April 2026 Security Updates Security Update secure@microsoft.com The Microsoft Security Response Center (MSRC) identifies, monitors, resolves, and responds to security incidents and Microsoft software security vulnerabilities. For more information, see http://www.microsoft.com/security/msrc. 2026-Apr 2026-Apr Final 1.0 235 2026-04-15T14:46:03 April 2026 Security Updates 2026-04-14T07:00:00 2026-04-15T14:46:03 <h2 id="this-release-consists-of-the-following-165-microsoft-cves">This release consists of the following 165 Microsoft CVEs:</h2> <table> <thead> <tr> <th>Tag</th> <th>CVE</th> <th>Base Score</th> <th>CVSS Vector</th> <th>Exploitability</th> <th>FAQs?</th> <th>Workarounds?</th> <th>Mitigations?</th> </tr> </thead> <tbody> <tr> <td>Windows Boot Loader</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-0390">CVE-2026-0390</a></td> <td>6.7</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows COM</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20806">CVE-2026-20806</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Recovery Environment Agent</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20928">CVE-2026-20928</a></td> <td>4.6</td> <td>CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Management Services</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20930">CVE-2026-20930</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office SharePoint</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20945">CVE-2026-20945</a></td> <td>4.6</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>GitHub Copilot and Visual Studio Code</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23653">CVE-2026-23653</a></td> <td>5.7</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23657">CVE-2026-23657</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET Framework</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23666">CVE-2026-23666</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Virtualization-Based Security (VBS) Enclave</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23670">CVE-2026-23670</a></td> <td>5.7</td> <td>CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Applocker Filter Driver (applockerfltr.sys)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-25184">CVE-2026-25184</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft PowerShell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26143">CVE-2026-26143</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Power Apps</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26149">CVE-2026-26149</a></td> <td>9.0</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Remote Desktop</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26151">CVE-2026-26151</a></td> <td>7.1</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Cryptographic Services</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26152">CVE-2026-26152</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Encrypting File System (EFS)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26153">CVE-2026-26153</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Server Update Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26154">CVE-2026-26154</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Local Security Authority Subsystem Service (LSASS)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26155">CVE-2026-26155</a></td> <td>6.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Role: Windows Hyper-V</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26156">CVE-2026-26156</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Remote Desktop Licensing Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26159">CVE-2026-26159</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Remote Desktop Licensing Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26160">CVE-2026-26160</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Sensor Data Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26161">CVE-2026-26161</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows OLE</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26162">CVE-2026-26162</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26163">CVE-2026-26163</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26165">CVE-2026-26165</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26166">CVE-2026-26166</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26167">CVE-2026-26167</a></td> <td>8.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26168">CVE-2026-26168</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel Memory</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26169">CVE-2026-26169</a></td> <td>6.1</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft PowerShell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26170">CVE-2026-26170</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26171">CVE-2026-26171</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26172">CVE-2026-26172</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26173">CVE-2026-26173</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Server Update Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26174">CVE-2026-26174</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Boot Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26175">CVE-2026-26175</a></td> <td>4.6</td> <td>CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Client Side Caching driver (csc.sys)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26176">CVE-2026-26176</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26177">CVE-2026-26177</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Advanced Rasterization Platform</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26178">CVE-2026-26178</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26179">CVE-2026-26179</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26180">CVE-2026-26180</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Brokering File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26181">CVE-2026-26181</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26182">CVE-2026-26182</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows RPC API</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26183">CVE-2026-26183</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26184">CVE-2026-26184</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Hello</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27906">CVE-2026-27906</a></td> <td>4.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Storage Spaces Controller</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27907">CVE-2026-27907</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows TDI Translation Driver (tdx.sys)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27908">CVE-2026-27908</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Windows Search Component</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27909">CVE-2026-27909</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Installer</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27910">CVE-2026-27910</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows User Interface Core</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27911">CVE-2026-27911</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kerberos</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27912">CVE-2026-27912</a></td> <td>8.0</td> <td>CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows BitLocker</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27913">CVE-2026-27913</a></td> <td>7.7</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Management Console</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27914">CVE-2026-27914</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27915">CVE-2026-27915</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27916">CVE-2026-27916</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27917">CVE-2026-27917</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27918">CVE-2026-27918</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27919">CVE-2026-27919</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27920">CVE-2026-27920</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows TCP/IP</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27921">CVE-2026-27921</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27922">CVE-2026-27922</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27923">CVE-2026-27923</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27924">CVE-2026-27924</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27925">CVE-2026-27925</a></td> <td>6.5</td> <td>CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Cloud Files Mini Filter Driver</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27926">CVE-2026-27926</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27927">CVE-2026-27927</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Hello</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27928">CVE-2026-27928</a></td> <td>8.7</td> <td>CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows LUAFV</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27929">CVE-2026-27929</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows GDI</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27930">CVE-2026-27930</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows GDI</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27931">CVE-2026-27931</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows SSDP Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32068">CVE-2026-32068</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32069">CVE-2026-32069</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Common Log File System Driver</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32070">CVE-2026-32070</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Local Security Authority Subsystem Service (LSASS)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32071">CVE-2026-32071</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Active Directory</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32072">CVE-2026-32072</a></td> <td>6.2</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32073">CVE-2026-32073</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32074">CVE-2026-32074</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32075">CVE-2026-32075</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Storage Spaces Controller</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32076">CVE-2026-32076</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32077">CVE-2026-32077</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Projected File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32078">CVE-2026-32078</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows File Explorer</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32079">CVE-2026-32079</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows WalletService</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32080">CVE-2026-32080</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows File Explorer</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32081">CVE-2026-32081</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows SSDP Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32082">CVE-2026-32082</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows SSDP Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32083">CVE-2026-32083</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows File Explorer</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32084">CVE-2026-32084</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Remote Procedure Call</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32085">CVE-2026-32085</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Function Discovery Service (fdwsd.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32086">CVE-2026-32086</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Function Discovery Service (fdwsd.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32087">CVE-2026-32087</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Biometric Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32088">CVE-2026-32088</a></td> <td>6.1</td> <td>CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Speech Brokered Api</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32089">CVE-2026-32089</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Speech Brokered Api</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32090">CVE-2026-32090</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Brokering File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32091">CVE-2026-32091</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Function Discovery Service (fdwsd.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32093">CVE-2026-32093</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Role: Windows Hyper-V</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32149">CVE-2026-32149</a></td> <td>7.3</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Function Discovery Service (fdwsd.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32150">CVE-2026-32150</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32151">CVE-2026-32151</a></td> <td>6.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32152">CVE-2026-32152</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Windows Speech</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32153">CVE-2026-32153</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32154">CVE-2026-32154</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Desktop Window Manager</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32155">CVE-2026-32155</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Universal Plug and Play (UPnP) Device Host</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32156">CVE-2026-32156</a></td> <td>7.4</td> <td>CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Remote Desktop Client</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32157">CVE-2026-32157</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32158">CVE-2026-32158</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32159">CVE-2026-32159</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Push Notifications</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32160">CVE-2026-32160</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows COM</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32162">CVE-2026-32162</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows User Interface Core</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32163">CVE-2026-32163</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows User Interface Core</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32164">CVE-2026-32164</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows User Interface Core</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32165">CVE-2026-32165</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>SQL Server</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32167">CVE-2026-32167</a></td> <td>6.7</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Azure Monitor Agent</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32168">CVE-2026-32168</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Azure Logic Apps</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32171">CVE-2026-32171</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>SQL Server</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32176">CVE-2026-32176</a></td> <td>6.7</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32178">CVE-2026-32178</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Windows</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32181">CVE-2026-32181</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Snipping Tool</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32183">CVE-2026-32183</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft High Performance Compute Pack (HPC)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32184">CVE-2026-32184</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32188">CVE-2026-32188</a></td> <td>7.1</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32189">CVE-2026-32189</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32190">CVE-2026-32190</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Azure Monitor Agent</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32192">CVE-2026-32192</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32195">CVE-2026-32195</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Admin Center</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32196">CVE-2026-32196</a></td> <td>6.1</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32197">CVE-2026-32197</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32198">CVE-2026-32198</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Excel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32199">CVE-2026-32199</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office PowerPoint</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32200">CVE-2026-32200</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office SharePoint</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32201">CVE-2026-32201</a></td> <td>6.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C</td> <td>Exploitation Detected</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202">CVE-2026-32202</a></td> <td>4.3</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET and Visual Studio</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32203">CVE-2026-32203</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Universal Plug and Play (upnp.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32212">CVE-2026-32212</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Universal Plug and Play (upnp.dll)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32214">CVE-2026-32214</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32215">CVE-2026-32215</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Redirected Drive Buffering</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32216">CVE-2026-32216</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32217">CVE-2026-32217</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Kernel</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32218">CVE-2026-32218</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Brokering File System</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32219">CVE-2026-32219</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Virtualization-Based Security (VBS) Enclave</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32220">CVE-2026-32220</a></td> <td>4.