>Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.</p> <p><strong>There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?</strong></p> <ul> <li>First, determine your SQL Server version number. For more information on determining your SQL Server version number, see <a href="https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates">Microsoft Knowledge Base Article 321185</a> - How to determine the version, edition, and update level of SQL Server and its components.</li> <li>Second, in the following table, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.</li> </ul> <p><strong>Note</strong> If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product to apply this and future security updates.</p> <table> <thead> <tr> <th>Update Number</th> <th>Title</th> <th>Version</th> <th>Apply if current product version is…</th> <th>This security update also includes servicing releases up through…</th> </tr> </thead> <tbody> <tr> <td><strong>5083245</strong></td> <td>Security update for SQL Server 2025 CU3+GDR</td> <td>17.0.4030.1</td> <td>17.0.4006.2 - 17.0.4025.3</td> <td>KB5077896 - Previous SQL2025 RTM CU3</td> </tr> <tr> <td><strong>5084814</strong></td> <td>Security update for SQL Server 2025 RTM+GDR</td> <td>17.0.1110.1</td> <td>17.0.1000.7 - 17.0.1105.2</td> <td>KB5077468 - Previous SQL2025 RTM GDR</td> </tr> <tr> <td><strong>5083252</strong></td> <td>Security update for SQL Server 2022 CU24+GDR</td> <td>16.0.4250.1</td> <td>16.0.4003.1 - 16.0.4245.2</td> <td>KB5080999 - Previous SQL2022 RTM CU24</td> </tr> <tr> <td><strong>5084815</strong></td> <td>Security update for SQL Server 2022 RTM+GDR</td> <td>16.0.1175.1</td> <td>16.0.1000.6 - 16.0.1170.5</td> <td>KB5077465 - Previous SQL2022 RTM GDR</td> </tr> <tr> <td><strong>5084816</strong></td> <td>Security update for SQL Server 2019 CU32+GDR</td> <td>15.0.4465.1</td> <td>15.0.4003.23 - 15.0.4460.4</td> <td>KB 5077469 - Previous SQL2019 RTM CU32 GDR</td> </tr> <tr> <td><strong>5084817</strong></td> <td>Security update for SQL Server 2019 RTM+GDR</td> <td>15.0.2165.1</td> <td>15.0.2000.5 - 15.0.2160.4</td> <td>KB 5077470 - Previous SQL2019 RTM GDR</td> </tr> <tr> <td><strong>5084818</strong></td> <td>Security update for SQL Server 2017 CU31+GDR</td> <td>14.0.3525.1</td> <td>14.0.3006.16 - 14.0.3520.4</td> <td>KB 5077471 - Previous SQL2017 RTM CU31 GDR</td> </tr> <tr> <td><strong>5084819</strong></td> <td>Security update for SQL Server 2017 RTM+GDR</td> <td>14.0.2105.1</td> <td>14.0.1000.169 - 14.0.2100.4</td> <td>KB 5077472 - Previous SQL2017 RTM GDR</td> </tr> <tr> <td><strong>5084820</strong></td> <td>Security update for SQL Server 2016 Azure Connect Feature Pack+GDR</td> <td>13.0.7080.1</td> <td>13.0.7000.253 - 13.0.7075.5</td> <td>KB 5077473 - Previous SQL2016 Azure Connect Feature Pack GDR</td> </tr> <tr> <td><strong>5084821</strong></td> <td>Security update for SQL Server 2016 SP3+GDR</td> <td>13.0.6485.1</td> <td>13.0.6300.2 - 13.0.6480.4</td> <td>KB 5077474 - Previous SQL2016 RTM GDR</td> </tr> </tbody> </table> <p><strong>What are the GDR and CU update designations and how do they differ?</strong></p> <p>The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.</p> <ul> <li>GDR updates – cumulatively only contain security updates for the given baseline.</li> <li>CU updates – cumulatively contain all functional fixes and security updates for the given baseline.</li> </ul> <p>For any given baseline, either the GDR or CU updates could be options (see below).</p> <ul> <li>If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.</li> <li>If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.</li> <li>If SQL Server installation has intentionally installed previous CU updates, then choose to install the CU security update package.</li> </ul> <p><strong>Note:</strong> You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.</p> <p><strong>Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?</strong></p> <p>Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.</p> SQL Server Microsoft Yes CVE-2026-32176 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 21090 20748 21091 11478 11821 12048 12053 12145 12147 16785 Elevation of Privilege 21090 Elevation of Privilege 20748 Elevation of Privilege 21091 Elevation of Privilege 11478 Elevation of Privilege 11821 Elevation of Privilege 12048 Elevation of Privilege 12053 Elevation of Privilege 12145 Elevation of Privilege 12147 Elevation of Privilege 16785 Important 21090 Important 20748 Important 21091 Important 11478 Important 11821 Important 12048 Important 12053 Important 12145 Important 12147 Important 16785 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 21090 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20748 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 21091 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11478 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11821 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12048 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12053 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12145 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12147 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16785 5083245 https://www.microsoft.com/en-us/download/details.aspx?id=108618 21090 Maybe Security Update 17.0.4030.1 https://support.microsoft.com/help/5083245 21090 5083245 5084814 https://www.microsoft.com/en-us/download/details.aspx?id=108625 20748 Maybe Security Update 17.0.1110.1 https://support.microsoft.com/help/5084814 20748 5084814 5083252 https://www.microsoft.com/en-us/download/details.aspx?id=108620 21091 Maybe Security Update 16.0.4250.1 https://support.microsoft.com/help/5083252 21091 5083252 5084819 https://www.microsoft.com/en-us/download/details.aspx?id=108621 11478 Maybe Security Update 14.0.2105.1 https://support.microsoft.com/help/5084819 11478 5084819 5084817 https://www.microsoft.com/en-us/download/details.aspx?id=108619 11821 Maybe Security Update 15.0.2165.1 https://support.microsoft.com/help/5084817 11821 5084817 5084821 https://www.microsoft.com/en-us/download/details.aspx?id=108617 12048 Maybe Security Update 13.0.6485.1 https://support.microsoft.com/help/5084821 12048 5084821 5084820 https://www.microsoft.com/en-us/download/details.aspx?id=108624 12053 Maybe Security Update 13.0.7080.1 https://support.microsoft.com/help/5084820 12053 5084820 5084818 https://www.microsoft.com/en-us/download/details.aspx?id=108623 12145 Maybe Security Update 14.0.3525.1 https://support.microsoft.com/help/5084818 12145 5084818 5084815 https://www.microsoft.com/en-us/download/details.aspx?id=108622 12147 Maybe Security Update 16.0.1175.1 https://support.microsoft.com/help/5084815 12147 5084815 5084816 https://www.microsoft.com/en-us/download/details.aspx?id=108626 16785 Maybe Security Update 15.0.4465.1 https://support.microsoft.com/help/5084816 16785 5084816 Anon 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Office Remote Code Execution Vulnerability <p>Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>Yes, the Preview Pane is an attack vector.</p> Microsoft Office Microsoft Yes CVE-2026-32190 Use After Free 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10753 10754 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10753 Remote Code Execution 10754 Critical 11573 Critical 11574 Critical 11762 Critical 11763 Critical 11951 Critical 11952 Critical 11953 Critical 12420 Critical 12421 Critical 12440 Critical 10753 Critical 10754 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10753 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10754 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002859 https://www.microsoft.com/en-us/download/details.aspx?id=108606 5002838 10753 10754 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002859 10753 10754 5002859 Anonymous Li Shuang, willJ and Guang Gong with Vulnerability Research Institute 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Admin Center Spoofing Vulnerability <p>Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).</p> <p><strong>According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>The user would have to click on a specially crafted URL to be compromised by the attacker.</p> Windows Admin Center Microsoft Yes CVE-2026-32196 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 11629 Spoofing 11629 Important 11629 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.1 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C 11629 Release Notes https://aka.ms/downloadwac 11629 Maybe Security Update 2.6.5.16 https://learn.microsoft.com/en-us/windows-server/manage/windows-admin-center/support/release-history 11629 Release Notes <a href="https://www.linkedin.com/in/ben-zamir-401003237">Ben Zamir</a> with <a href="https://cymulate.com/">Cymulate</a> <a href="https://www.linkedin.com/in/ilan-kalendarov-4826741a0">Ilan Kalendarov</a> with <a href="https://cymulate.com/">Cymulate</a> <a href="https://www.linkedin.com/in/elad-beber-a17946184">Elad Beber</a> with <a href="https://cymulate.com/">Cymulate</a> <a href="https://www.linkedin.com/in/ruben-en/">Ruben Enkaoua</a> with <a href="https://cymulate.com/">Cymulate</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32197 Use After Free 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Remote Code Execution 10836 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10739 Remote Code Execution 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10836 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 wh1tc@Kunlun lab&amp; devoke &amp; Zhiniang Peng with HUST 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32198 Use After Free 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Remote Code Execution 10836 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10739 Remote Code Execution 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10836 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 <a href="https://x.com/dnpushme">f4 &amp; Zhiniang Peng with HUST</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32199 Use After Free 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Remote Code Execution 10836 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10739 Remote Code Execution 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10836 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 Haifei Li with <a href="https://pub.expmon.com/">EXPMON</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft PowerPoint Remote Code Execution Vulnerability <p>Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>An attacker who successfully exploits this vulnerability could achieve remote code execution without user interaction.