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Graphics Component</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32221">CVE-2026-32221</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Win32K - ICOMP</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32222">CVE-2026-32222</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows USB Print Driver</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32223">CVE-2026-32223</a></td> <td>6.8</td> <td>CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Server Update Service</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32224">CVE-2026-32224</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Shell</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32225">CVE-2026-32225</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET Framework</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32226">CVE-2026-32226</a></td> <td>5.9</td> <td>CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33095">CVE-2026-33095</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows HTTP.sys</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33096">CVE-2026-33096</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td><strong>Yes</strong></td> </tr> <tr> <td>Windows Container Isolation FS Filter Driver</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33098">CVE-2026-33098</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33099">CVE-2026-33099</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Ancillary Function Driver for WinSock</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33100">CVE-2026-33100</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Print Spooler Components</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33101">CVE-2026-33101</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Dynamics 365 (on-premises)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33103">CVE-2026-33103</a></td> <td>5.5</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Win32K - GRFX</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33104">CVE-2026-33104</a></td> <td>7.0</td> <td>CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33114">CVE-2026-33114</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33115">CVE-2026-33115</a></td> <td>8.4</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>.NET, .NET Framework, Visual Studio</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33116">CVE-2026-33116</a></td> <td>7.5</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33118">CVE-2026-33118</a></td> <td>4.3</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C</td> <td>N/A</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33119">CVE-2026-33119</a></td> <td>5.4</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>SQL Server</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33120">CVE-2026-33120</a></td> <td>8.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Microsoft Office Word</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33822">CVE-2026-33822</a></td> <td>6.1</td> <td>CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows IKE Extension</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33824">CVE-2026-33824</a></td> <td>9.8</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td><strong>Yes</strong></td> </tr> <tr> <td>Microsoft Defender</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33825">CVE-2026-33825</a></td> <td>7.8</td> <td>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Active Directory</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33826">CVE-2026-33826</a></td> <td>8.0</td> <td>CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation More Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows TCP/IP</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33827">CVE-2026-33827</a></td> <td>8.1</td> <td>CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C</td> <td>Exploitation Less Likely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Windows Snipping Tool</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33829">CVE-2026-33829</a></td> <td>4.3</td> <td>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C</td> <td>Exploitation Unlikely</td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> </tbody> </table> <h2 id="we-are-republishing-82-non-microsoft-cves">We are republishing 82 non-Microsoft CVEs:</h2> <table> <thead> <tr> <th>CNA</th> <th>Tag</th> <th>CVE</th> <th>FAQs?</th> <th>Workarounds?</th> <th>Mitigations?</th> </tr> </thead> <tbody> <tr> <td>AMD</td> <td>Input-Output Memory Management Unit (IOMMU)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-20585">CVE-2023-20585</a></td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>HackerOne</td> <td>Node.js</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-21637">CVE-2026-21637</a></td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>MITRE</td> <td>Windows Secure Boot</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-25250">CVE-2026-25250</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>GitHub</td> <td>GitHub Repo: Git for Windows</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32631">CVE-2026-32631</a></td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5272">CVE-2026-5272</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5273">CVE-2026-5273</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5274">CVE-2026-5274</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5275">CVE-2026-5275</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5276">CVE-2026-5276</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5277">CVE-2026-5277</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5279">CVE-2026-5279</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5280">CVE-2026-5280</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5281">CVE-2026-5281</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5283">CVE-2026-5283</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5284">CVE-2026-5284</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5285">CVE-2026-5285</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5286">CVE-2026-5286</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5287">CVE-2026-5287</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5289">CVE-2026-5289</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5290">CVE-2026-5290</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5291">CVE-2026-5291</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5292">CVE-2026-5292</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5858">CVE-2026-5858</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5859">CVE-2026-5859</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5860">CVE-2026-5860</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5861">CVE-2026-5861</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5862">CVE-2026-5862</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5863">CVE-2026-5863</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5864">CVE-2026-5864</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5865">CVE-2026-5865</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5866">CVE-2026-5866</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5867">CVE-2026-5867</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5868">CVE-2026-5868</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5869">CVE-2026-5869</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5870">CVE-2026-5870</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5871">CVE-2026-5871</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5872">CVE-2026-5872</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5873">CVE-2026-5873</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5874">CVE-2026-5874</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5875">CVE-2026-5875</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5876">CVE-2026-5876</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5877">CVE-2026-5877</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5878">CVE-2026-5878</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5879">CVE-2026-5879</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5880">CVE-2026-5880</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5881">CVE-2026-5881</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5882">CVE-2026-5882</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5883">CVE-2026-5883</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5884">CVE-2026-5884</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5885">CVE-2026-5885</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5886">CVE-2026-5886</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5887">CVE-2026-5887</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5888">CVE-2026-5888</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5889">CVE-2026-5889</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5890">CVE-2026-5890</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5891">CVE-2026-5891</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5892">CVE-2026-5892</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5893">CVE-2026-5893</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5894">CVE-2026-5894</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5895">CVE-2026-5895</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5896">CVE-2026-5896</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5897">CVE-2026-5897</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5898">CVE-2026-5898</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5899">CVE-2026-5899</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5900">CVE-2026-5900</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5901">CVE-2026-5901</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5902">CVE-2026-5902</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5903">CVE-2026-5903</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5904">CVE-2026-5904</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5905">CVE-2026-5905</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5906">CVE-2026-5906</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5907">CVE-2026-5907</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5908">CVE-2026-5908</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5909">CVE-2026-5909</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5910">CVE-2026-5910</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5911">CVE-2026-5911</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5912">CVE-2026-5912</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5913">CVE-2026-5913</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5914">CVE-2026-5914</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5915">CVE-2026-5915</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5918">CVE-2026-5918</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> <tr> <td>Chrome</td> <td>Microsoft Edge (Chromium-based)</td> <td><a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-5919">CVE-2026-5919</a></td> <td><strong>Yes</strong></td> <td>No</td> <td>No</td> </tr> </tbody> </table> <h2 id="security-update-guide-blog-posts">Security Update Guide Blog Posts</h2> <table> <thead> <tr> <th>Date</th> <th>Blog Post</th> </tr> </thead> <tbody> <tr> <td>October 31, 2025</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/introducing-new-features-improved-security-experience">You asked, we delivered: Introducing new features for an improved security experience</a></td> </tr> <tr> <td>October 28, 2025</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/understanding-cve-2025-55315">Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know</a></td> </tr> <tr> <td>October 22, 2025</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">Toward greater transparency: Introducing machine-readable Vulnerability Exploitability Xchange (VEX) for Azure Linux and beyond</a></td> </tr> <tr> <td>November 12, 2024</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2024/11/toward-greater-transparency-publishing-machine-readable-csaf-files">Toward greater transparency: Publishing machine-readable CSAF files</a></td> </tr> <tr> <td>June 27, 2024</td> <td><a href="https://msrc.microsoft.com/blog/2024/06/toward-greater-transparency-unveiling-cloud-service-cves1/">Toward greater transparency: Unveiling Cloud Service CVEs</a></td> </tr> <tr> <td>April 9, 2024</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2024/04/toward-greater-transparency-adopting-the-cwe-standard-for-microsoft-cves">Toward greater transparency: Security Update Guide now shares CWEs for CVEs</a></td> </tr> <tr> <td>January 6, 2023</td> <td><a href="https://www.microsoft.com/en-us/msrc/blog/2023/01/publishing-cbl-mariner-cves-on-the-security-update-guide-cvrf-api/">Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API</a></td> </tr> <tr> <td>January 11, 2022</td> <td><a href="https://aka.ms/SUGNotificationProfile">Coming Soon: New Security Update Guide Notification System</a></td> </tr> <tr> <td>February 9, 2021</td> <td><a href="https://msrc-blog.microsoft.com/2021/02/09/continuing-to-listen-good-news-about-the-security-update-guide-api/">Continuing to Listen: Good News about the Security Update Guide API</a></td> </tr> <tr> <td>January 13, 2021</td> <td><a href="https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/">Security Update Guide Supports CVEs Assigned by Industry Partners</a></td> </tr> <tr> <td>December 8, 2020</td> <td><a href="https://msrc-blog.microsoft.com/2020/12/08/security-update-guide-lets-keep-the-conversation-going/">Security Update Guide: Let’s keep the conversation going</a></td> </tr> <tr> <td>November 9, 2020</td> <td><a href="https://msrc-blog.microsoft.com/2020/11/09/vulnerability-descriptions-in-the-new-version-of-the-security-update-guide/">Vulnerability Descriptions in the New Version of the Security Update Guide</a></td> </tr> </tbody> </table> <h2 id="relevant-resources">Relevant Resources</h2> <ul> <li>The new Hotpatching feature is now generally available. Please see <a href="https://docs.microsoft.com/en-us/azure/automanage/automanage-hotpatch?WT.mc_id=modinfra-18529-thmaure">Hotpatching feature for Windows Server Azure Edition virtual machines (VMs)</a> for more information.</li> <li>Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the <a href="https://www.catalog.update.microsoft.com/Home.aspx">Microsoft Update Catalog</a>. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see <a href="https://docs.microsoft.com/en-us/lifecycle/faq/windows">Windows Lifecycle Facts Sheet</a>.</li> <li>Microsoft is improving Windows Release Notes. For more information, please see <a href="https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-next-for-windows-release-notes/ba-p/1754399">What's next for Windows release notes</a>.</li> <li>A list of the latest servicing stack updates for each operating system can be found in <a href="https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001">ADV990001</a>. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.</li> <li>In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.</li> <li>Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See <a href="https://support.microsoft.com/en-us/topic/procedure-to-continue-receiving-security-updates-after-extended-support-ends-on-january-14-2020-48c59204-fe67-3f42-84fc-c3c3145ff28e">4522133</a> for more information.</li> </ul> <h2 id="known-issues">Known Issues</h2> <p>You can see these in more detail from the Deployments tab by selecting <strong>Known Issues</strong> column in the <strong>Edit Columns</strong> panel.</p> <p>For more information about Windows Known Issues, please see <a href="https://docs.microsoft.com/en-us/windows/release-information/windows-message-center">Windows message center</a> (links to currently-supported versions of Windows are in the left pane).</p> <table> <thead> <tr> <th>KB Article</th> <th>Applies To</th> </tr> </thead> <tbody> <tr> <td><a href="https://support.microsoft.com/help/5082060">5082060</a></td> <td>Windows Server 2022 23H2</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5082063">5082063</a></td> <td>Windows Server 2025</td> </tr> <tr> <td><a href="https://support.microsoft.com/help/5082142">5082142</a></td> <td>Windows Server 2022</td> </tr> </tbody> </table> The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation) Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows Server 2025 (Server Core installation) Windows 11 Version 25H2 for ARM systems Windows 11 Version 25H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems Windows Server 2025 Windows 11 Version 26H1 for ARM64-based Systems Windows 11 version 26H1 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows App Client for Windows Desktop Remote Desktop client for Windows Desktop Windows Admin Center Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Microsoft Visual Studio Code CoPilot Chat Extension Microsoft Visual Studio 2022 version 17.12 Microsoft Visual Studio 2022 version 17.14 .NET 10.0 installed on Windows .NET 10.0 installed on Mac OS .NET 10.0 installed on Linux .NET 8.0 .NET 8.0 installed on Linux .NET 8.0 installed on Windows .NET 8.0 installed on Mac OS .NET 9.0 installed on Linux .NET 9.0 installed on Windows .NET 9.0 installed on Mac OS Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2012 R2 Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation) Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 26H1 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems Microsoft .NET Framework 4.8 on Windows Server 2012 Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for ARM systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for x64-based Systems Microsoft .NET Framework 3.5 on Windows Server 2012 Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 on Windows Server 2012 R2 Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for x64-based Systems Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) PowerShell 7.5 PowerShell 7.4 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft SharePoint Server Subscription Edition Office Online Server Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2024 for 32-bit editions Microsoft Office LTSC 2024 for 64-bit editions Microsoft Office LTSC for Mac 2024 Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft PowerPoint 2016 (32-bit edition) Microsoft PowerPoint 2016 (64-bit edition) Microsoft Power Apps Microsoft Dynamics 365 (on-premises) version 9.0 Microsoft SQL Server 2025 for x64-based Systems (CU3) Microsoft SQL Server 2022 for x64-based Systems (CU 24) Microsoft SQL Server 2017 for x64-based Systems (GDR) Microsoft SQL Server 2019 for x64-based Systems (GDR) Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack Microsoft SQL Server 2022 for x64-based Systems (GDR) Microsoft SQL Server 2017 for x64-based Systems (CU 31) Microsoft SQL Server 2025 for x64-based Systems (GDR) Microsoft SQL Server 2019 for x64-based Systems (CU 32) Azure Monitor Agent Microsoft HPC Pack 2019 Azure Logic Apps Microsoft Edge (Chromium-based) Microsoft Edge for Android Microsoft Defender Antimalware Platform cbl2 sqlite 3.39.2-4 on CBL Mariner 2.0 azl3 xz 5.4.4-2 on Azure Linux 3.0 azl3 sudo 1.9.17-1 on Azure Linux 3.0 azl3 gcc 13.2.0-7 on Azure Linux 3.0 azl3 libcontainers-common 20240213-3 on Azure Linux 3.0 azl3 sqlite 3.44.0-2 on Azure Linux 3.0 cbl2 sqlite 3.39.2-3 on CBL Mariner 2.0 azl3 openssh 9.8p1-5 on Azure Linux 3.0 cbl2 openssh 8.9p1-9 on CBL Mariner 2.0 cbl2 cmake 3.21.4-23 on CBL Mariner 2.0 cbl2 xz 5.2.5-1 on CBL Mariner 2.0 azl3 rust 1.75.0-27 on Azure Linux 3.0 cbl2 rust 1.72.0-15 on CBL Mariner 2.0 azl3 rust 1.90.0-6 on Azure Linux 3.0 azl3 xz 5.4.4-3 on Azure Linux 3.0 azl3 cups 2.4.16-1 on Azure Linux 3.0 cbl2 cups 2.3.3op2-11 on CBL Mariner 2.0 azl3 kernel 6.6.130.1-3 on Azure Linux 3.0 azl3 util-linux 2.40.2-3 on Azure Linux 3.0 cbl2 util-linux 2.37.4-10 on CBL Mariner 2.0 azl3 util-linux 2.40.2-4 on Azure Linux 3.0 cbl2 sudo 1.9.17-1 on CBL Mariner 2.0 azl3 poetry 1.8.3-1 on Azure Linux 3.0 cbl2 vim 9.2.0240-1 on CBL Mariner 2.0 azl3 vim 9.2.0240-1 on Azure Linux 3.0 cbl2 avahi 0.8-5 on CBL Mariner 2.0 azl3 avahi 0.8-7 on Azure Linux 3.0 azl3 avahi 0.8-8 on Azure Linux 3.0 azl3 openssl 3.3.5-4 on Azure Linux 3.0 cbl2 cloud-hypervisor-cvm 38.0.72.2-5 on CBL Mariner 2.0 azl3 cloud-hypervisor 48.0.246-4 on Azure Linux 3.0 azl3 nodejs24 24.13.0-3 on Azure Linux 3.0 azl3 qemu 9.1.0-1 on Azure Linux 3.0 azl3 nodejs24 24.14.1-1 on Azure Linux 3.0 cbl2 cloud-hypervisor 32.0-7 on CBL Mariner 2.0 cbl2 edk2 20230301gitf80f052277c8-47 on CBL Mariner 2.0 cbl2 hvloader 1.0.1-18 on CBL Mariner 2.0 cbl2 openssl 1.1.1k-39 on CBL Mariner 2.0 cbl2 qemu 6.2.0-27 on CBL Mariner 2.0 azl3 pytorch 2.2.2-12 on Azure Linux 3.0 cbl2 pytorch 2.0.0-15 on CBL Mariner 2.0 azl3 kernel 6.6.0.0-1 on Azure Linux 3.0 cbl2 kernel 5.15.202.1-1 on CBL Mariner 2.0 azl3 azurelinux-image-tools 1.2.0-2 on Azure Linux 3.0 azl3 cloud-provider-kubevirt 0.5.1-3 on Azure Linux 3.0 azl3 containerd2 2.0.0-18 on Azure Linux 3.0 azl3 containerized-data-importer 1.62.0-2 on Azure Linux 3.0 azl3 coredns 1.11.4-15 on Azure Linux 3.0 azl3 cri-tools 1.32.0-4 on Azure Linux 3.0 cbl2 etcd 3.5.28-1 on CBL Mariner 2.0 azl3 etcd 3.5.28-1 on Azure Linux 3.0 azl3 gh 2.62.0-13 on Azure Linux 3.0 azl3 keda 2.14.1-11 on Azure Linux 3.0 azl3 telegraf 1.31.0-17 on Azure Linux 3.0 cbl2 golang 1.18.8-10 on CBL Mariner 2.0 cbl2 golang 1.22.7-5 on CBL Mariner 2.0 azl3 golang 1.25.8-1 on Azure Linux 3.0 azl3 golang 1.26.1-1 on Azure Linux 3.0 cbl2 msft-golang 1.25.8-1 on CBL Mariner 2.0 azl3 python-tensorboard 2.16.2-6 on Azure Linux 3.0 cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 azl3 tensorflow 2.16.1-11 on Azure Linux 3.0 azl3 golang 1.25.9-1 on Azure Linux 3.0 azl3 golang 1.26.2-1 on Azure Linux 3.0 cbl2 python-tensorboard 2.11.0-3 on CBL Mariner 2.0 cbl2 libcap 2.60-7 on CBL Mariner 2.0 azl3 libcap 2.69-13 on Azure Linux 3.0 azl3 libcap 2.69-14 on Azure Linux 3.0 cbl2 helm 3.14.2-10 on CBL Mariner 2.0 azl3 libpng 1.6.56-1 on Azure Linux 3.0 cbl2 libpng 1.6.56-1 on CBL Mariner 2.0 azl3 systemd 255-26 on Azure Linux 3.0 cbl2 systemd 250.3-24 on CBL Mariner 2.0 cbl2 osslsigncode 2.7-1 on CBL Mariner 2.0 azl3 libexif 0.6.24-2 on Azure Linux 3.0 cbl2 libexif 0.6.24-2 on CBL Mariner 2.0 azl3 mesa 24.0.1-6 on Azure Linux 3.0 azl3 haproxy 2.9.11-4 on Azure Linux 3.0 cbl2 mariadb 10.6.25-1 on CBL Mariner 2.0 azl3 mariadb 10.11.16-1 on Azure Linux 3.0 cbl2 libinput 1.21.0-2 on CBL Mariner 2.0 azl3 libinput 1.25.0-1 on Azure Linux 3.0 azl3 sleuthkit 4.12.1-1 on Azure Linux 3.0 cbl2 sleuthkit 4.9.0-4 on CBL Mariner 2.0 azl3 kernel 0.0.0-1 on Azure Linux 3.0 azl3 rubygem-addressable 2.8.5-2 on Azure Linux 3.0 cbl2 rubygem-addressable 2.8.0-2 on CBL Mariner 2.0 azl3 edk2 20240524git3e722403cd16-15 on Azure Linux 3.0 azl3 docker-buildx 0.14.0-10 on Azure Linux 3.0 azl3 docker-compose 2.27.0-8 on Azure Linux 3.0 cbl2 moby-buildx 0.7.1-28 on CBL Mariner 2.0 cbl2 moby-compose 2.17.3-14 on CBL Mariner 2.0 cbl2 moby-containerd 1.6.26-13 on CBL Mariner 2.0 cbl2 moby-containerd-cc 1.7.7-13 on CBL Mariner 2.0 cbl2 moby-engine 24.0.9-19 on CBL Mariner 2.0 cbl2 prometheus 2.37.9-7 on CBL Mariner 2.0 azl3 moby-containerd-cc 1.7.7-10 on Azure Linux 3.0 azl3 moby-engine 25.0.3-15 on Azure Linux 3.0 cbl2 containerized-data-importer 1.55.0-28 on CBL Mariner 2.0 cbl2 cri-o 1.22.3-20 on CBL Mariner 2.0 cbl2 gcc 11.2.0-9 on CBL Mariner 2.0 cbl2 libcontainers-common 20210626-7 on CBL Mariner 2.0 cbl2 skopeo 1.14.2-15 on CBL Mariner 2.0 azl3 skopeo 1.14.4-9 on Azure Linux 3.0 azl3 javapackages-bootstrap 1.14.0-4 on Azure Linux 3.0 cbl2 python3 3.9.19-19 on CBL Mariner 2.0 azl3 python3 3.12.9-10 on Azure Linux 3.0 cbl2 rubygem-rdiscount 2.2.0.2-3 on CBL Mariner 2.0 azl3 rubygem-rdiscount 2.2.7.1-1 on Azure Linux 3.0 Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft PowerPoint 2016 (32-bit edition) Microsoft PowerPoint 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Windows Server 2016 Office Online Server Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 (Server Core installation) Microsoft SharePoint Enterprise Server 2016 Microsoft SQL Server 2017 for x64-based Systems (GDR) Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft SharePoint Server 2019 Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Windows Admin Center Microsoft .NET Framework 4.8 on Windows Server 2012 Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.8 on Windows Server 2012 R2 Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems Microsoft Edge (Chromium-based) Microsoft Dynamics 365 (on-premises) version 9.0 Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1809 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows Server, version 20H2 (Server Core Installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 22H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Microsoft Defender Antimalware Platform Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Edge for Android Microsoft SQL Server 2019 for x64-based Systems (GDR) Remote Desktop client for Windows Desktop Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation) Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Microsoft Office LTSC for Mac 2021 Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft SharePoint Server Subscription Edition Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 21H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 23H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2022, 23H2 Edition (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 24H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 Microsoft .NET Framework 3.5 AND 4.8.1 on Windows Server 2025 (Server Core installation) Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for ARM systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 25H2 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 version 26H1 for x64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for ARM64-based Systems Microsoft .NET Framework 3.5 AND 4.8.1 on Windows 11 Version 26H1 for x64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Microsoft SQL Server 2017 for x64-based Systems (CU 31) Microsoft SQL Server 2022 for x64-based Systems (GDR) Microsoft Power Apps Azure Logic Apps Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) .NET 8.0 PowerShell 7.4 Azure Monitor Agent Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems .NET 8.0 installed on Windows .NET 8.0 installed on Linux .NET 8.0 installed on Mac OS Microsoft Office LTSC 2024 for 32-bit editions Microsoft Office LTSC 2024 for 64-bit editions .NET 9.0 installed on Linux .NET 9.0 installed on Mac OS .NET 9.0 installed on Windows Windows Server 2025 Windows Server 2025 (Server Core installation) Microsoft Office LTSC for Mac 2024 Microsoft HPC Pack 2019 Windows App Client for Windows Desktop Microsoft Visual Studio 2022 version 17.12 Microsoft Visual Studio 2022 version 17.14 Microsoft Visual Studio Code CoPilot Chat Extension Microsoft SQL Server 2019 for x64-based Systems (CU 32) PowerShell 7.5 azl3 libcontainers-common 20240213-3 on Azure Linux 3.0 azl3 gcc 13.2.0-7 on Azure Linux 3.0 azl3 xz 5.4.4-2 on Azure Linux 3.0 cbl2 sqlite 3.39.2-4 on CBL Mariner 2.0 azl3 sudo 1.9.17-1 on Azure Linux 3.0 cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 azl3 python-tensorboard 2.16.2-6 on Azure Linux 3.0 cbl2 python-tensorboard 2.11.0-3 on CBL Mariner 2.0 azl3 poetry 1.8.3-1 on Azure Linux 3.0 cbl2 sqlite 3.39.2-3 on CBL Mariner 2.0 cbl2 libcontainers-common 20210626-7 on CBL Mariner 2.0 cbl2 cloud-hypervisor-cvm 38.0.72.2-5 on CBL Mariner 2.0 azl3 sleuthkit 4.12.1-1 on Azure Linux 3.0 cbl2 cloud-hypervisor 32.0-7 on CBL Mariner 2.0 cbl2 sudo 1.9.17-1 on CBL Mariner 2.0 azl3 sqlite 3.44.0-2 on Azure Linux 3.0 cbl2 golang 1.22.7-5 on CBL Mariner 2.0 Windows 11 Version 25H2 for ARM systems Windows 11 Version 25H2 for x64-based Systems cbl2 golang 1.18.8-10 on CBL Mariner 2.0 cbl2 openssh 8.9p1-9 on CBL Mariner 2.0 azl3 openssh 9.8p1-5 on Azure Linux 3.0 cbl2 gcc 11.2.0-9 on CBL Mariner 2.0 cbl2 moby-engine 24.0.9-19 on CBL Mariner 2.0 azl3 haproxy 2.9.11-4 on Azure Linux 3.0 azl3 cups 2.4.16-1 on Azure Linux 3.0 Microsoft SQL Server 2025 for x64-based Systems (GDR) cbl2 cups 2.3.3op2-11 on CBL Mariner 2.0 cbl2 util-linux 2.37.4-10 on CBL Mariner 2.0 azl3 util-linux 2.40.2-3 on Azure Linux 3.0 .NET 10.0 installed on Windows .NET 10.0 installed on Mac OS .NET 10.0 installed on Linux Windows 11 version 26H1 for x64-based Systems Windows 11 Version 26H1 for ARM64-based Systems cbl2 avahi 0.8-5 on CBL Mariner 2.0 azl3 avahi 0.8-7 on Azure Linux 3.0 cbl2 python3 3.9.19-19 on CBL Mariner 2.0 cbl2 helm 3.14.2-10 on CBL Mariner 2.0 azl3 qemu 9.1.0-1 on Azure Linux 3.0 azl3 pytorch 2.2.2-12 on Azure Linux 3.0 azl3 cloud-provider-kubevirt 0.5.1-3 on Azure Linux 3.0 azl3 containerd2 2.0.0-18 on Azure Linux 3.0 azl3 containerized-data-importer 1.62.0-2 on Azure Linux 3.0 azl3 cri-tools 1.32.0-4 on Azure Linux 3.0 azl3 docker-buildx 0.14.0-10 on Azure Linux 3.0 azl3 docker-compose 2.27.0-8 on Azure Linux 3.0 azl3 gh 2.62.0-13 on Azure Linux 3.0 cbl2 moby-compose 2.17.3-14 on CBL Mariner 2.0 cbl2 moby-containerd 1.6.26-13 on CBL Mariner 2.0 cbl2 moby-containerd-cc 1.7.7-13 on CBL Mariner 2.0 azl3 keda 2.14.1-11 on Azure Linux 3.0 cbl2 prometheus 2.37.9-7 on CBL Mariner 2.0 azl3 moby-containerd-cc 1.7.7-10 on Azure Linux 3.0 azl3 tensorflow 2.16.1-11 on Azure Linux 3.0 azl3 mariadb 10.11.16-1 on Azure Linux 3.0 azl3 nodejs24 24.13.0-3 on Azure Linux 3.0 azl3 systemd 255-26 on Azure Linux 3.0 cbl2 osslsigncode 2.7-1 on CBL Mariner 2.0 azl3 rubygem-rdiscount 2.2.7.1-1 on Azure Linux 3.0 cbl2 rubygem-rdiscount 2.2.0.2-3 on CBL Mariner 2.0 Microsoft SQL Server 2025 for x64-based Systems (CU3) Microsoft SQL Server 2022 for x64-based Systems (CU 24) cbl2 kernel 5.15.202.1-1 on CBL Mariner 2.0 azl3 kernel 6.6.130.1-3 on Azure Linux 3.0 azl3 python3 3.12.9-10 on Azure Linux 3.0 cbl2 pytorch 2.0.0-15 on CBL Mariner 2.0 azl3 libpng 1.6.56-1 on Azure Linux 3.0 cbl2 libpng 1.6.56-1 on CBL Mariner 2.0 cbl2 rust 1.72.0-15 on CBL Mariner 2.0 azl3 rust 1.75.0-27 on Azure Linux 3.0 azl3 golang 1.25.8-1 on Azure Linux 3.0 azl3 golang 1.26.1-1 on Azure Linux 3.0 cbl2 msft-golang 1.25.8-1 on CBL Mariner 2.0 cbl2 qemu 6.2.0-27 on CBL Mariner 2.0 cbl2 cmake 3.21.4-23 on CBL Mariner 2.0 azl3 rust 1.90.0-6 on Azure Linux 3.0 cbl2 systemd 250.3-24 on CBL Mariner 2.0 azl3 telegraf 1.31.0-17 on Azure Linux 3.0 cbl2 libexif 0.6.24-2 on CBL Mariner 2.0 cbl2 mariadb 10.6.25-1 on CBL Mariner 2.0 azl3 vim 9.2.0240-1 on Azure Linux 3.0 azl3 cloud-hypervisor 48.0.246-4 on Azure Linux 3.0 cbl2 vim 9.2.0240-1 on CBL Mariner 2.0 cbl2 xz 5.2.5-1 on CBL Mariner 2.0 azl3 openssl 3.3.5-4 on Azure Linux 3.0 cbl2 libinput 1.21.0-2 on CBL Mariner 2.0 azl3 libinput 1.25.0-1 on Azure Linux 3.0 azl3 kernel 0.0.0-1 on Azure Linux 3.0 azl3 kernel 6.6.0.0-1 on Azure Linux 3.0 azl3 rubygem-addressable 2.8.5-2 on Azure Linux 3.0 cbl2 rubygem-addressable 2.8.0-2 on CBL Mariner 2.0 azl3 edk2 20240524git3e722403cd16-15 on Azure Linux 3.0 azl3 azurelinux-image-tools 1.2.0-2 on Azure Linux 3.0 cbl2 moby-buildx 0.7.1-28 on CBL Mariner 2.0 azl3 moby-engine 25.0.3-15 on Azure Linux 3.0 azl3 coredns 1.11.4-15 on Azure Linux 3.0 cbl2 etcd 3.5.28-1 on CBL Mariner 2.0 azl3 etcd 3.5.28-1 on Azure Linux 3.0 cbl2 edk2 20230301gitf80f052277c8-47 on CBL Mariner 2.0 cbl2 hvloader 1.0.1-18 on CBL Mariner 2.0 cbl2 openssl 1.1.1k-39 on CBL Mariner 2.0 cbl2 containerized-data-importer 1.55.0-28 on CBL Mariner 2.0 cbl2 cri-o 1.22.3-20 on CBL Mariner 2.0 cbl2 skopeo 1.14.2-15 on CBL Mariner 2.0 azl3 skopeo 1.14.4-9 on Azure Linux 3.0 cbl2 libcap 2.60-7 on CBL Mariner 2.0 azl3 libcap 2.69-13 on Azure Linux 3.0 azl3 nodejs24 24.14.1-1 on Azure Linux 3.0 cbl2 sleuthkit 4.9.0-4 on CBL Mariner 2.0 azl3 javapackages-bootstrap 1.14.0-4 on Azure Linux 3.0 azl3 libexif 0.6.24-2 on Azure Linux 3.0 azl3 mesa 24.0.1-6 on Azure Linux 3.0 azl3 golang 1.25.9-1 on Azure Linux 3.0 azl3 avahi 0.8-8 on Azure Linux 3.0 azl3 golang 1.26.2-1 on Azure Linux 3.0 azl3 xz 5.4.4-3 on Azure Linux 3.0 azl3 util-linux 2.40.2-4 on Azure Linux 3.0 azl3 libcap 2.69-14 on Azure Linux 3.0 Microsoft .NET Framework 3.5 on Windows Server 2012 Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) Microsoft .NET Framework 3.5 on Windows Server 2012 R2 Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) Mariner mitre Yes CVE-2026-35414 Always-Incorrect Control Flow Implementation 20632-17084 20608-17086 20632-17084 20608-17086 Moderate 20632-17084 Low 20608-17086 4.2 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N 20632-17084 4.2 3.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U 20608-17086 2.0 2026-04-05T01:02:37 <p>Information published.</p> 3.0 2026-04-07T01:41:35 <p>Information published.</p> 1.0 2026-04-04T01:02:14 <p>Information published.</p> Mariner mitre Yes CVE-2026-35386 Incorrect Behavior Order 20632-17084 20608-17086 20632-17084 20608-17086 Low 20632-17084 Low 20608-17086 3.6 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N 20632-17084 3.6 3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U 20608-17086 CBL-Mariner Releases 20632-17084 No Security Update 9.8p1-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20632-17084 CBL-Mariner Releases 1.0 2026-04-04T01:02:20 <p>Information published.</p> 2.0 2026-04-07T01:02:11 <p>Information published.</p> 3.0 2026-04-11T01:39:56 <p>Information published.</p> XZ Utils: Buffer overflow in lzma_index_append() Mariner GitHub_M Yes CVE-2026-34743 Heap-based Buffer Overflow 19442-17084 21120-17086 21167-17086 21110-17084 21108-17086 21123-17084 21212-17084 19442-17084 21120-17086 21167-17086 21110-17084 21108-17086 21123-17084 21212-17084 Low 19442-17084 Low 21120-17086 Low 21167-17086 Low 21110-17084 Low 21108-17086 Low 21123-17084 Low 21212-17084 CBL-Mariner Releases 19442-17084 21212-17084 No Security Update 5.4.4-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19442-17084 21212-17084 CBL-Mariner Releases CBL-Mariner Releases 21167-17086 No Security Update 5.2.5-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21167-17086 CBL-Mariner Releases CBL-Mariner Releases 21110-17084 No Security Update 1.75.0-28 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21110-17084 CBL-Mariner Releases CBL-Mariner Releases 21108-17086 No Security Update 1.72.0-16 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21108-17086 CBL-Mariner Releases CBL-Mariner Releases 21123-17084 No Security Update 1.90.0-7 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21123-17084 CBL-Mariner Releases 1.0 2026-04-04T01:02:38 <p>Information published.</p> 2.0 2026-04-07T01:01:44 <p>Information published.</p> 3.0 2026-04-09T14:38:23 <p>Information published.</p> 4.0 2026-04-11T01:40:16 <p>Information published.</p> 5.0 2026-04-14T14:44:33 <p>Information published.</p> 6.0 2026-04-15T01:42:40 <p>Information published.</p> OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) Mariner GitHub_M Yes CVE-2026-34978 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 6.5 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P 20737-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 20768-17086 1.0 2026-04-05T01:01:34 <p>Information published.</p> 2.0 2026-04-07T01:40:49 <p>Information published.</p> 3.0 2026-04-09T01:01:30 <p>Information published.</p> OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup Mariner GitHub_M Yes CVE-2026-27447 Incorrect Authorization 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 4.8 4.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N/E:P 20737-17084 4.8 4.8 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N 20768-17086 1.0 2026-04-05T01:01:39 <p>Information published.</p> 2.0 2026-04-07T01:01:49 <p>Information published.</p> 3.0 2026-04-07T01:40:54 <p>Information published.</p> io_uring/poll: fix multishot recv missing EOF on wakeup race Mariner Linux Yes CVE-2026-23473 21094-17084 21094-17084 Moderate 21094-17084 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-05T01:01:50 <p>Information published.</p> 2.0 2026-04-07T01:41:05 <p>Information published.</p> mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations Mariner Linux Yes CVE-2026-31394 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 CBL-Mariner Releases 21094-17084 No Security Update 6.6.130.1-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21094-17084 CBL-Mariner Releases 1.0 2026-04-05T01:02:02 <p>Information published.</p> 2.0 2026-04-07T14:37:49 <p>Information published.