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office PowerPoint Microsoft Yes CVE-2026-32200 Use After Free 11573 11574 11762 11763 11952 11953 12420 12421 10741 10742 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 10741 Remote Code Execution 10742 Important 11573 Important 11574 Important 11762 Important 11763 Important 11952 Important 11953 Important 12420 Important 12421 Important 10741 Important 10742 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10741 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10742 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run 5002808 https://www.microsoft.com/en-us/download/details.aspx?id=108610 5002790 10741 10742 Maybe Security Update 16.0.5548.1001 https://support.microsoft.com/help/5002808 10741 10742 5002808 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft SharePoint Server Spoofing Vulnerability <p>Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).</p> Microsoft Office SharePoint Microsoft Yes CVE-2026-32201 Improper Input Validation 10950 11585 11961 Spoofing 10950 Spoofing 11585 Spoofing 11961 Important 10950 Important 11585 Important 11961 Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C 10950 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C 11585 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C 11961 5002861 https://www.microsoft.com/en-us/download/details.aspx?id=108611 5002850 10950 Maybe Security Update 16.0.5548.1003 https://support.microsoft.com/help/5002861 10950 5002861 5002854 https://www.microsoft.com/en-us/download/details.aspx?id=108608 5002845 11585 Maybe Security Update 16.0.10417.20114 https://support.microsoft.com/help/5002854 11585 5002854 5002853 https://www.microsoft.com/en-us/download/details.aspx?id=108607 5002843 11961 Maybe Security Update 16.0.19725.20210 https://support.microsoft.com/help/5002853 11961 5002853 Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-14T07:00:00 <p>Added an acknowledgement. This is an informational change only.</p> .NET Denial of Service Vulnerability <p>Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.</p> .NET Microsoft Yes CVE-2026-26171 Uncontrolled Resource Consumption Improper Restriction of XML External Entity Reference 16787 20839 12414 20838 12415 12416 12432 12434 12433 21227 Denial of Service 16787 Denial of Service 20839 Denial of Service 12414 Denial of Service 20838 Denial of Service 12415 Denial of Service 12416 Denial of Service 12432 Denial of Service 12434 Denial of Service 12433 Denial of Service 21227 Important 16787 Important 20839 Important 12414 Important 20838 Important 12415 Important 12416 Important 12432 Important 12434 Important 12433 Important 21227 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 16787 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20839 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12414 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20838 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12415 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12416 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12432 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12434 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12433 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 21227 Release Notes https://github.com/PowerShell/Announcements/issues/83 16787 Maybe Security Update 7.5.6 https://github.com/PowerShell/Announcements/issues/83 16787 Release Notes 5086095 https://dotnet.microsoft.com/download/dotnet/10.0 20839 20838 Maybe Security Update 10.0.6 https://support.microsoft.com/help/5086095 20839 20838 5086095 5086096 https://dotnet.microsoft.com/download/dotnet/8.0 12414 12415 12416 Maybe Security Update 8.0.26 https://support.microsoft.com/help/5086096 12414 12415 12416 5086096 5086097 https://dotnet.microsoft.com/download/dotnet/9.0 12432 12434 12433 Maybe Security Update 9.0.15 https://support.microsoft.com/help/5086097 12432 12434 12433 5086097 Release Notes https://github.com/PowerShell/Announcements/issues/83 21227 Maybe Security Update 7.6.1 https://github.com/PowerShell/Announcements/issues/83 21227 Release Notes Ludvig Pedersen Ludvig Pedersen 1.0 2026-04-14T07:00:00 <p>Information published.</p> 2.0 2026-04-22T07:00:00 <p>The CVE was updated to include Powershell 7.6 and 7.5</p> .NET and Visual Studio Denial of Service Vulnerability <p>Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.</p> .NET and Visual Studio Microsoft Yes CVE-2026-32203 Stack-based Buffer Overflow Improper Input Validation 21166 12459 16767 20837 20838 20839 12414 12415 12416 12432 12433 12434 Denial of Service 21166 Denial of Service 12459 Denial of Service 16767 Denial of Service 20837 Denial of Service 20838 Denial of Service 20839 Denial of Service 12414 Denial of Service 12415 Denial of Service 12416 Denial of Service 12432 Denial of Service 12433 Denial of Service 12434 Important 21166 Important 12459 Important 16767 Important 20837 Important 20838 Important 20839 Important 12414 Important 12415 Important 12416 Important 12432 Important 12433 Important 12434 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 21166 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12459 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 16767 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20837 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20838 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20839 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12414 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12415 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12416 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12432 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12433 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12434 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2026 version 18.4 21166 Maybe Security Update 18.4.4 https://learn.microsoft.com/en-us/visualstudio/releases/2026/release-notes 21166 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.12 12459 Maybe Security Update 17.12.19 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 12459 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.14 16767 Maybe Security Update 17.14.30 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 16767 Release Notes 5086095 https://dotnet.microsoft.com/download/dotnet/10.0 20837 20838 20839 Maybe Security Update 10.0.6 https://support.microsoft.com/help/5086095 20837 20838 20839 5086095 5086096 https://dotnet.microsoft.com/download/dotnet/8.0 12414 12415 12416 Maybe Security Update 8.0.26 https://support.microsoft.com/help/5086096 12414 12415 12416 5086096 5086097 https://dotnet.microsoft.com/download/dotnet/9.0 12432 12433 12434 Maybe Security Update 9.0.15 https://support.microsoft.com/help/5086097 12432 12433 12434 5086097 Ludvig Pedersen <a href="https://github.com/vcsjones">vcsjones</a> with GitHub 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-20T07:00:00 <p>Download links fixed</p> Windows Shell Security Feature Bypass Vulnerability <p>Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>This vulnerability could allow an attacker to bypass SmartScreen protections that rely on the Mark of the Web (MotW) to identify files originating from the internet.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker could exploit this issue by convincing a user to open a specially crafted .lnk file delivered through email, a website download, or removable media. When opened, the shortcut causes Windows to launch commands or Control Panel applets without proper MotW handling, potentially allowing arbitrary command execution or loading attacker‑controlled DLLs.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>To successfully exploit this vulnerability, an attacker must convince a user to open a malicious link or shortcut file.