</p> drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Mariner Linux Yes CVE-2026-23468 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-05T01:02:13 <p>Information published.</p> 2.0 2026-04-07T01:41:20 <p>Information published.</p> ipv6: add NULL checks for idev in SRv6 paths Mariner Linux Yes CVE-2026-23442 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-05T01:02:19 <p>Information published.</p> 2.0 2026-04-07T01:41:25 <p>Information published.</p> util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup Mariner GitHub_M Yes CVE-2026-27456 Improper Link Resolution Before File Access ('Link Following') 20804-17084 20786-17086 21213-17084 20804-17084 20786-17086 21213-17084 Moderate 20804-17084 Moderate 20786-17086 Moderate 21213-17084 4.7 4.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U 20804-17084 4.7 4.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U 20786-17086 4.7 4.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U 21213-17084 CBL-Mariner Releases 20804-17084 21213-17084 No Security Update 2.40.2-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20804-17084 21213-17084 CBL-Mariner Releases 1.0 2026-04-05T01:02:24 <p>Information published.</p> 1.1 2026-04-06T14:38:10 <p>Information published.</p> 2.0 2026-04-07T01:02:16 <p>Information published.</p> 3.0 2026-04-07T01:41:30 <p>Information published.</p> 4.0 2026-04-14T01:41:50 <p>Information published.</p> 5.0 2026-04-14T14:44:40 <p>Information published.</p> Mariner mitre Yes CVE-2026-35535 Privilege Dropping / Lowering Errors 20260-17086 19595-17084 20260-17086 19595-17084 Important 20260-17086 Important 19595-17084 7.4 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 20260-17086 7.4 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 19595-17084 CBL-Mariner Releases 19595-17084 No Security Update 1.9.17-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19595-17084 CBL-Mariner Releases 1.0 2026-04-05T01:02:45 <p>Information published.</p> 2.0 2026-04-06T14:38:26 <p>Information published.</p> 3.0 2026-04-11T01:40:10 <p>Information published.</p> ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION Mariner Linux Yes CVE-2026-31410 21094-17084 21094-17084 Moderate 21094-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 21094-17084 1.0 2026-04-07T01:01:16 <p>Information published.</p> netfilter: conntrack: add missing netlink policy validations Mariner Linux Yes CVE-2026-31407 21094-17084 21094-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 1.0 2026-04-07T01:01:22 <p>Information published.</p> Util-linux: util-linux: access control bypass due to improper hostname canonicalization Mariner redhat Yes CVE-2026-3184 Authentication Bypass by Alternate Name 20786-17086 20804-17084 21213-17084 20786-17086 20804-17084 21213-17084 Low 20786-17086 Low 20804-17084 Low 21213-17084 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U 20786-17086 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U 20804-17084 3.7 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U 21213-17084 CBL-Mariner Releases 20804-17084 21213-17084 No Security Update 2.40.2-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20804-17084 21213-17084 CBL-Mariner Releases 1.0 2026-04-07T01:02:25 <p>Information published.</p> 3.0 2026-04-14T14:44:51 <p>Information published.</p> 2.0 2026-04-14T01:41:57 <p>Information published.</p> Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write Mariner GitHub_M Yes CVE-2026-34591 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 19719-17084 19719-17084 Important 19719-17084 1.0 2026-04-07T01:02:30 <p>Information published.</p> Vim modeline bypass via various options affects Vim < 9.2.0276 Mariner GitHub_M Yes CVE-2026-34982 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 21163-17086 21147-17084 21163-17086 21147-17084 Important 21163-17086 Important 21147-17084 8.2 8.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N 21163-17086 8.2 8.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N 21147-17084 CBL-Mariner Releases 21147-17084 No Security Update 9.2.0315-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21147-17084 CBL-Mariner Releases 1.0 2026-04-08T01:01:19 <p>Information published.</p> 2.0 2026-04-09T01:02:34 <p>Information published.</p> Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon Mariner GitHub_M Yes CVE-2026-34933 Reachable Assertion 20861-17086 20862-17084 21205-17084 20861-17086 20862-17084 21205-17084 Moderate 20861-17086 Moderate 20862-17084 Moderate 21205-17084 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 20861-17086 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 20862-17084 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 21205-17084 CBL-Mariner Releases 20861-17086 No Security Update 0.8-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20861-17086 CBL-Mariner Releases CBL-Mariner Releases 20862-17084 21205-17084 No Security Update 0.8-8 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20862-17084 21205-17084 CBL-Mariner Releases 1.0 2026-04-09T01:01:25 <p>Information published.</p> 2.0 2026-04-13T14:38:48 <p>Information published.</p> 3.0 2026-04-14T14:44:57 <p>Information published.</p> CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported` Mariner GitHub_M Yes CVE-2026-39314 Integer Underflow (Wrap or Wraparound) 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 4.0 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 20737-17084 4.0 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 20768-17086 1.0 2026-04-09T01:01:57 <p>Information published.</p> 2.0 2026-04-11T01:01:16 <p>Information published.</p> Heap Buffer Overflow in Hexadecimal Conversion Mariner openssl Yes CVE-2026-31789 Out-of-bounds Write 21168-17084 19805-17086 21154-17084 21059-17084 20963-17084 21110-17084 21123-17084 21192-17084 21168-17084 19805-17086 21154-17084 21059-17084 20963-17084 21110-17084 21123-17084 21192-17084 Moderate 21168-17084 Important 19805-17086 Important 21154-17084 Moderate 21059-17084 Moderate 20963-17084 Important 21110-17084 Moderate 21123-17084 Moderate 21192-17084 4.7 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 21168-17084 7.3 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 19805-17086 7.3 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 21154-17084 7.3 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 21110-17084 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases 5.0 2026-04-15T01:45:06 <p>Information published.</p> 1.0 2026-04-09T01:02:03 <p>Information published.</p> 2.0 2026-04-10T14:39:30 <p>Information published.</p> 3.0 2026-04-11T01:05:12 <p>Information published.</p> 4.0 2026-04-14T14:45:44 <p>Information published.</p> Potential Use-after-free in DANE Client Code Mariner openssl Yes CVE-2026-28387 Use After Free 21168-17084 20115-17086 19805-17086 21154-17084 21183-17086 21184-17086 21185-17086 21059-17084 21118-17086 21108-17086 20963-17084 21110-17084 21123-17084 21192-17084 21168-17084 20115-17086 19805-17086 21154-17084 21183-17086 21184-17086 21185-17086 21059-17084 21118-17086 21108-17086 20963-17084 21110-17084 21123-17084 21192-17084 Low 21168-17084 Important 20115-17086 Important 19805-17086 Important 21154-17084 Moderate 21183-17086 Moderate 21184-17086 Moderate 21185-17086 Moderate 21059-17084 Moderate 21118-17086 Moderate 21108-17086 Moderate 20963-17084 Moderate 21110-17084 Moderate 21123-17084 Moderate 21192-17084 3.8 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 21168-17084 8.1 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 20115-17086 8.1 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 19805-17086 8.1 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21154-17084 7.0 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U 21183-17086 7.0 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U 21184-17086 7.0 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U 21185-17086 1.0 2026-04-09T01:02:09 <p>Information published.</p> 4.0 2026-04-15T01:44:18 <p>Information published.</p> 2.0 2026-04-11T01:04:19 <p>Information published.</p> 3.0 2026-04-14T14:46:16 <p>Information published.</p> Incorrect Failure Handling in RSA KEM RSASVE Encapsulation Mariner openssl Yes CVE-2026-31790 Improper Check for Unusual or Exceptional Conditions 21168-17084 21168-17084 Moderate 21168-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 21168-17084 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases 1.0 2026-04-09T01:02:14 <p>Information published.</p> 2.0 2026-04-10T14:39:43 <p>Information published.</p> NULL Pointer Dereference When Processing a Delta CRL Mariner openssl Yes CVE-2026-28388 NULL Pointer Dereference 21168-17084 20115-17086 19805-17086 21154-17084 21183-17086 21184-17086 21185-17086 21118-17086 21059-17084 21108-17086 20963-17084 21110-17084 21123-17084 21192-17084 21168-17084 20115-17086 19805-17086 21154-17084 21183-17086 21184-17086 21185-17086 21118-17086 21059-17084 21108-17086 20963-17084 21110-17084 21123-17084 21192-17084 Moderate 21168-17084 Moderate 20115-17086 Moderate 19805-17086 Important 21154-17084 Moderate 21183-17086 Moderate 21184-17086 Moderate 21185-17086 Moderate 21118-17086 Moderate 21059-17084 Moderate 21108-17086 Moderate 20963-17084 Moderate 21110-17084 Moderate 21123-17084 Moderate 21192-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21168-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 20115-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 19805-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21154-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21183-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21184-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21185-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21108-17086 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases 1.0 2026-04-09T01:02:20 <p>Information published.</p> 2.0 2026-04-10T14:39:50 <p>Information published.</p> 5.0 2026-04-15T01:44:38 <p>Information published.</p> 3.0 2026-04-11T01:04:53 <p>Information published.</p> 4.0 2026-04-14T14:45:17 <p>Information published.</p> ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load Mariner GitHub_M Yes CVE-2026-34446 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 20972-17084 21103-17086 20972-17084 21103-17086 Moderate 20972-17084 Moderate 21103-17086 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 20972-17084 4.7 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 21103-17086 1.0 2026-04-09T01:02:48 <p>Information published.</p> apparmor: fix: limit the number of levels of policy namespaces Mariner Linux Yes CVE-2026-23405 21173-17084 21173-17084 Moderate 21173-17084 6.5 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:21 <p>Information published.</p> Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver Mariner EEF Yes CVE-2026-28810 Generation of Predictable Numbers or Identifiers 21093-17086 21094-17084 21093-17086 21094-17084 Moderate 21093-17086 Moderate 21094-17084 1.0 2026-04-11T01:01:30 <p>Information published.</p> OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) Mariner GitHub_M Yes CVE-2026-29181 Allocation of Resources Without Limits or Throttling 21177-17084 20986-17084 20988-17084 20989-17084 21180-17084 20991-17084 21181-17086 21182-17084 20997-17084 21007-17084 21127-17084 21177-17084 20986-17084 20988-17084 20989-17084 21180-17084 20991-17084 21181-17086 21182-17084 20997-17084 21007-17084 21127-17084 Moderate 21177-17084 Moderate 20986-17084 Moderate 20988-17084 Moderate 20989-17084 Moderate 21180-17084 Moderate 20991-17084 Moderate 21181-17086 Moderate 21182-17084 Moderate 20997-17084 Moderate 21007-17084 Moderate 21127-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21177-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20986-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20988-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20989-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21180-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20991-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21181-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21182-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20997-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21007-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21127-17084 1.0 2026-04-11T01:03:43 <p>Information published.</p> Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile Mariner Go Yes CVE-2026-27144 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Important 20519-17086 Important 20387-17086 Important 21113-17084 Important 21116-17084 Important 21117-17086 Important 19693-17084 Important 19668-17086 Important 21021-17084 Important 21203-17084 Important 21206-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 20519-17086 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 20387-17086 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21113-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21116-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21117-17086 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21203-17084 7.7 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U 21206-17084 3.0 2026-04-15T01:47:59 <p>Information published.</p> 1.0 2026-04-11T01:08:48 <p>Information published.</p> 2.0 2026-04-14T14:47:27 <p>Information published.</p> TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix Mariner Go Yes CVE-2026-32282 21203-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21206-17084 21203-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21206-17084 Moderate 21203-17084 Moderate 20519-17086 Moderate 20387-17086 Moderate 21113-17084 Moderate 21116-17084 Moderate 21117-17086 Critical 19712-17086 Critical 19693-17084 Critical 19668-17086 Critical 21021-17084 Moderate 21206-17084 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21203-17084 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 20519-17086 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 20387-17086 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21113-17084 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21116-17084 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21117-17086 5.3 4.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N/E:U 21206-17084 1.0 2026-04-11T01:09:15 <p>Information published.</p> 2.0 2026-04-14T14:46:24 <p>Information published.</p> 3.0 2026-04-15T01:48:20 <p>Information published.</p> Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509 Mariner Go Yes CVE-2026-33810 21113-17084 21116-17084 21113-17084 21116-17084 Moderate 21113-17084 Moderate 21116-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 21113-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 21116-17084 CBL-Mariner Releases 21113-17084 No Security Update 1.25.9-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21113-17084 CBL-Mariner Releases CBL-Mariner Releases 21116-17084 No Security Update 1.26.2-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21116-17084 CBL-Mariner Releases 1.0 2026-04-11T01:10:17 <p>Information published.</p> 2.0 2026-04-14T14:47:37 <p>Information published.</p> Libcap: libcap: privilege escalation via toctou race condition in cap_set_file() Mariner redhat Yes CVE-2026-4878 Time-of-check Time-of-use (TOCTOU) Race Condition 21190-17086 21191-17084 21214-17084 21190-17086 21191-17084 21214-17084 Moderate 21190-17086 Moderate 21191-17084 Moderate 21214-17084 6.7 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 21190-17086 6.7 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 21191-17084 6.7 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 21214-17084 CBL-Mariner Releases 21190-17086 No Security Update 2.60-8 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21190-17086 CBL-Mariner Releases CBL-Mariner Releases 21191-17084 21214-17084 No Security Update 2.69-14 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21191-17084 21214-17084 CBL-Mariner Releases 1.0 2026-04-11T01:10:27 <p>Information published.</p> 2.0 2026-04-13T14:40:25 <p>Information published.</p> 3.0 2026-04-14T14:47:44 <p>Information published.</p> Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment Mariner GitHub_M Yes CVE-2026-35206 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 20941-17086 20941-17086 Moderate 20941-17086 1.0 2026-04-12T01:01:40 <p>Information published.</p> 2.0 2026-04-13T14:40:33 <p>Information published.</p> LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure Mariner GitHub_M Yes CVE-2026-34757 Use After Free 21104-17084 21105-17086 21104-17084 21105-17086 Moderate 21104-17084 Moderate 21105-17086 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 21104-17084 5.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 21105-17086 CBL-Mariner Releases 21104-17084 No Security Update 1.6.57-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21104-17084 CBL-Mariner Releases 1.0 2026-04-12T01:01:49 <p>Information published.</p> 2.0 2026-04-13T14:40:40 <p>Information published.</p> 3.0 2026-04-15T01:49:16 <p>Information published.</p> Mariner mitre Yes CVE-2026-40226 Use of Less Trusted Source 21060-17084 21125-17086 21060-17084 21125-17086 Moderate 21060-17084 Moderate 21125-17086 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21060-17084 6.4 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 21125-17086 1.0 2026-04-12T01:01:57 <p>Information published.</p> 2.0 2026-04-13T14:40:48 <p>Information published.</p> osslsigncode has a Stack Buffer Overflow via Unbounded Digest Copy During Signature Verification Mariner GitHub_M Yes CVE-2026-39853 Stack-based Buffer Overflow 21087-17086 21087-17086 Important 21087-17086 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 21087-17086 1.0 2026-04-12T01:02:14 <p>Information published.</p> 2.0 2026-04-13T14:40:53 <p>Information published.</p> osslsigncode has an Integer Underflow in PE Page Hash Calculation Can Cause Out-of-Bounds Read Mariner GitHub_M Yes CVE-2026-39855 Out-of-bounds Read 21087-17086 21087-17086 Moderate 21087-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21087-17086 1.0 2026-04-12T01:02:19 <p>Information published.</p> 2.0 2026-04-13T14:40:58 <p>Information published.</p> osslsigncode has an Out-of-Bounds Read via Unvalidated Section Bounds in PE Page Hash Calculation Mariner GitHub_M Yes CVE-2026-39856 Out-of-bounds Read 21087-17086 21087-17086 Moderate 21087-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21087-17086 1.0 2026-04-12T01:02:25 <p>Information published.</p> 2.0 2026-04-13T14:41:03 <p>Information published.</p> Mariner mitre Yes CVE-2026-40385 Integer Overflow or Wraparound 21198-17084 21131-17086 21198-17084 21131-17086 Moderate 21198-17084 Moderate 21131-17086 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21198-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21131-17086 CBL-Mariner Releases 21198-17084 21131-17086 No Security Update 0.6.24-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21198-17084 21131-17086 CBL-Mariner Releases 1.0 2026-04-14T01:01:26 <p>Information published.</p> 2.0 2026-04-14T14:48:07 <p>Information published.</p> 3.0 2026-04-15T01:01:42 <p>Information published.</p> 4.0 2026-04-15T14:45:30 <p>Information published.</p> Mariner mitre Yes CVE-2026-40393 Out-of-bounds Write 21199-17084 21199-17084 Important 21199-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21199-17084 1.0 2026-04-14T01:01:32 <p>Information published.</p> netfilter: nfnetlink_log: account for netlink header size Mariner Linux Yes CVE-2026-31416 21094-17084 21094-17084 Important 21094-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21094-17084 1.0 2026-04-14T01:01:38 <p>Information published.</p> net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() Mariner Linux Yes CVE-2026-31423 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-14T01:01:43 <p>Information published.</p> netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Mariner Linux Yes CVE-2026-31424 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-14T01:01:49 <p>Information published.</p> netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp Mariner Linux Yes CVE-2026-31427 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 1.0 2026-04-14T01:02:11 <p>Information published.</p> net: bonding: fix use-after-free in bond_xmit_broadcast() Mariner Linux Yes CVE-2026-31419 21094-17084 21094-17084 Important 21094-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H 21094-17084 1.0 2026-04-14T01:02:22 <p>Information published.</p> net/sched: cls_fw: fix NULL pointer dereference on shared blocks Mariner Linux Yes CVE-2026-31421 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-14T01:02:33 <p>Information published.</p> netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD Mariner Linux Yes CVE-2026-31428 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 21094-17084 1.0 2026-04-14T01:02:38 <p>Information published.</p> netfilter: ipset: drop logically empty buckets in mtype_del Mariner Linux Yes CVE-2026-31418 21094-17084 21094-17084 Important 21094-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21094-17084 1.0 2026-04-14T01:02:44 <p>Information published.</p> 2.0 2026-04-14T01:44:36 <p>Information published.</p> Mariner mitre Yes CVE-2026-33555 Improper Handling of Length Parameter Inconsistency 20734-17084 20734-17084 Moderate 20734-17084 4.0 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N 20734-17084 1.0 2026-04-15T01:01:51 <p>Information published.</p> wc_VerifyEccsiHash missing sanity check Mariner wolfSSL Yes CVE-2026-5466 Improper Verification of Cryptographic Signature 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:01:59 <p>Information published.</p> wolfSSL ECDSA Certificate Verification Mariner wolfSSL Yes CVE-2026-5194 Improper Certificate Validation 21143-17086 21054-17084 21143-17086 21054-17084 Critical 21143-17086 Critical 21054-17084 1.0 2026-04-15T01:02:34 <p>Information published.</p> 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore Mariner wolfSSL Yes CVE-2026-5448 Heap-based Buffer Overflow 21143-17086 21054-17084 21143-17086 21054-17084 Low 21143-17086 Low 21054-17084 1.0 2026-04-15T01:02:59 <p>Information published.</p> DTLS 1.3 ACK heap buffer overflow Mariner wolfSSL Yes CVE-2026-5264 Heap-based Buffer Overflow 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:03:33 <p>Information published.</p> Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path. Mariner wolfSSL Yes CVE-2026-5778 Integer Underflow (Wrap or Wraparound) 21054-17084 21143-17086 21054-17084 21143-17086 Low 21054-17084 Low 21143-17086 1.0 2026-04-15T01:03:58 <p>Information published.</p> Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3 Mariner wolfSSL Yes CVE-2026-5460 Use After Free 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:04:23 <p>Information published.</p> wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse Mariner wolfSSL Yes CVE-2026-5446 Reusing a Nonce, Key Pair in Encryption 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:04:48 <p>Information published.</p> KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE Mariner Linux Yes CVE-2026-23401 21094-17084 21094-17084 Important 21094-17084 8.4 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U 21094-17084 1.0 2026-04-02T01:01:28 <p>Information published.</p> 2.0 2026-04-03T01:39:03 <p>Information published.</p> Mariner mitre Yes CVE-2026-35388 Unprotected Alternate Channel 20608-17086 20632-17084 20608-17086 20632-17084 Low 20608-17086 Low 20632-17084 2.5 2.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U 20608-17086 2.5 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N 20632-17084 CBL-Mariner Releases 20632-17084 No Security Update 9.8p1-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20632-17084 CBL-Mariner Releases 1.0 2026-04-04T01:02:08 <p>Information published.</p> 2.0 2026-04-07T01:01:55 <p>Information published.</p> 3.0 2026-04-11T01:39:45 <p>Information published.</p> Mariner mitre Yes CVE-2026-35387 Always-Incorrect Control Flow Implementation 20632-17084 20608-17086 20632-17084 20608-17086 Low 20632-17084 Low 20608-17086 3.1 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 20632-17084 3.1 2.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U 20608-17086 1.0 2026-04-04T01:02:26 <p>Information published.</p> 2.0 2026-04-07T01:02:00 <p>Information published.</p> Mariner mitre Yes CVE-2026-35385 Improper Preservation of Permissions 20608-17086 20632-17084 20608-17086 20632-17084 Moderate 20608-17086 Important 20632-17084 7.5 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U 20608-17086 7.5 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 20632-17084 CBL-Mariner Releases 20632-17084 No Security Update 9.8p1-6 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20632-17084 CBL-Mariner Releases 1.0 2026-04-04T01:02:32 <p>Information published.</p> 3.0 2026-04-11T01:40:03 <p>Information published.</p> 2.0 2026-04-07T01:02:05 <p>Information published.</p> xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion Mariner GitHub_M Yes CVE-2026-34601 XML Injection (aka Blind XPath Injection) 19693-17084 19712-17086 19693-17084 19712-17086 Important 19693-17084 Important 19712-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 19693-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 19712-17086 1.0 2026-04-04T01:02:47 <p>Information published.</p> 2.0 2026-04-15T01:42:18 <p>Information published.</p> Mariner mitre Yes CVE-2026-35549 Memory Allocation with Excessive Size Value 21054-17084 21054-17084 Moderate 21054-17084 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 21054-17084 1.0 2026-04-04T01:02:53 <p>Information published.</p> OpenPrinting CUPS: Heap overflow in `get_options()` Mariner GitHub_M Yes CVE-2026-34979 Heap-based Buffer Overflow 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 5.3 5.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P 20737-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 20768-17086 1.0 2026-04-05T01:01:23 <p>Information published.</p> 3.0 2026-04-09T01:01:35 <p>Information published.</p> 2.0 2026-04-07T01:40:39 <p>Information published.</p> OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network Mariner GitHub_M Yes CVE-2026-34980 Improper Input Validation 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 1.0 2026-04-05T01:01:28 <p>Information published.</p> 2.0 2026-04-07T01:40:44 <p>Information published.</p> 3.0 2026-04-09T01:01:40 <p>Information published.</p> OpenPrinting CUPS: Local print admin token disclosure using temporary printers Mariner GitHub_M Yes CVE-2026-34990 Improper Authentication 20737-17084 20768-17086 20737-17084 20768-17086 Moderate 20737-17084 Moderate 20768-17086 1.0 2026-04-05T01:01:45 <p>Information published.</p> 2.0 2026-04-07T01:41:00 <p>Information published.</p> 3.0 2026-04-09T01:01:45 <p>Information published.</p> serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN Mariner Linux Yes CVE-2026-23472 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-05T01:01:55 <p>Information published.</p> 2.0 2026-04-07T01:41:10 <p>Information published.</p> wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure Mariner Linux Yes CVE-2026-23444 21094-17084 21094-17084 Moderate 21094-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U 21094-17084 1.0 2026-04-05T01:02:07 <p>Information published.</p> 2.0 2026-04-07T01:41:15 <p>Information published.</p> Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold Mariner Linux Yes CVE-2026-31408 21094-17084 21094-17084 Important 21094-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21094-17084 1.0 2026-04-07T01:01:28 <p>Information published.</p> Path traversal issue with zip.vim in Vim Mariner GitHub_M Yes CVE-2026-35177 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 21147-17084 21163-17086 21147-17084 21163-17086 Moderate 21147-17084 Moderate 21163-17086 4.1 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L 21147-17084 4.1 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L 21163-17086 CBL-Mariner Releases 21147-17084 No Security Update 9.2.0315-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21147-17084 CBL-Mariner Releases 1.0 2026-04-08T01:01:25 <p>Information published.</p> 2.0 2026-04-09T01:02:39 <p>Information published.</p> CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer Mariner GitHub_M Yes CVE-2026-39316 Use After Free 20737-17084 20768-17086 20737-17084 20768-17086 Low 20737-17084 Moderate 20768-17086 4.0 3.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U 20737-17084 4.0 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 20768-17086 1.0 2026-04-09T01:01:51 <p>Information published.</p> 2.0 2026-04-11T01:01:21 <p>Information published.</p> Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins Mariner redhat Yes CVE-2026-35093 Improper Control of Generation of Code ('Code Injection') 21169-17086 21170-17084 21169-17086 21170-17084 Important 21169-17086 Important 21170-17084 8.8 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 21169-17086 8.8 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 21170-17084 1.0 2026-04-09T01:02:29 <p>Information published.</p> 2.0 2026-04-15T01:42:54 <p>Information published.</p> ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings. Mariner GitHub_M Yes CVE-2026-34445 Improper Input Validation 20972-17084 21103-17086 20972-17084 21103-17086 Important 20972-17084 Important 21103-17086 8.6 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 20972-17084 8.6 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 21103-17086 1.0 2026-04-09T01:02:56 <p>Information published.</p> Sleuth Kit ISO9660 SUSP Extension Reference Out-of-Bounds Read Mariner VulnCheck Yes CVE-2026-40026 Out-of-bounds Read 20112-17084 21193-17086 20112-17084 21193-17086 Moderate 20112-17084 Moderate 21193-17086 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 20112-17084 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 21193-17086 CBL-Mariner Releases 20112-17084 No Security Update 4.12.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20112-17084 CBL-Mariner Releases 1.0 2026-04-10T01:01:43 <p>Information published.</p> 3.0 2026-04-11T01:40:37 <p>Information published.</p> 2.0 2026-04-11T01:10:43 <p>Information published.</p> Sleuth Kit APFS Keybag Parser Out-of-Bounds Read Mariner VulnCheck Yes CVE-2026-40025 Out-of-bounds Read 20112-17084 21193-17086 20112-17084 21193-17086 Moderate 20112-17084 Moderate 21193-17086 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 20112-17084 4.4 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L 21193-17086 CBL-Mariner Releases 20112-17084 No Security Update 4.12.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20112-17084 CBL-Mariner Releases 1.0 2026-04-10T01:01:48 <p>Information published.</p> 2.0 2026-04-11T01:10:38 <p>Information published.</p> 3.0 2026-04-11T01:40:44 <p>Information published.</p> Sleuth Kit tsk_recover Path Traversal Mariner VulnCheck Yes CVE-2026-40024 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 20112-17084 21193-17086 20112-17084 21193-17086 Important 20112-17084 Important 21193-17086 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 20112-17084 7.1 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N 21193-17086 CBL-Mariner Releases 20112-17084 No Security Update 4.12.1-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20112-17084 CBL-Mariner Releases 1.0 2026-04-10T01:01:54 <p>Information published.</p> 2.0 2026-04-11T01:10:48 <p>Information published.</p> 3.0 2026-04-11T01:40:50 <p>Information published.</p> Vim Ex command injection in Vims NetBeans integration Mariner GitHub_M Yes CVE-2026-39881 Improper Control of Generation of Code ('Code Injection') 21147-17084 21163-17086 21147-17084 21163-17086 Moderate 21147-17084 Moderate 21163-17086 5.0 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N 21147-17084 5.0 4.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N/E:U 21163-17086 CBL-Mariner Releases 21147-17084 No Security Update 9.2.0323-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21147-17084 CBL-Mariner Releases 1.0 2026-04-10T01:01:59 <p>Information published.</p> 2.0 2026-04-11T01:10:54 <p>Information published.</p> 3.0 2026-04-11T01:40:57 <p>Information published.</p> apparmor: fix memory leak in verify_header Mariner Linux Yes CVE-2026-23403 21172-17084 21172-17084 Moderate 21172-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21172-17084 CBL-Mariner Releases 21172-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21172-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:07 <p>Information published.</p> apparmor: replace recursive profile removal with iterative approach Mariner Linux Yes CVE-2026-23404 21173-17084 21173-17084 Moderate 21173-17084 5.5 5.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:14 <p>Information published.</p> apparmor: fix side-effect bug in match_char() macro usage Mariner Linux Yes CVE-2026-23406 21173-17084 21173-17084 Important 21173-17084 7.8 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:27 <p>Information published.</p> apparmor: fix missing bounds check on DEFAULT table in verify_dfa() Mariner Linux Yes CVE-2026-23407 21173-17084 21173-17084 Important 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:33 <p>Information published.</p> apparmor: Fix double free of ns_name in aa_replace_profiles() Mariner Linux Yes CVE-2026-23408 21173-17084 21173-17084 Important 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:39 <p>Information published.</p> apparmor: fix differential encoding verification Mariner Linux Yes CVE-2026-23409 21173-17084 21173-17084 Moderate 21173-17084 7.1 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:45 <p>Information published.</p> apparmor: fix race on rawdata dereference Mariner Linux Yes CVE-2026-23410 21173-17084 21173-17084 Important 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:51 <p>Information published.</p> apparmor: fix race between freeing data and fs accessing it Mariner Linux Yes CVE-2026-23411 21173-17084 21173-17084 Important 21173-17084 7.8 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 21173-17084 CBL-Mariner Releases 21173-17084 No Security Update 6.6.130.1-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21173-17084 CBL-Mariner Releases 1.0 2026-04-10T01:02:58 <p>Information published.</p> Addressable has a Regular Expression Denial of Service in Addressable templates Mariner GitHub_M Yes CVE-2026-35611 Inefficient Regular Expression Complexity 21174-17084 21175-17086 21174-17084 21175-17086 Important 21174-17084 Important 21175-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21174-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21175-17086 CBL-Mariner Releases 21174-17084 No Security Update 2.9.0-1 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21174-17084 CBL-Mariner Releases 2.0 2026-04-15T01:43:25 <p>Information published.</p> 1.0 2026-04-11T01:01:39 <p>Information published.</p> Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo Mariner openssl Yes CVE-2026-28389 NULL Pointer Dereference 21168-17084 19805-17086 21154-17084 21176-17084 21059-17084 20963-17084 21110-17084 21123-17084 21185-17086 21192-17084 21168-17084 19805-17086 21154-17084 21176-17084 21059-17084 20963-17084 21110-17084 21123-17084 21185-17086 21192-17084 Moderate 21168-17084 Moderate 19805-17086 Moderate 21154-17084 Moderate 21176-17084 Moderate 21059-17084 Moderate 20963-17084 Moderate 21110-17084 Moderate 21123-17084 Moderate 21185-17086 Moderate 21192-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21168-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 19805-17086 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21154-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21176-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21059-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20963-17084 5.3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 21110-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21123-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21185-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21192-17084 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases 1.0 2026-04-11T01:02:05 <p>Information published.</p> 2.0 2026-04-12T01:02:02 <p>Information published.</p> 3.0 2026-04-13T14:40:14 <p>Information published.</p> 4.0 2026-04-14T14:45:31 <p>Information published.</p> 4.1 2026-04-15T01:44:54 <p>Information published.</p> Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo Mariner openssl Yes CVE-2026-28390 NULL Pointer Dereference 21168-17084 19805-17086 21154-17084 21176-17084 21059-17084 20963-17084 21110-17084 21123-17084 21185-17086 21192-17084 21168-17084 19805-17086 21154-17084 21176-17084 21059-17084 20963-17084 21110-17084 21123-17084 21185-17086 21192-17084 Moderate 21168-17084 Important 19805-17086 Important 21154-17084 Moderate 21176-17084 Moderate 21059-17084 Moderate 20963-17084 Important 21110-17084 Moderate 21123-17084 Moderate 21185-17086 Moderate 21192-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21168-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19805-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21154-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21176-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21059-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20963-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21110-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21123-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21185-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21192-17084 CBL-Mariner Releases 21168-17084 No Security Update 3.3.5-5 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21168-17084 CBL-Mariner Releases 4.0 2026-04-14T14:45:59 <p>Information published.