</p> Windows Shell Microsoft Yes CVE-2026-32225 Protection Mechanism Failure 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Security Feature Bypass 20854 Security Feature Bypass 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Jeong Lee with <a href="https://www.microsoft.com/">Microsoft</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-33099 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 20437 20438 12242 12243 12244 12389 12390 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous working with TrendAI Zero Day Initiative Anonymous working with TrendAI Zero Day Initiative Anonymous working with TrendAI Zero Day Initiative 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-33100 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous working with TrendAI Zero Day Initiative Anonymous working with TrendAI Zero Day Initiative 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Print Spooler Elevation of Privilege Vulnerability <p>Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Print Spooler Components Microsoft Yes CVE-2026-33101 Use After Free 12437 20437 20438 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://x.com/zeifan">Nafiez</a> with <a href="https://zeifan.my/">NLab Security</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability <p>Improper access control in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.</p> Microsoft Dynamics 365 (on-premises) Microsoft Yes CVE-2026-33103 Improper Access Control 11664 Information Disclosure 11664 Important 11664 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11664 5078943 https://www.microsoft.com/en-us/download/details.aspx?id=108455 11664 Maybe Security Update 9.1.0044.0015 https://support.microsoft.com/help/5078943 11664 5078943 41ae55e9310ff27fa6f26af4727e5590 <a href="https://twitter.com/hoangnx99">Hoangnx and hoangha</a> with <a href="https://lab.viettelcybersecurity.com/">VCSLab of Viettel Cyber Security</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-28T07:00:00 <p>Added acknowledgements. This is an informational change only.</p> Win32k Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Win32K - GRFX Microsoft Yes CVE-2026-33104 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20853 20854 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20853 Elevation of Privilege 20854 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20853 Important 20854 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20853 20854 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20853 20854 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Marcin Wiazowski working with <a href="https://www.zerodayinitiative.com/">TrendAI Zero Day Initiative</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Word Remote Code Execution Vulnerability <p>Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>Yes, the Preview Pane is an attack vector.</p> Microsoft Office Word Microsoft Yes CVE-2026-33114 Untrusted Pointer Dereference 11762 11763 11951 11952 11953 12420 12421 12440 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Critical 11762 Critical 11763 Critical 11951 Critical 11952 Critical 11953 Critical 12420 Critical 12421 Critical 12440 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 Click to Run 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes tiebuchen 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Word Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>Yes, the Preview Pane is an attack vector.</p> Microsoft Office Word Microsoft Yes CVE-2026-33115 Use After Free 11762 11763 11951 11952 11953 12420 12421 12440 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Critical 11762 Critical 11763 Critical 11951 Critical 11952 Critical 11953 Critical 12420 Critical 12421 Critical 12440 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 Click to Run 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes <a href="https://linkedin.com/in/ghirmay">Ghirmay Desta</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5292 Out of bounds read in WebCodecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5292 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5291 Inappropriate implementation in WebGL <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5291 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:56 <p>Information published.</p> Chromium: CVE-2026-5290 Use after free in Compositing <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5290 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:55 <p>Information published.</p> Chromium: CVE-2026-5277 Integer overflow in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5277 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:46 <p>Information published.</p> Chromium: CVE-2026-5276 Insufficient policy enforcement in WebUSB <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5276 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:45 <p>Information published.</p> Chromium: CVE-2026-5275 Heap buffer overflow in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5275 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:44 <p>Information published.</p> Chromium: CVE-2026-5274 Integer overflow in Codecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5274 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:43 <p>Information published.</p> Chromium: CVE-2026-5273 Use after free in CSS <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5273 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:42 <p>Information published.</p> Chromium: CVE-2026-5272 Heap buffer overflow in GPU <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5272 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:41 <p>Information published.</p> Windows TCP/IP Remote Code Execution Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine.</p> Windows TCP/IP Microsoft Yes CVE-2026-33827 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20853 20854 10852 10853 10816 10855 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 20853 Remote Code Execution 20854 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Critical 11568 Critical 11569 Critical 11571 Critical 11572 Critical 11923 Critical 11924 Critical 11929 Critical 11930 Critical 11931 Critical 12097 Critical 12098 Critical 12099 Critical 12437 Critical 20437 Critical 20438 Critical 12242 Critical 12243 Critical 12244 Critical 12389 Critical 12390 Critical 12436 Critical 20853 Critical 20854 Critical 10852 Critical 10853 Critical 10816 Critical 10855 Critical 10378 Critical 10379 Critical 10483 Critical 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20853 20854 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20853 20854 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 WARP & MORSE team at Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability <p>Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An unauthenticated attacker could send specially crafted packets to a Windows machine with Internet Key Exchange (IKE) version 2 enabled, which could enable remote code execution.</p> Windows IKE Extension Microsoft Yes CVE-2026-33824 Double Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20853 20854 10852 10853 10816 10855 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 20853 Remote Code Execution 20854 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Critical 11568 Critical 11569 Critical 11571 Critical 11572 Critical 11923 Critical 11924 Critical 11929 Critical 11930 Critical 11931 Critical 12097 Critical 12098 Critical 12099 Critical 12437 Critical 20437 Critical 20438 Critical 12242 Critical 12243 Critical 12244 Critical 12389 Critical 12390 Critical 12436 Critical 20853 Critical 20854 Critical 10852 Critical 10853 Critical 10816 Critical 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20853 20854 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20853 20854 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 <p>The following <a href="https://technet.microsoft.com/library/security/dn848375.aspx#Mitigation">mitigating factors</a> might be helpful in your situation:</p> <p>Customers who cannot immediately install the security update can take one of the following actions, depending on their environment:</p> <ul> <li>Block inbound traffic on UDP ports 500 and 4500 for systems that do not use IKE.</li> <li>For systems that require IKE, configure firewall rules to allow inbound traffic on UDP ports 500 and 4500 only from known peer addresses.</li> </ul> <p><em><strong>These actions reduce the attack surface but do not replace installing the security update when it becomes available.</strong></em></p> WARP & MORSE team at Microsoft WARP & MORSE team at Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Snipping Tool Spoofing Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must induce the user into launching a crafted malicious link and confirming the launch of the Snipping Tool program.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker could induce the user into clicking a specially crafted link in a Web browser or other URL source, by embedding it in a Web page or email message. If the user approves the launching of the link, the crafted URL can induce the computer to connect to an SMB server of the attacker’s choosing, which would disclose the user’s NTLMv2 hash to the attacker, who could use this to authenticate as the user.</p> Windows Snipping Tool Microsoft Yes CVE-2026-33829 Exposure of Sensitive Information to an Unauthorized Actor 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20853 20854 10852 10853 10816 10855 10378 10379 10483 10543 Spoofing 11568 Spoofing 11569 Spoofing 11571 Spoofing 11572 Spoofing 11923 Spoofing 11924 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 12097 Spoofing 12098 Spoofing 12099 Spoofing 12437 Spoofing 20437 Spoofing 20438 Spoofing 12242 Spoofing 12243 Spoofing 12244 Spoofing 12389 Spoofing 12390 Spoofing 12436 Spoofing 20853 Spoofing 20854 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 10378 Spoofing 10379 Spoofing 10483 Spoofing 10543 Moderate 11568 Moderate 11569 Moderate 11571 Moderate 11572 Moderate 11923 Moderate 11924 Moderate 11929 Moderate 11930 Moderate 11931 Moderate 12097 Moderate 12098 Moderate 12099 Moderate 12437 Moderate 20437 Moderate 20438 Moderate 12242 Moderate 12243 Moderate 12244 Moderate 12389 Moderate 12390 Moderate 12436 Moderate 20853 Moderate 20854 Moderate 10852 Moderate 10853 Moderate 10816 Moderate 10855 Moderate 10378 Moderate 10379 Moderate 10483 Moderate 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11568 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11569 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11571 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11572 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11923 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11924 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11929 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11930 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11931 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12097 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12098 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12099 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12437 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20437 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20438 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12242 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12243 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12244 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12389 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12390 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12436 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20853 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20854 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10852 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10853 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10816 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10855 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10378 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10379 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10483 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20853 20854 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20853 20854 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://www.linkedin.com/in/mdiazcast/">Marcos D&#237;az</a> with <a href="https://www.tarlogic.com/blackarrow/">Blackarrow (Tarlogic)</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability <p>Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is file content.</p> Universal Plug and Play (upnp.dll) Microsoft Yes CVE-2026-32214 Improper Access Control 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5899 Incorrect security UI in History Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5899 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:48 <p>Information published.</p> Microsoft Edge (Chromium-based) Spoofing Vulnerability <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker would have to send the victim a malicious file that the victim would have to execute.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2026-33118 User Interface (UI) Misrepresentation of Critical Information 11655 Spoofing 11655 Low 11655 Publicly Disclosed:No;Exploited:No 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes nakanoou 1.0 2026-04-10T07:00:00 <p>Information published.</p> Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability <p>User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. * In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2026-33119 User Interface (UI) Misrepresentation of Critical Information 11815 Spoofing 11815 Moderate 11815 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.4 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C 11815 Release Notes 11815 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11815 Release Notes <a href="https://twitter.com/renwax23">Renwa (@RenwaX23)</a> <a href="https://www.linkedin.com/in/jodyritonga/">Jody Ritonga</a> with test 1.0 2026-04-10T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5896 Policy bypass in Audio <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5896 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:45 <p>Information published.</p> Chromium: CVE-2026-5897 Incorrect security UI in Downloads <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5897 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:46 <p>Information published.</p> Chromium: CVE-2026-5898 Incorrect security UI in Omnibox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5898 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:47 <p>Information published.</p> Chromium: CVE-2026-5894 Inappropriate implementation in PDF <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5894 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:43 <p>Information published.</p> Chromium: CVE-2026-5895 Incorrect security UI in Omnibox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5895 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:44 <p>Information published.</p> Chromium: CVE-2026-5889 Cryptographic Flaw in PDFium <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5889 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:38 <p>Information published.</p> Chromium: CVE-2026-5892 Insufficient policy enforcement in PWAs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5892 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:41 <p>Information published.</p> Chromium: CVE-2026-5890 Race in WebCodecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5890 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:39 <p>Information published.</p> Chromium: CVE-2026-5893 Race in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5893 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:42 <p>Information published.</p> Chromium: CVE-2026-5884 Insufficient validation of untrusted input in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5884 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:33 <p>Information published.</p> Chromium: CVE-2026-5887 Insufficient validation of untrusted input in Downloads <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5887 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:36 <p>Information published.</p> Chromium: CVE-2026-5883 Use after free in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5883 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:32 <p>Information published.</p> Chromium: CVE-2026-5879 Insufficient validation of untrusted input in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5879 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:28 <p>Information published.</p> Chromium: CVE-2026-5885 Insufficient validation of untrusted input in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5885 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:34 <p>Information published.</p> Chromium: CVE-2026-5891 Insufficient policy enforcement in browser UI <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5891 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:40 <p>Information published.</p> Chromium: CVE-2026-5881 Policy bypass in LocalNetworkAccess <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5881 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:30 <p>Information published.</p> Chromium: CVE-2026-5878 Incorrect security UI in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5878 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:27 <p>Information published.</p> Chromium: CVE-2026-5877 Use after free in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5877 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:26 <p>Information published.</p> Chromium: CVE-2026-5888 Uninitialized Use in WebCodecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5888 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:37 <p>Information published.</p> Chromium: CVE-2026-5874 Use after free in PrivateAI <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5874 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:23 <p>Information published.</p> Chromium: CVE-2026-5886 Out of bounds read in WebAudio <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5886 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:35 <p>Information published.</p> Chromium: CVE-2026-5876 Side-channel information leakage in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5876 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:25 <p>Information published.</p> Chromium: CVE-2026-5872 Use after free in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5872 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:21 <p>Information published.</p> Chromium: CVE-2026-5875 Policy bypass in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5875 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:24 <p>Information published.</p> Chromium: CVE-2026-5873 Out of bounds read and write in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5873 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:22 <p>Information published.</p> Chromium: CVE-2026-5871 Type Confusion in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5871 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:20 <p>Information published.