</p> 5.0 2026-04-15T01:45:23 <p>Information published.</p> 1.0 2026-04-11T01:02:31 <p>Information published.</p> 2.0 2026-04-12T01:02:07 <p>Information published.</p> 3.0 2026-04-13T14:40:01 <p>Information published.</p> 3.1 2026-04-14T01:44:07 <p>Information published.</p> OpenTelemetry-Go OTLP HTTP exporters read unbounded HTTP response bodies Mariner GitHub_M Yes CVE-2026-39882 Memory Allocation with Excessive Size Value 21177-17084 20988-17084 20992-17084 20994-17084 21178-17086 21000-17086 21001-17086 21002-17086 20701-17086 21009-17086 21012-17084 21179-17084 21177-17084 20988-17084 20992-17084 20994-17084 21178-17086 21000-17086 21001-17086 21002-17086 20701-17086 21009-17086 21012-17084 21179-17084 Moderate 21177-17084 Moderate 20988-17084 Moderate 20992-17084 Moderate 20994-17084 Moderate 21178-17086 Moderate 21000-17086 Moderate 21001-17086 Moderate 21002-17086 Moderate 20701-17086 Moderate 21009-17086 Moderate 21012-17084 Moderate 21179-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21177-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20988-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20992-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20994-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21178-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21000-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21001-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21002-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20701-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21009-17086 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21012-17084 5.3 4.9 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21179-17084 1.0 2026-04-11T01:03:08 <p>Information published.</p> Unbounded allocation for old GNU sparse in archive/tar Mariner Go Yes CVE-2026-32288 21186-17086 21187-17086 20989-17084 20688-17086 18315-17084 20519-17086 20387-17086 20997-17084 21113-17084 19792-17086 20701-17086 21116-17084 21117-17086 17793-17084 19712-17086 21179-17084 19693-17084 21188-17086 19668-17086 21189-17084 21021-17084 21203-17084 21206-17084 21186-17086 21187-17086 20989-17084 20688-17086 18315-17084 20519-17086 20387-17086 20997-17084 21113-17084 19792-17086 20701-17086 21116-17084 21117-17086 17793-17084 19712-17086 21179-17084 19693-17084 21188-17086 19668-17086 21189-17084 21021-17084 21203-17084 21206-17084 Moderate 21186-17086 Moderate 21187-17086 Moderate 20989-17084 Moderate 20688-17086 Moderate 18315-17084 Moderate 20519-17086 Moderate 20387-17086 Moderate 20997-17084 Moderate 21113-17084 Important 19792-17086 Moderate 20701-17086 Moderate 21116-17084 Moderate 21117-17086 Important 17793-17084 Important 19712-17086 Moderate 21179-17084 Important 19693-17084 Moderate 21188-17086 Important 19668-17086 Moderate 21189-17084 Important 21021-17084 Moderate 21203-17084 Moderate 21206-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21186-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21187-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20989-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20688-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 18315-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20519-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20387-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20997-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21113-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 20701-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21116-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21117-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21179-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21188-17086 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21189-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21203-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 21206-17084 3.0 2026-04-15T01:46:07 <p>Information published.</p> 1.0 2026-04-11T01:06:16 <p>Information published.</p> 2.0 2026-04-14T14:46:32 <p>Information published.</p> Inefficient policy validation in crypto/x509 Mariner Go Yes CVE-2026-32281 20688-17086 20519-17086 18315-17084 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20688-17086 20519-17086 18315-17084 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Moderate 20688-17086 Moderate 20519-17086 Moderate 18315-17084 Moderate 20387-17086 Moderate 21113-17084 Moderate 21116-17084 Moderate 21117-17086 Important 19712-17086 Important 19693-17084 Important 19668-17086 Important 21021-17084 Moderate 21203-17084 Moderate 21206-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20688-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20519-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 18315-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20387-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21113-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21116-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21117-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21203-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21206-17084 3.0 2026-04-15T01:46:32 <p>Information published.</p> 1.0 2026-04-11T01:06:47 <p>Information published.</p> 2.0 2026-04-14T14:47:11 <p>Information published.</p> JsBraceDepth Context Tracking Bugs (XSS) in html/template Mariner Go Yes CVE-2026-32289 20688-17086 18315-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20688-17086 18315-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Moderate 20688-17086 Moderate 18315-17084 Moderate 20519-17086 Moderate 20387-17086 Moderate 21113-17084 Moderate 21116-17084 Moderate 21117-17086 Moderate 19712-17086 Moderate 19693-17084 Moderate 19668-17086 Moderate 21021-17084 Moderate 21203-17084 Moderate 21206-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 20688-17086 6.1 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 18315-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 20519-17086 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 20387-17086 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21113-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21116-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21117-17086 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21203-17084 6.1 5.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U 21206-17084 1.0 2026-04-11T01:07:20 <p>Information published.</p> 2.0 2026-04-14T14:46:40 <p>Information published.</p> Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls Mariner Go Yes CVE-2026-32283 20688-17086 18315-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20688-17086 18315-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Moderate 20688-17086 Moderate 18315-17084 Moderate 20519-17086 Moderate 20387-17086 Moderate 21113-17084 Moderate 21116-17084 Moderate 21117-17086 Important 19712-17086 Important 19693-17084 Important 19668-17086 Important 21021-17084 Moderate 21203-17084 Moderate 21206-17084 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20688-17086 5.9 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 18315-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20519-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 20387-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21113-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21116-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21117-17086 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21203-17084 7.5 6.9 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U 21206-17084 3.0 2026-04-15T01:47:16 <p>Information published.</p> 1.0 2026-04-11T01:07:52 <p>Information published.</p> 2.0 2026-04-14T14:46:48 <p>Information published.</p> Unexpected work during chain building in crypto/x509 Mariner Go Yes CVE-2026-32280 20688-17086 20519-17086 18315-17084 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20688-17086 20519-17086 18315-17084 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Important 20688-17086 Important 20519-17086 Important 18315-17084 Important 20387-17086 Important 21113-17084 Important 21116-17084 Important 21117-17086 Important 19712-17086 Important 19693-17084 Important 19668-17086 Important 21021-17084 Important 21203-17084 Important 21206-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20688-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20519-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 18315-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 20387-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21113-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21116-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21117-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19712-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19693-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 19668-17086 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21021-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21203-17084 7.5 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 21206-17084 3.0 2026-04-15T01:47:43 <p>Information published.</p> 1.0 2026-04-11T01:08:24 <p>Information published.</p> 2.0 2026-04-14T14:46:55 <p>Information published.</p> Missing bound checks can lead to memory corruption in safe Go in cmd/compile Mariner Go Yes CVE-2026-27143 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 Critical 20519-17086 Critical 20387-17086 Critical 21113-17084 Critical 21116-17084 Critical 21117-17086 Critical 19712-17086 Critical 19693-17084 Critical 19668-17086 Critical 21021-17084 Critical 21203-17084 Critical 21206-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 20519-17086 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 20387-17086 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21113-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21116-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21117-17086 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21203-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 21206-17084 1.0 2026-04-11T01:09:42 <p>Information published.</p> 2.0 2026-04-14T14:47:19 <p>Information published.</p> 3.0 2026-04-15T01:48:42 <p>Information published.</p> Code execution vulnerability in SWIG code generation in cmd/go Mariner Go Yes CVE-2026-27140 21206-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 21206-17084 20519-17086 20387-17086 21113-17084 21116-17084 21117-17086 19712-17086 19693-17084 19668-17086 21021-17084 21203-17084 Critical 21206-17084 Critical 20519-17086 Critical 20387-17086 Critical 21113-17084 Critical 21116-17084 Critical 21117-17086 Critical 19712-17086 Critical 19693-17084 Critical 19668-17086 Critical 21021-17084 Critical 21203-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21206-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 20519-17086 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 20387-17086 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21113-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21116-17084 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21117-17086 9.8 9.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U 21203-17084 1.0 2026-04-11T01:10:08 <p>Information published.</p> 2.0 2026-04-14T14:47:03 <p>Information published.</p> 3.0 2026-04-15T01:49:03 <p>Information published.</p> Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass Mariner apache Yes CVE-2026-34477 Improper Validation of Certificate with Host Mismatch 21194-17084 21194-17084 Moderate 21194-17084 1.0 2026-04-13T01:09:45 <p>Information published.</p> 2.0 2026-04-13T14:41:08 <p>Information published.</p> Mariner mitre Yes CVE-2026-40386 Integer Underflow (Wrap or Wraparound) 21198-17084 21131-17086 21198-17084 21131-17086 Moderate 21198-17084 Moderate 21131-17086 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21198-17084 4.0 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L 21131-17086 CBL-Mariner Releases 21198-17084 21131-17086 No Security Update 0.6.24-3 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21198-17084 21131-17086 CBL-Mariner Releases 1.0 2026-04-14T01:01:20 <p>Information published.</p> 4.0 2026-04-15T14:45:23 <p>Information published.</p> 2.0 2026-04-14T14:48:00 <p>Information published.</p> 3.0 2026-04-15T01:01:34 <p>Information published.</p> net/x25: Fix overflow when accumulating packets Mariner Linux Yes CVE-2026-31417 21094-17084 21094-17084 Important 21094-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21094-17084 1.0 2026-04-14T01:01:54 <p>Information published.</p> net/sched: cls_flow: fix NULL pointer dereference on shared blocks Mariner Linux Yes CVE-2026-31422 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-14T01:01:59 <p>Information published.</p> netfilter: nf_conntrack_expect: use expect->helper Mariner Linux Yes CVE-2026-31414 21094-17084 21094-17084 Important 21094-17084 8.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 21094-17084 1.0 2026-04-14T01:02:05 <p>Information published.</p> ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() Mariner Linux Yes CVE-2026-31426 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-14T01:02:16 <p>Information published.</p> bridge: mrp: reject zero test interval to avoid OOM panic Mariner Linux Yes CVE-2026-31420 21094-17084 21094-17084 Moderate 21094-17084 5.5 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 21094-17084 1.0 2026-04-14T01:02:27 <p>Information published.</p> OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS Mariner wolfSSL Yes CVE-2026-5393 Out-of-bounds Read 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:02:08 <p>Information published.</p> Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass Mariner wolfSSL Yes CVE-2026-5500 Improper Input Validation 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:02:16 <p>Information published.</p> PKCS7 CBC Padding Oracle — Plaintext Recovery Mariner wolfSSL Yes CVE-2026-5504 Improper Validation of Integrity Check Value 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:02:25 <p>Information published.</p> Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates Mariner wolfSSL Yes CVE-2026-5501 Improper Certificate Validation 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:02:42 <p>Information published.</p> Session Cache Restore — Arbitrary Free via Deserialized Pointer Mariner wolfSSL Yes CVE-2026-5507 Deserialization of Untrusted Data 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:02:51 <p>Information published.</p> Prefix-substitution forgery via integer overflow in wolfCrypt CMAC Mariner wolfSSL Yes CVE-2026-5477 Integer Overflow or Wraparound 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:03:08 <p>Information published.</p> wolfSSL EVP ChaCha20-Poly1305 AEAD authentication tag Mariner wolfSSL Yes CVE-2026-5479 Improper Validation of Integrity Check Value 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:03:16 <p>Information published.</p> out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName Mariner wolfSSL Yes CVE-2026-5503 Out-of-bounds Write 21054-17084 21143-17086 21054-17084 21143-17086 Moderate 21054-17084 Moderate 21143-17086 1.0 2026-04-15T01:03:24 <p>Information published.</p> Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID Mariner wolfSSL Yes CVE-2026-5295 Stack-based Buffer Overflow 21143-17086 21054-17084 21143-17086 21054-17084 Moderate 21143-17086 Moderate 21054-17084 1.0 2026-04-15T01:03:41 <p>Information published.</p> Integer underflow in X.509 SAN parsing in wolfSSL Mariner wolfSSL Yes CVE-2026-5188 Integer Underflow (Wrap or Wraparound) 21054-17084 21143-17086 21054-17084 21143-17086 Low 21054-17084 Low 21143-17086 1.0 2026-04-15T01:03:50 <p>Information published.</p> Heap buffer overflow in CertFromX509() via AuthorityKeyIdentifier Mariner wolfSSL Yes CVE-2026-5447 Heap-based Buffer Overflow 21054-17084 21143-17086 21054-17084 21143-17086 Moderate 21054-17084 Moderate 21143-17086 1.0 2026-04-15T01:04:06 <p>Information published.</p> MatchDomainName 1-Byte Stack Buffer Over-Read in Hostname Validation Mariner wolfSSL Yes CVE-2026-5772 Buffer Over-read 21054-17084 21143-17086 21054-17084 21143-17086 Low 21054-17084 Low 21143-17086 1.0 2026-04-15T01:04:15 <p>Information published.</p> URI nameConstraints not enforced in ConfirmNameConstraints() Mariner wolfSSL Yes CVE-2026-5263 Improper Certificate Validation 21143-17086 21054-17084 21143-17086 21054-17084 Important 21143-17086 Important 21054-17084 1.0 2026-04-15T01:04:31 <p>Information published.</p> wolfSSL heap OOB read in PKCS7 SignedData streaming Mariner wolfSSL Yes CVE-2026-5392 Out-of-bounds Read 21143-17086 21054-17084 21143-17086 21054-17084 Low 21143-17086 Low 21054-17084 1.0 2026-04-15T01:04:39 <p>Information published.</p> HTTP client proxy tunnel headers not validated for CR/LF Mariner PSF Yes CVE-2026-1502 20937-17086 21021-17084 21100-17084 20937-17086 21021-17084 21100-17084 Moderate 20937-17086 Moderate 21021-17084 Moderate 21100-17084 1.0 2026-04-15T01:04:59 <p>Information published.</p> Discount has an Out-of-bounds Read in rdiscount Mariner GitHub_M Yes CVE-2026-35201 Out-of-bounds Read 21089-17086 21088-17084 21089-17086 21088-17084 Moderate 21089-17086 Moderate 21088-17084 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21089-17086 5.9 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 21088-17084 CBL-Mariner Releases 21089-17086 No Security Update 2.2.0.2-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 21089-17086 CBL-Mariner Releases 1.0 2026-04-15T01:05:07 <p>Information published.</p> 2.0 2026-04-15T14:46:03 <p>Information published.</p> Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout Mariner apache Yes CVE-2026-34481 Improper Encoding or Escaping of Output 21194-17084 21194-17084 Moderate 21194-17084 1.0 2026-04-15T01:05:12 <p>Information published.