</p> Chromium: CVE-2026-5867 Heap buffer overflow in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5867 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:16 <p>Information published.</p> Chromium: CVE-2026-5868 Heap buffer overflow in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5868 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:17 <p>Information published.</p> Chromium: CVE-2026-5866 Use after free in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5866 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:15 <p>Information published.</p> Chromium: CVE-2026-5869 Heap buffer overflow in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5869 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:18 <p>Information published.</p> Chromium: CVE-2026-5864 Heap buffer overflow in WebAudio <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5864 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:13 <p>Information published.</p> Chromium: CVE-2026-5861 Use after free in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5861 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:10 <p>Information published.</p> Chromium: CVE-2026-5862 Inappropriate implementation in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5862 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:11 <p>Information published.</p> Chromium: CVE-2026-5860 Use after free in WebRTC <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5860 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:09 <p>Information published.</p> Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5919 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:06 <p>Information published.</p> Chromium: CVE-2026-5858 Heap buffer overflow in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5858 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:05 <p>Information published.</p> Chromium: CVE-2026-5859 Integer overflow in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5859 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:08 <p>Information published.</p> Chromium: CVE-2026-5918 Inappropriate implementation in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5918 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:05 <p>Information published.</p> Chromium: CVE-2026-5863 Inappropriate implementation in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5863 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:12 <p>Information published.</p> Chromium: CVE-2026-5913 Out of bounds read in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5913 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:02 <p>Information published.</p> Chromium: CVE-2026-5912 Integer overflow in WebRTC <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5912 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:01 <p>Information published.</p> Chromium: CVE-2026-5914 Type Confusion in CSS <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5914 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:03 <p>Information published.</p> Chromium: CVE-2026-5865 Type Confusion in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5865 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:14 <p>Information published.</p> Chromium: CVE-2026-5870 Integer overflow in Skia <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5870 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:18 <p>Information published.</p> Chromium: CVE-2026-5915 Insufficient validation of untrusted input in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5915 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:04 <p>Information published.</p> Chromium: CVE-2026-5908 Integer overflow in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5908 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:57 <p>Information published.</p> Chromium: CVE-2026-5909 Integer overflow in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5909 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:58 <p>Information published.</p> Chromium: CVE-2026-5905 Incorrect security UI in Permissions <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5905 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:54 <p>Information published.</p> Chromium: CVE-2026-5911 Policy bypass in ServiceWorkers <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5911 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:00 <p>Information published.</p> Chromium: CVE-2026-5906 Incorrect security UI in Omnibox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5906 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:55 <p>Information published.</p> Chromium: CVE-2026-5907 Insufficient data validation in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5907 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:56 <p>Information published.</p> Chromium: CVE-2026-5901 Policy bypass in DevTools <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5901 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:50 <p>Information published.</p> Chromium: CVE-2026-5904 Use after free in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5904 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:53 <p>Information published.</p> Chromium: CVE-2026-5910 Integer overflow in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5910 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:59 <p>Information published.</p> Chromium: CVE-2026-5900 Policy bypass in Downloads <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5900 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:49 <p>Information published.</p> Chromium: CVE-2026-5903 Policy bypass in IFrameSandbox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5903 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:52 <p>Information published.</p> Chromium: CVE-2026-5902 Race in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5902 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:51 <p>Information published.</p> Chromium: CVE-2026-5882 Incorrect security UI in Fullscreen <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5882 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:31 <p>Information published.</p> Chromium: CVE-2026-5880 Incorrect security UI in browser UI <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5880 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:29 <p>Information published.</p> Chromium: CVE-2026-6296 Heap buffer overflow in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6296 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:46 <p>Information published.</p> Chromium: CVE-2026-6363 Type Confusion in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6363 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:13 <p>Information published.</p> Chromium: CVE-2026-6359 Use after free in Video <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6359 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:09 <p>Information published.</p> Chromium: CVE-2026-6364 Out of bounds read in Skia <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6364 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:14 <p>Information published.</p> Chromium: CVE-2026-6362 Use after free in Codecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6362 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:12 <p>Information published.</p> Chromium: CVE-2026-6313 Insufficient policy enforcement in CORS <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6313 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:04 <p>Information published.</p> Chromium: CVE-2026-6314 Out of bounds write in GPU <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6314 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:05 <p>Information published.</p> Chromium: CVE-2026-6318 Use after free in Codecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6318 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:09 <p>Information published.</p> Chromium: CVE-2026-6361 Heap buffer overflow in PDFium <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6361 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:11 <p>Information published.</p> Chromium: CVE-2026-6310 Use after free in Dawn <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6310 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:02 <p>Information published.</p> Chromium: CVE-2026-6360 Use after free in FileSystem <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6360 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:10 <p>Information published.</p> Chromium: CVE-2026-6316 Use after free in Forms <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6316 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:06 <p>Information published.</p> Chromium: CVE-2026-6309 Use after free in Viz <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6309 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:01 <p>Information published.</p> Chromium: CVE-2026-6311 Uninitialized Use in Accessibility <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6311 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:03 <p>Information published.</p> Chromium: CVE-2026-6307 Type Confusion in Turbofan <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6307 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:59 <p>Information published.</p> Chromium: CVE-2026-6306 Heap buffer overflow in PDFium <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6306 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:58 <p>Information published.</p> Chromium: CVE-2026-6303 Use after free in Codecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6303 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:55 <p>Information published.</p> Chromium: CVE-2026-6308 Out of bounds read in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6308 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:00 <p>Information published.</p> Chromium: CVE-2026-6302 Use after free in Video <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6302 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:54 <p>Information published.</p> Chromium: CVE-2026-6300 Use after free in CSS <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6300 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:52 <p>Information published.</p> Chromium: CVE-2026-6304 Use after free in Graphite <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6304 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:56 <p>Information published.</p> Chromium: CVE-2026-6305 Heap buffer overflow in PDFium <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6305 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:57 <p>Information published.</p> Chromium: CVE-2026-6301 Type Confusion in Turbofan <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6301 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:53 <p>Information published.</p> Chromium: CVE-2026-6317 Use after free in Cast <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6317 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:08 <p>Information published.</p> Chromium: CVE-2026-6312 Insufficient policy enforcement in Passwords <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6312 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:04 <p>Information published.</p> Chromium: CVE-2026-6298 Heap buffer overflow in Skia <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6298 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:50 <p>Information published.</p> Chromium: CVE-2026-6297 Use after free in Proxy <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6297 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:49 <p>Information published.</p> Chromium: CVE-2026-6299 Use after free in Prerender <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.72</td> <td>04/17/2026</td> <td>147.0.7727.102</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6299 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.72 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-17T07:00:51 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-32078 Use After Free 11924 11923 11572 11571 11930 11929 11569 11568 11931 12097 12098 12437 12099 12242 20438 12243 12389 12390 12244 20437 12436 20854 20853 Elevation of Privilege 11924 Elevation of Privilege 11923 Elevation of Privilege 11572 Elevation of Privilege 11571 Elevation of Privilege 11930 Elevation of Privilege 11929 Elevation of Privilege 11569 Elevation of Privilege 11568 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 12099 Elevation of Privilege 12242 Elevation of Privilege 20438 Elevation of Privilege 12243 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12244 Elevation of Privilege 20437 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11924 Important 11923 Important 11572 Important 11571 Important 11930 Important 11929 Important 11569 Important 11568 Important 11931 Important 12097 Important 12098 Important 12437 Important 12099 Important 12242 Important 20438 Important 12243 Important 12389 Important 12390 Important 12244 Important 20437 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11572 11571 11569 11568 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11572 11571 11569 11568 5082123 5082123 https://support.microsoft.com/help/5082123 11572 11571 11569 11568 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11930 11929 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11930 11929 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11930 11929 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 20437 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 20437 5083769 5083769 https://support.microsoft.com/help/5083769 20438 12389 12390 20437 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Chromium: CVE-2026-6921 Race in GPU <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.86</td> <td>04/24/2026</td> <td>147.0.7727.116/.117</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6921 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.86 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-24T23:57:43 <p>Information published.</p> Azure SRE Agent Information Disclosure Vulnerability <p>Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Azure SRE Agent Microsoft No CVE-2026-32173 Improper Authentication 21062 Information Disclosure 21062 Critical 21062 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 8.6 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 21062 <a href="https://twitter.com/yanir_">Yanir Tsarimi</a> with <a href="https://enclave.ai/">Enclave</a> 1.0 2026-04-02T07:00:00 <p>Information published.</p> ASP.NET Core Elevation of Privilege Vulnerability <p>Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>How do I know if I'm affected?</strong></p> <p>You are affected if all three of the following are true:</p> <ol> <li>Your application uses Microsoft.AspNetCore.DataProtection 10.0.6 from NuGet (directly, or through a package that depends on it such as Microsoft.AspNetCore.DataProtection.StackExchangeRedis).</li> <li>The NuGet copy of the library was actually loaded at runtime — not the shared framework copy. This typically means you deploy self-contained, or your installed shared framework is older than the NuGet package version.</li> <li>Your application runs on Linux, macOS, or another non-Windows OS.</li> </ol> <p>How do I determine if the vulnerable binary was loaded?</p> <p>Check application logs. The clearest symptom is users being logged out and repeated &quot;The payload was invalid&quot; errors in your logs after upgrading to 10.0.6. Check your project file. Look for a PackageReference to Microsoft.AspNetCore.DataProtection version 10.0.6 in your .csproj file (or in a package that depends on it). You can also run dotnet list package to see resolved package versions.</p> <p>Inspect the binary on disk. See [https://file+.vscode-resource.vscode-cdn.net/c%3A/Users/shalter/Downloads/advisory-upd-1.md#technical-details]Technical details for how to distinguish the affected NuGet binary from the correct shared framework binary by file size.</p> <p><strong>Additional information</strong></p> <p>Shared framework deployments are not affected. If your application runs framework-dependent and the installed ASP.NET Core shared framework version is ≥ your Microsoft.AspNetCore.DataProtection PackageReference version, the correct shared framework binary is loaded and the NuGet binary is never used.</p> <p>Windows deployments are not affected. On Windows, DataProtection uses CNG-based encryptors by default, which do not contain this bug. 8.0.x and 9.0.x packages are not affected. The defective code path was introduced during 10.0 development and was never backported.</p> <p>Windows with managed algorithms: If you run on Windows but explicitly opted into managed algorithms via UseCustomCryptographicAlgorithms, you are also affected. Older target frameworks: A smaller population running net462 / netstandard2.0 with Microsoft.AspNetCore.DataProtection 10.0.0–10.0.6 is affected on all operating systems. See [https://file+.vscode-resource.vscode-cdn.net/c%3A/Users/shalter/Downloads/advisory-upd-1.md#technical-details]Technical details for specifics.</p> <p><a href="https://github.com/dotnet/announcements/issues/395">https://github.com/dotnet/announcements/issues/395</a></p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and integrity (I:H), but could lead to no loss of availability (A:N). What does that mean for this vulnerability?</strong></p> <p>Exploiting this vulnerability could allow an attacker to disclose files and modify data, but the attacker cannot impact the availability of the system.</p> ASP.NET Core Microsoft Yes CVE-2026-40372 Improper Verification of Cryptographic Signature 20932 21244 Elevation of Privilege 20932 Elevation of Privilege 21244 Important 20932 Important 21244 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 9.1 7.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20932 5091596 https://dotnet.microsoft.com/en-us/download/dotnet/10.0 20932 Maybe Security Update 10.0.7 https://support.microsoft.com/help/5091596 20932 5091596 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2026 version 18.5 21244 Maybe Security Update 18.5.2 https://learn.microsoft.com/en-us/visualstudio/releases/2026/release-notes 21244 Release Notes Anonymous 1.0 2026-04-21T07:00:00 <p>Information published.</p> 2.0 2026-04-28T07:00:00 <p>This CVE has been updated to include the Visual Studios 2026 18.5 as an Affected Software</p> Microsoft Purview eDiscovery Elevation of Privilege Vulnerability <p>Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Microsoft Purview Microsoft No CVE-2026-26150 Server-Side Request Forgery (SSRF) 21234 Elevation of Privilege 21234 Critical 21234 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 8.6 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 21234 Felix B. 1.0 2026-04-23T07:00:00 <p>Information published.