</p> Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters Mariner apache Yes CVE-2026-34479 Improper Encoding or Escaping of Output 21194-17084 21194-17084 Moderate 21194-17084 1.0 2026-04-15T01:05:18 <p>Information published.</p> Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters Mariner apache Yes CVE-2026-34480 Improper Encoding or Escaping of Output 21194-17084 21194-17084 Moderate 21194-17084 1.0 2026-04-15T01:05:23 <p>Information published.</p> Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain Mariner GitHub_M Yes CVE-2026-40175 Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') 19693-17084 19693-17084 Critical 19693-17084 10.0 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 19693-17084 1.0 2026-04-15T01:05:29 <p>Information published.</p> Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF Mariner GitHub_M Yes CVE-2025-62718 Unintended Proxy or Intermediary ('Confused Deputy') 19693-17084 19693-17084 Critical 19693-17084 1.0 2026-04-15T01:05:34 <p>Information published.</p> Windows Management Services Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows Management Services Microsoft Yes CVE-2026-20930 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix <p>Missing cryptographic step in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass Secure Boot.</p> <p><strong>Why is this vulnerability being published under a MITRE CVE rather than a Microsoft‑assigned CVE?</strong></p> <p>The vulnerability exists in third‑party firmware rather than Microsoft‑developed code. Although Windows is affected, the CVE is issued by MITRE in accordance with standard disclosure practices while Microsoft provides mitigations to help protect customers.</p> Windows Secure Boot MITRE Yes CVE-2026-25250 Missing Cryptographic Step 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20854 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20853 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11568 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11569 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11929 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11930 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11931 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12097 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12098 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12099 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12437 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20437 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20438 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12242 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12243 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12389 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12390 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12436 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10852 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10853 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10816 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10855 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10378 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10379 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10483 6.0 5.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 L&#233;o Muff Stas Lyakhov with <a href="https://eclypsium.com/">Eclypsium</a> Mickey Shkatov with <a href="https://eclypsium.com/">Eclypsium</a> Stas Lyakhov with <a href="https://eclypsium.com/">Eclypsium</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability <p>Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an authorized attacker to disclose information over a network.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could disclose the contents of the Model Context Protocol (MCP) when using Copilot.</p> GitHub Copilot and Visual Studio Code Microsoft Yes CVE-2026-23653 Improper Neutralization of Special Elements used in a Command ('Command Injection') 16782 Information Disclosure 16782 Important 16782 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.7 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 16782 Release Notes https://code.visualstudio.com/Download 16782 Maybe Security Update 0.37.3 https://github.com/microsoft/vscode/ 16782 Release Notes Jose Rodrigo Sanchez Vicarte with Microsoft Jose Rodrigo Sanchez Vicarte with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Applocker Filter Driver (applockerfltr.sys) Microsoft Yes CVE-2026-25184 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://x.com/dark_puzzle">Souhail Hammou</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft SharePoint Server Spoofing Vulnerability <p>Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?</strong></p> <p>This means an authenticated user can upload malicious content, but exploitation only occurs if they convince another user to visit or interact with that content.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).</p> <p><strong>There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?</strong></p> <p>Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.</p> Microsoft Office SharePoint Microsoft Yes CVE-2026-20945 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 10950 11585 11961 Spoofing 10950 Spoofing 11585 Spoofing 11961 Important 10950 Important 11585 Important 11961 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 4.6 4.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C 10950 4.6 4.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C 11585 4.6 4.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C 11961 5002861 https://www.microsoft.com/en-us/download/details.aspx?id=108611 5002850 10950 Maybe Security Update 16.0.5548.1003 https://support.microsoft.com/help/5002861 10950 5002861 5002862 https://www.microsoft.com/en-us/download/details.aspx?id=108604 5002851 10950 Maybe Security Update 16.0.5548.1003 https://support.microsoft.com/help/5002862 10950 5002862 5002854 https://www.microsoft.com/en-us/download/details.aspx?id=108608 5002845 11585 Maybe Security Update 16.0.10417.20114 https://support.microsoft.com/help/5002854 11585 5002854 5002856 https://www.microsoft.com/en-us/download/details.aspx?id=108605 5002847 11585 Maybe Security Update 16.0.10417.20114 https://support.microsoft.com/help/5002856 11585 5002856 5002853 https://www.microsoft.com/en-us/download/details.aspx?id=108607 5002843 11961 Maybe Security Update 16.0.19725.20210 https://support.microsoft.com/help/5002853 11961 5002853 Felix B. 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability <p>Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass the Virtualization‑Based Security (VBS) feature, specifically the Virtual Secure Mode (VSM) isolation between Virtual Trust Level 0 (VTL0) and Virtual Trust Level 1 (VTL1). This could allow a compromised Windows kernel to modify memory belonging to the secure kernel, breaking the intended isolation guarantees provided by VBS.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.</p> Windows Virtualization-Based Security (VBS) Enclave Microsoft Yes CVE-2026-23670 Untrusted Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20854 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20853 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11568 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11569 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11929 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11930 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11931 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12097 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12098 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12099 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12437 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20437 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20438 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12242 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12243 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12389 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12390 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12436 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10852 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10853 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10816 5.7 5.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Sam Collins, University of Birmingham in collaboration with Prof Tom Chothia and Dr Marius Muench 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Power Apps Security Feature Bypass <p>Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to bypass a security feature over a network.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R) and privileges required are Low (PR:L). What does that mean for this vulnerability?</strong></p> <p>A user must interact with a malicious Power Apps canvas app, such as by opening or using it. Additionally, an attacker only needs basic capabilities to create or share a Power App; they do not need administrative access.</p> <p><strong>According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>The vulnerability could bypass the security warning dialog that is meant to clearly inform users when an app is attempting to open an external protocol. Because whitespace in the URI causes the dialog to truncate important information, users may not see the true destination or risk.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker could create a malicious Power Apps canvas app that includes an external protocol link disguised with leading whitespace. When a user opens the app, the resulting warning dialog may appear incomplete or misleading. If the user proceeds, the app could trigger an external protocol call that performs unintended actions on the user’s device.</p> Microsoft Power Apps Microsoft Yes CVE-2026-26149 Improper Neutralization of Escape, Meta, or Control Sequences 12186 Security Feature Bypass 12186 Important 12186 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 9.0 7.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C 12186 Release Notes https://apps.microsoft.com/detail/9mvc8p1q3b29?hl=en-US&gl=US 12186 Maybe Security Update 3.26032.10.0 https://apps.microsoft.com/detail/9mvc8p1q3b29?hl=en-US&gl=US 12186 Release Notes <a href="https://www.linkedin.com/in/alasdair-gorniak/">Alasdair Gorniak</a> with <a href="https://delta.cyberm.ca/">Delta Obscura</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Desktop Spoofing Vulnerability <p>Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and some loss of integrity (I:L), but no loss of availability (A:N). What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could view sensitive information, (Confidentiality), and make some changes to disclosed information (Integrity), but they would not be able to affect Availability.</p> <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted file that is designed to exploit the vulnerability.</p> <p>In any case an attacker would have no way to force a user to view attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could entice a user to either click a link that directs the user to the attacker's site or send a malicious attachment.</p> <p><strong>Where can I finder more information about this update</strong></p> <p>Starting with the April 2026 security update, the Remote Desktop Connection app shows new security warnings when you open RDP files. This article explains what these warnings mean and how to respond to them safely: <a href="https://go.microsoft.com/fwlink/?linkid=2347342">https://go.microsoft.com/fwlink/?linkid=2347342</a></p> Windows Remote Desktop Microsoft Yes CVE-2026-26151 Insufficient UI Warning of Dangerous Operations 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Spoofing 20854 Spoofing 20853 Spoofing 11568 Spoofing 11569 Spoofing 11571 Spoofing 11572 Spoofing 11923 Spoofing 11924 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 12097 Spoofing 12098 Spoofing 12099 Spoofing 12437 Spoofing 20437 Spoofing 20438 Spoofing 12242 Spoofing 12243 Spoofing 12244 Spoofing 12389 Spoofing 12390 Spoofing 12436 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 10378 Spoofing 10379 Spoofing 10483 Spoofing 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20854 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20853 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11568 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11569 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11571 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11572 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11923 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11924 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11929 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11930 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11931 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12097 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12098 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12099 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12437 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20437 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20438 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12242 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12243 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12244 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12389 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12390 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12436 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10852 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10853 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10816 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10855 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10378 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10379 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10483 7.1 6.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 The UK's National Cyber Security Centre (NCSC) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Server Update Service (WSUS) Tampering Vulnerability <p>Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of availability (A:H). What does that mean for this vulnerability?</strong></p> <p>An attacker can send specially crafted packets which could affect availability of the service and result in Denial of Service (DoS).</p> Windows Server Update Service Microsoft Yes CVE-2026-26154 Improper Input Validation 11571 11572 11923 11924 12437 12244 12436 10816 10855 10378 10379 10483 10543 Tampering 11571 Tampering 11572 Tampering 11923 Tampering 11924 Tampering 12437 Tampering 12244 Tampering 12436 Tampering 10816 Tampering 10855 Tampering 10378 Tampering 10379 Tampering 10483 Tampering 10543 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12244 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12436 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 f7d8c52bec79e42795cf15888b85cbad 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.</p> Windows Local Security Authority Subsystem Service (LSASS) Microsoft Yes CVE-2026-26155 Buffer Over-read 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Howard McGreehan with MSRC V&M 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Desktop Licensing Service Elevation of Privilege Vulnerability <p>Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Remote Desktop Licensing Service Microsoft Yes CVE-2026-26160 Missing Authentication for Critical Function 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Howard McGreehan with MSRC V&M 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Sensor Data Service Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Sensor Data Service Microsoft Yes CVE-2026-26161 Untrusted Pointer Dereference Improper Input Validation 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://twitter.com/arudd1ck">Andrew Ruddick</a> with Microsoft Red Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows OLE Elevation of Privilege Vulnerability <p>Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows OLE Microsoft Yes CVE-2026-26162 Access of Resource Using Incompatible Type ('Type Confusion') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Hart Wilson with <a href="https://www.microsoft.com/">Microsoft</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Elevation of Privilege Vulnerability <p>Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Shell Microsoft Yes CVE-2026-26165 Use After Free 20854 20853 11923 11924 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11923 Important 11924 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Elevation of Privilege Vulnerability <p>Double free in Windows Shell allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Shell Microsoft Yes CVE-2026-26166 Double Free 11923 11924 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11923 Important 11924 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows Push Notifications Microsoft Yes CVE-2026-26167 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 <a href="https://x.com/h4urek">h4urek</a> with <a href="https://secsys.fudan.edu.cn/">secsys lab</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Update Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires that the target system be set up in a specific manner and the attacker to have knowledge of that setup.</p> Windows Server Update Service Microsoft Yes CVE-2026-26174 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Boot Manager Security Feature Bypass Vulnerability <p>Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass Secure Boot.