</p> Microsoft Partner Center Elevation of Privilege Vulnerability <p>Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Microsoft Partner Center Microsoft No CVE-2026-24303 Improper Access Control 12429 Elevation of Privilege 12429 Critical 12429 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 9.6 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 12429 Shyam Datti with Microsoft Corporation 1.0 2026-04-23T07:00:00 <p>Information published.</p> Microsoft Entra ID Entitlement Management Spoofing Vulnerability <p>Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Microsoft Entra ID Entitlement Management Microsoft No CVE-2026-35431 Server-Side Request Forgery (SSRF) 12383 Spoofing 12383 Critical 12383 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 10.0 8.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12383 Felix B. 1.0 2026-04-23T07:00:00 <p>Information published.</p> Microsoft Power Apps Remote Code Execution Vulnerability <p>Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Microsoft Power Apps Microsoft No CVE-2026-32172 Uncontrolled Search Path Element 12186 Remote Code Execution 12186 Critical 12186 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 8.0 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 12186 Hritik Sateesh, Application Security Researcher with <a href="https://www.stantec.com/">Stantec</a> 1.0 2026-04-23T07:00:00 <p>Information published.</p> Azure IoT Central Elevation of Privilege Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Azure IOT Central Microsoft No CVE-2026-21515 Exposure of Sensitive Information to an Unauthorized Actor 20842 Elevation of Privilege 20842 Critical 20842 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 9.9 8.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20842 <a href="https://www.linkedin.com/in/hay-mizrachi/">Hay Mizrachi</a> with <a href="https://microsoft.com/">Microsoft</a> 1.0 2026-04-23T07:00:00 <p>Information published.</p> Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability <p>Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider (RP) allows an authorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Azure Custom Locations Resource Provider (RP) Microsoft No CVE-2026-26135 Server-Side Request Forgery (SSRF) 21164 Elevation of Privilege 21164 Critical 21164 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 9.6 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 21164 <a href="https://www.linkedin.com/in/amir-gombo-39771b25a/">Amir Gombo</a> with Microsoft <a href="https://www.linkedin.com/in/yonatan-migdal-57998a115">Yonatan Migdal</a> with Microsoft 1.0 2026-04-02T07:00:00 <p>Information published.</p> Azure MCP Server Information Disclosure Vulnerability <p>Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Azure MCP Server Microsoft No CVE-2026-32211 Missing Authentication for Critical Function 12385 Information Disclosure 12385 Critical 12385 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 9.1 7.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12385 Sriharsha Pallekonda with <a href="https://www.microsoft.com/">Microsoft</a> <a href="https://www.linkedin.com/in/vamsi-nukavarapu/">Vamsi Nukavarapu</a> with <a href="https://www.microsoft.com/">Microsoft</a> 1.0 2026-04-02T07:00:00 <p>Information published.</p> Azure AI Foundry Elevation of Privilege Vulnerability <p>Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Azure AI Foundry Microsoft No CVE-2026-32213 Improper Authorization 12505 Elevation of Privilege 12505 Critical 12505 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 10.0 8.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12505 Anonymous 1.0 2026-04-02T07:00:00 <p>Information published.</p> Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability <p>Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.</p> <p><strong>Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?</strong></p> <p>This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.</p> <p>Please see <a href="https://aka.ms/MSRC-Cloud-CVEs">Toward greater transparency: Unveiling Cloud Service CVEs</a> for more information.</p> Microsoft Azure Kubernetes Service Microsoft No CVE-2026-33105 Improper Authorization 11870 Elevation of Privilege 11870 Critical 11870 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 10.0 8.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11870 <a href="https://www.linkedin.com/in/amir-gombo-39771b25a/">Amir Gombo</a> with Microsoft 1.0 2026-04-02T07:00:00 <p>Information published.</p> Windows Snipping Tool Remote Code Execution Vulnerability <p>Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.</p> <p>For example, when the score indicates that the <strong>Attack Vector</strong> is <strong>Local</strong> and <strong>User Interaction</strong> is <strong>Required</strong>, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.</p> Windows Snipping Tool Microsoft Yes CVE-2026-32183 Improper Neutralization of Special Elements used in a Command ('Command Injection') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Remote Code Execution 20854 Remote Code Execution 20853 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Julien Brianceau with Microsoft Nacl Zeeshan Shaikh (@bugzzzhunter) working with <a href="https://www.zerodayinitiative.com/">TrendAI Zero Day Initiative</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> .NET Framework Denial of Service Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> .NET Framework Microsoft Yes CVE-2026-32226 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11650-12097 11650-12086 11650-10853 11650-10543 11650-10379 11650-10483 11676-11569 11676-11568 11676-11570 11676-11803 11676-11926 11676-11930 11676-11929 11676-11931 11677-11569 11677-11570 11862-11568 11862-11569 11862-11570 12078-11924 12079-11929 12079-11930 12079-11931 12079-12085 12079-12086 12079-12244 12079-12243 12079-12389 12079-12390 2472-10483 2472-10543 12079-20853 12079-20854 11676-11923 11676-11924 11676-12097 11676-12098 11676-12099 11677-11568 11863-10379 11863-10378 11863-10543 11863-10483 12079-11923 12079-11924 12079-12097 12079-12098 12079-12099 12079-20437 12079-20438 12079-12242 2472-10378 2472-10379 12079-12437 12079-12436 Denial of Service 11650-12097 Denial of Service 11650-12086 Denial of Service 11650-10853 Denial of Service 11650-10543 Denial of Service 11650-10379 Denial of Service 11650-10483 Denial of Service 11676-11569 Denial of Service 11676-11568 Denial of Service 11676-11570 Denial of Service 11676-11803 Denial of Service 11676-11926 Denial of Service 11676-11930 Denial of Service 11676-11929 Denial of Service 11676-11931 Denial of Service 11677-11569 Denial of Service 11677-11570 Denial of Service 11862-11568 Denial of Service 11862-11569 Denial of Service 11862-11570 Denial of Service 12078-11924 Denial of Service 12079-11929 Denial of Service 12079-11930 Denial of Service 12079-11931 Denial of Service 12079-12085 Denial of Service 12079-12086 Denial of Service 12079-12244 Denial of Service 12079-12243 Denial of Service 12079-12389 Denial of Service 12079-12390 Denial of Service 2472-10483 Denial of Service 2472-10543 Denial of Service 12079-20853 Denial of Service 12079-20854 Denial of Service 11676-11923 Denial of Service 11676-11924 Denial of Service 11676-12097 Denial of Service 11676-12098 Denial of Service 11676-12099 Denial of Service 11677-11568 Denial of Service 11863-10379 Denial of Service 11863-10378 Denial of Service 11863-10543 Denial of Service 11863-10483 Denial of Service 12079-11923 Denial of Service 12079-11924 Denial of Service 12079-12097 Denial of Service 12079-12098 Denial of Service 12079-12099 Denial of Service 12079-20437 Denial of Service 12079-20438 Denial of Service 12079-12242 Denial of Service 2472-10378 Denial of Service 2472-10379 Denial of Service 12079-12437 Denial of Service 12079-12436 Important 11650-12097 Important 11650-12086 Important 11650-10853 Important 11650-10543 Important 11650-10379 Important 11650-10483 Important 11676-11569 Important 11676-11568 Important 11676-11570 Important 11676-11803 Important 11676-11926 Important 11676-11930 Important 11676-11929 Important 11676-11931 Important 11677-11569 Important 11677-11570 Important 11862-11568 Important 11862-11569 Important 11862-11570 Important 12078-11924 Important 12079-11929 Important 12079-11930 Important 12079-11931 Important 12079-12085 Important 12079-12086 Important 12079-12244 Important 12079-12243 Important 12079-12389 Important 12079-12390 Important 2472-10483 Important 2472-10543 Important 12079-20853 Important 12079-20854 Important 11676-11923 Important 11676-11924 Important 11676-12097 Important 11676-12098 Important 11676-12099 Important 11677-11568 Important 11863-10379 Important 11863-10378 Important 11863-10543 Important 11863-10483 Important 12079-11923 Important 12079-11924 Important 12079-12097 Important 12079-12098 Important 12079-12099 Important 12079-20437 Important 12079-20438 Important 12079-12242 Important 2472-10378 Important 2472-10379 Important 12079-12437 Important 12079-12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-12097 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-12086 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10853 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10543 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10379 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10483 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11569 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11568 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11570 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11803 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11926 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11930 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11929 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11931 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11569 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11570 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11862-11568 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11862-11569 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11862-11570 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12078-11924 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11929 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11930 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11931 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12085 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12086 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12244 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12243 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12389 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12390 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10483 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10543 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20853 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20854 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11923 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11924 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12097 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12098 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12099 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11568 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10379 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10378 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10543 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10483 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11923 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11924 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12097 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12098 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12099 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20437 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20438 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12242 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10378 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10379 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12437 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12436 5082426 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082426 11650-12097 11676-11803 11676-11926 11676-12097 11676-12098 11676-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082426 11650-12097 11676-11803 11676-11926 11676-12097 11676-12098 11676-12099 5082426 5082426 https://support.microsoft.com/help/5082426 11650-12097 11676-11803 11676-11926 11676-12097 11676-12098 11676-12099 5082424 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082424 11650-12086 12079-12085 12079-12086 12079-12243 12079-12242 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082424 11650-12086 12079-12085 12079-12086 12079-12243 12079-12242 5082424 5082411 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082411 11650-10853 11650-10543 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082411 11650-10853 11650-10543 5082411 5082403 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082403 11650-10379 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082403 11650-10379 5082403 5082404 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082404 11650-10483 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082404 11650-10483 5082404 5082414 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082414 11676-11569 11676-11568 11676-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.8.4801.0 https://support.microsoft.com/help/5082414 11676-11569 11676-11568 11676-11570 5082414 5082419 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082419 11676-11930 11676-11929 11676-11931 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082419 11676-11930 11676-11929 11676-11931 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 5082419 5082419 https://support.microsoft.com/help/5082419 11676-11930 11676-11929 11676-11931 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 5082413 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082413 11677-11569 11677-11570 11862-11568 11862-11569 11862-11570 11677-11568 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.0 https://support.microsoft.com/help/5082413 11677-11569 11677-11570 11862-11568 11862-11569 11862-11570 11677-11568 5082413 5082425 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082425 12078-11924 12079-11923 12079-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082425 12078-11924 12079-11923 12079-11924 5082425 5082418 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082418 12079-12244 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082418 12079-12244 5082418 5082420 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082420 12079-12389 12079-12390 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082420 12079-12389 12079-12390 5082420 5082406 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082406 2472-10483 2472-10543 Maybe Security Update 2.0.50727.8982 & 3.0.30729.8976 https://support.microsoft.com/help/5082406 2472-10483 2472-10543 5082406 5082421 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082421 12079-20853 12079-20854 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082421 12079-20853 12079-20854 5082421 5082427 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082427 11676-11923 11676-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082427 11676-11923 11676-11924 5082427 5082400 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082400 11863-10379 11863-10378 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082400 11863-10379 11863-10378 5082400 5082402 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082402 11863-10543 11863-10483 Maybe Security Update 4.7.4141.0 https://support.microsoft.com/help/5082402 11863-10543 11863-10483 5082402 5082417 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082417 12079-20437 12079-20438 12079-12437 12079-12436 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082417 12079-20437 12079-20438 12079-12437 12079-12436 5082417 5082398 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082398 2472-10378 2472-10379 Maybe Security Update 2.0.50727.8982 & 3.0.30729.8976 https://support.microsoft.com/help/5082398 2472-10378 2472-10379 5082398 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> 2.0 2026-05-11T07:00:00 <p>This CVE has been updated to include additional Security Updates for .NET Framework</p> Chromium: CVE-2026-6919 Use after free in DevTools <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?</strong></p> <p>Yes. Customers should apply all updates offered for the software installed on their systems.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.86</td> <td>04/24/2026</td> <td>147.0.7727.116/.117</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-6919 11815 11655 11815 11655 11815 11655 Release Notes 11815 No Security Update 147.0.3912.87 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11815 Release Notes Release Notes 11655 No Security Update 147.0.3912.86 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 2.0 2026-04-28T07:00:00 <p>Added a second Security Update to Edge for Andoird. Customers that are running supported version of Edge for Andoird are encouraged to install the update to be protected from this vulnerability.</p> 1.0 2026-04-24T23:57:39 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>In this case, a successful attack could be performed from a low privilege <a href="https://docs.microsoft.com/windows/win32/secauthz/appcontainer-isolation">AppContainer</a>. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-26168 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082123 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://support.microsoft.com/help/5082200 11929 11930 11931 12097 12098 12099 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://support.microsoft.com/help/5083769 20437 20438 12389 12390 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082052 https://support.microsoft.com/help/5082052 12242 12243 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082198 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/vtuberfrederica">Frederica</a> with <a href="https://xlab.tencent.com/">Tencent Xuanwu Lab</a> using the Atuin Automated Vulnerability Discovery System Thanatos Tian (HKPolyU) & @2st___ of Diffract & Zhiniang Peng with HUST <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> Anonymous 1.2 2026-05-29T07:00:00 <p>Updated an acknowledgement. This is an informational change only.</p> 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-21T07:00:00 <p>Acknowledgement added. This is an informational change only.</p>