</p> Windows Boot Manager Microsoft Yes CVE-2026-26175 Use of Uninitialized Resource 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Maxim Suhanov with CICADA8 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Elevation of Privilege Vulnerability <p>Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Kernel Microsoft Yes CVE-2026-26179 Double Free 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 fastfail working with TrendAI Zero Day Initiative 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Elevation of Privilege Vulnerability <p>Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Kernel Microsoft Yes CVE-2026-26180 Heap-based Buffer Overflow 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Jason Lin 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Brokering File System Elevation of Privilege Vulnerability <p>Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Microsoft Brokering File System Microsoft Yes CVE-2026-26181 Use After Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 hazard 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability <p>Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows RPC API Microsoft Yes CVE-2026-26183 Improper Access Control 11571 11572 11923 11924 12437 12244 12436 10816 10855 10378 10379 10483 10543 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 12244 Elevation of Privilege 12436 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/ecthr0s">George Hughey</a> with MSRC Vulnerabilities &amp; Mitigations 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Hello Security Feature Bypass Vulnerability <p>Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>This vulnerability could allow an attacker with administrative control of the operating system to bypass protection mechanisms that rely on trusted, non‑rollback TPM counters. Specifically, it could undermine Windows Hello’s safeguards that prevent reuse of pre‑generated authentication keys and Recall’s protections against loading older, potentially tampered‑with settings.</p> Windows Hello Microsoft Yes CVE-2026-27906 Improper Input Validation 11929 11930 11931 12097 12098 12099 20437 20438 12242 12243 12389 12390 20854 20853 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 20854 Security Feature Bypass 20853 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 20437 Important 20438 Important 12242 Important 12243 Important 12389 Important 12390 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Nate Jones with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Storage Spaces Controller Elevation of Privilege Vulnerability <p>Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Storage Spaces Controller Microsoft Yes CVE-2026-27907 Integer Underflow (Wrap or Wraparound) 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Kang Minchae with Best of Best 14th Team JUSTWIN (Kim Dowon, Kang Minju, Kim Donggeon, Wi Siyeon, Yoon Junghyun) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability <p>Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows TDI Translation Driver (tdx.sys) Microsoft Yes CVE-2026-27908 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploits this vulnerability could gain access to a limited set of administrator-protected objects.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27915 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability <p>Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Microsoft Yes CVE-2026-27917 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Shell Microsoft Yes CVE-2026-27918 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 [h4urek](https://x.com/h4urek) with [secsys lab](https://security.fudan.edu.cn/) [h4urek](https://x.com/h4urek) with [secsys lab](https://security.fudan.edu.cn/) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27919 Untrusted Pointer Dereference 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows TCP/IP Microsoft Yes CVE-2026-27921 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Desktop Window Manager Microsoft Yes CVE-2026-27924 Use After Free 11923 11924 11929 11930 11931 12097 12098 12099 12242 12243 12244 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12242 Important 12243 Important 12244 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 Varun Goel 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Cloud Files Mini Filter Driver Microsoft Yes CVE-2026-27926 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11572 11569 11568 11571 11924 11923 11929 11930 11931 12097 12098 12437 12099 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11572 Elevation of Privilege 11569 Elevation of Privilege 11568 Elevation of Privilege 11571 Elevation of Privilege 11924 Elevation of Privilege 11923 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 12099 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11572 Important 11569 Important 11568 Important 11571 Important 11924 Important 11923 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12437 Important 12099 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11572 11569 11568 11571 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11572 11569 11568 11571 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-27927 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11924 11923 11568 11929 11930 11569 11931 12097 11572 11571 12098 12099 12437 20437 12243 20438 12242 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11924 Elevation of Privilege 11923 Elevation of Privilege 11568 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11569 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 11572 Elevation of Privilege 11571 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 12243 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11924 Important 11923 Important 11568 Important 11929 Important 11930 Important 11569 Important 11931 Important 12097 Important 11572 Important 11571 Important 12098 Important 12099 Important 12437 Important 20437 Important 12243 Important 20438 Important 12242 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11572 11571 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11572 11571 5082123 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12243 12242 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12243 12242 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability <p>Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows LUAFV Microsoft Yes CVE-2026-27929 Time-of-check Time-of-use (TOCTOU) Race Condition 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://x.com/dark_puzzle">Souhail Hammou</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows GDI Information Disclosure Vulnerability <p>Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>This vulnerability may allow an attacker to access small portions of memory from the affected application when it processes a specially crafted Enhanced Metafile (EMF). This issue is an out‑of‑bounds read, any disclosure would be limited to whatever data happens to reside in adjacent memory at the time.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>The user would have to open or preview content that contains the malicious Enhanced Metafile (EMF).</p> Windows GDI Microsoft Yes CVE-2026-27931 Out-of-bounds Read 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 20854 Information Disclosure 20853 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 xina1i@psbc 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability <p>Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.</p> Windows Local Security Authority Subsystem Service (LSASS) Microsoft Yes CVE-2026-32071 NULL Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Denial of Service 20854 Denial of Service 20853 Denial of Service 11568 Denial of Service 11569 Denial of Service 11571 Denial of Service 11572 Denial of Service 11923 Denial of Service 11924 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 12097 Denial of Service 12098 Denial of Service 12099 Denial of Service 12437 Denial of Service 20437 Denial of Service 20438 Denial of Service 12242 Denial of Service 12243 Denial of Service 12244 Denial of Service 12389 Denial of Service 12390 Denial of Service 12436 Denial of Service 10852 Denial of Service 10853 Denial of Service 10816 Denial of Service 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20854 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11571 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11572 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12097 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12098 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12099 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20438 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12242 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12243 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12244 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12389 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12390 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12436 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10816 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Howard McGreehan with MSRC V&amp;M 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-32073 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous working with TrendAI Zero Day Initiative Anonymous working with TrendAI Zero Day Initiative 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>A high attack complexity means that successful exploitation is complex and time‑consuming, requiring significant effort and precise conditions for an attacker to reliably exploit the vulnerability.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-32075 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Package Catalog Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained (&quot;sandboxed&quot;) execution environment.</p> <p>Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows File Explorer Microsoft Yes CVE-2026-32081 Exposure of Sensitive Information to an Unauthorized Actor 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows SSDP Service Microsoft Yes CVE-2026-32082 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows SSDP Service Microsoft Yes CVE-2026-32083 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Procedure Call Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address.</p> Windows Remote Procedure Call Microsoft Yes CVE-2026-32085 Exposure of Sensitive Information to an Unauthorized Actor 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability <p>Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Function Discovery Service (fdwsd.dll) Microsoft Yes CVE-2026-32087 Heap-based Buffer Overflow 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Speech Brokered Api Elevation of Privilege Vulnerability <p>Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Speech Brokered Api Microsoft Yes CVE-2026-32089 Use After Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Speech Brokered Api Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Speech Brokered Api Microsoft Yes CVE-2026-32090 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Function Discovery Service (fdwsd.dll) Microsoft Yes CVE-2026-32093 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Time-of-check Time-of-use (TOCTOU) Race Condition Heap-based Buffer Overflow 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Desktop Window Manager Microsoft Yes CVE-2026-32152 Use After Free 11923 11924 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11923 Important 11924 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Desktop Window Manager Microsoft Yes CVE-2026-32154 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Remote Code Execution Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-32156 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Remote Code Execution 20854 Remote Code Execution 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.4 6.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Desktop Client Remote Code Execution Vulnerability <p>Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.</p> <p><strong>According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?</strong></p> <p>This attack requires an authorized user on the client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the machine when a victim connects to the attacking server with a vulnerable Remote Desktop Client.</p> Remote Desktop Client Microsoft Yes CVE-2026-32157 Use After Free 20854 20853 12457 11568 11569 11571 11572 11849 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Remote Code Execution 20854 Remote Code Execution 20853 Remote Code Execution 12457 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11849 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Critical 20854 Critical 20853 Critical 12457 Critical 11568 Critical 11569 Critical 11571 Critical 11572 Critical 11849 Critical 11923 Critical 11924 Critical 11929 Critical 11930 Critical 11931 Critical 12097 Critical 12098 Critical 12099 Critical 12437 Critical 20437 Critical 20438 Critical 12242 Critical 12243 Critical 12244 Critical 12389 Critical 12390 Critical 12436 Critical 10852 Critical 10853 Critical 10816 Critical 10855 Critical 10378 Critical 10379 Critical 10483 Critical 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12457 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11849 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Release Notes https://learn.microsoft.com/en-us/windows-app/whats-new?toc=admins%2Ftoc.json&tabs=windows 12457 11849 Maybe Security Update 2.0.1070.0 https://learn.microsoft.com/en-us/windows-app/whats-new?toc=admins%2Ftoc.json&tabs=windows 12457 11849 Release Notes 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 pwn2addr 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Push Notifications Microsoft Yes CVE-2026-32158 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Yun Cong with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.</p> Windows Push Notifications Microsoft Yes CVE-2026-32159 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Yun Cong with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.</p> Windows Push Notifications Microsoft Yes CVE-2026-32160 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Yun Cong with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> UEFI Secure Boot Security Feature Bypass Vulnerability <p>Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>The authentication feature could be bypassed as this vulnerability allows impersonation.</p> Windows Boot Loader Microsoft Yes CVE-2026-0390 Reliance on Untrusted Inputs in a Security Decision 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 10852 10853 10816 10855 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 <a href="https://x.com/alon_leviev">Alon Leviev</a> with Microsoft (STORM) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows User Interface Core Elevation of Privilege Vulnerability <p>Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> Windows User Interface Core Microsoft Yes CVE-2026-32165 Use After Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> SQL Server Elevation of Privilege Vulnerability <p>Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SQL sysadmin privileges.</p> <p><strong>I am running SQL Server on my system. What action do I need to take?</strong></p> <p>Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.</p> <p><strong>There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?</strong></p> <ul> <li>First, determine your SQL Server version number. For more information on determining your SQL Server version number, see <a href="https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates">Microsoft Knowledge Base Article 321185</a> - How to determine the version, edition, and update level of SQL Server and its components.</li> <li>Second, in the following table, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.</li> </ul> <p><strong>Note</strong> If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product to apply this and future security updates.</p> <table> <thead> <tr> <th>Update Number</th> <th>Title</th> <th>Version</th> <th>Apply if current product version is…</th> <th>This security update also includes servicing releases up through…</th> </tr> </thead> <tbody> <tr> <td><strong>5083245</strong></td> <td>Security update for SQL Server 2025 CU3+GDR</td> <td>17.0.4030.1</td> <td>17.0.4006.2 - 17.0.4025.3</td> <td>KB5077896 - Previous SQL2025 RTM CU3</td> </tr> <tr> <td><strong>5084814</strong></td> <td>Security update for SQL Server 2025 RTM+GDR</td> <td>17.0.1110.1</td> <td>17.0.1000.7 - 17.0.1105.2</td> <td>KB5077468 - Previous SQL2025 RTM GDR</td> </tr> <tr> <td><strong>5083252</strong></td> <td>Security update for SQL Server 2022 CU24+GDR</td> <td>16.0.4250.1</td> <td>16.0.4003.1 - 16.0.4245.2</td> <td>KB5080999 - Previous SQL2022 RTM CU24</td> </tr> <tr> <td><strong>5084815</strong></td> <td>Security update for SQL Server 2022 RTM+GDR</td> <td>16.0.1175.1</td> <td>16.0.1000.6 - 16.0.1170.5</td> <td>KB5077465 - Previous SQL2022 RTM GDR</td> </tr> <tr> <td><strong>5084816</strong></td> <td>Security update for SQL Server 2019 CU32+GDR</td> <td>15.0.4465.1</td> <td>15.0.4003.23 - 15.0.4460.4</td> <td>KB 5077469 - Previous SQL2019 RTM CU32 GDR</td> </tr> <tr> <td><strong>5084817</strong></td> <td>Security update for SQL Server 2019 RTM+GDR</td> <td>15.0.2165.1</td> <td>15.0.2000.5 - 15.0.2160.4</td> <td>KB 5077470 - Previous SQL2019 RTM GDR</td> </tr> <tr> <td><strong>5084818</strong></td> <td>Security update for SQL Server 2017 CU31+GDR</td> <td>14.0.3525.1</td> <td>14.0.3006.16 - 14.0.3520.4</td> <td>KB 5077471 - Previous SQL2017 RTM CU31 GDR</td> </tr> <tr> <td><strong>5084819</strong></td> <td>Security update for SQL Server 2017 RTM+GDR</td> <td>14.0.2105.1</td> <td>14.0.1000.169 - 14.0.2100.4</td> <td>KB 5077472 - Previous SQL2017 RTM GDR</td> </tr> <tr> <td><strong>5084820</strong></td> <td>Security update for SQL Server 2016 Azure Connect Feature Pack+GDR</td> <td>13.0.7080.1</td> <td>13.0.7000.253 - 13.0.7075.5</td> <td>KB 5077473 - Previous SQL2016 Azure Connect Feature Pack GDR</td> </tr> <tr> <td><strong>5084821</strong></td> <td>Security update for SQL Server 2016 SP3+GDR</td> <td>13.0.6485.1</td> <td>13.0.6300.2 - 13.0.6480.4</td> <td>KB 5077474 - Previous SQL2016 RTM GDR</td> </tr> </tbody> </table> <p><strong>What are the GDR and CU update designations and how do they differ?</strong></p> <p>The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.</p> <ul> <li>GDR updates – cumulatively only contain security updates for the given baseline.</li> <li>CU updates – cumulatively contain all functional fixes and security updates for the given baseline.</li> </ul> <p>For any given baseline, either the GDR or CU updates could be options (see below).</p> <ul> <li>If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.</li> <li>If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.</li> <li>If SQL Server installation has intentionally installed previous CU updates, then choose to install the CU security update package.</li> </ul> <p><strong>Note:</strong> You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.</p> <p><strong>Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?</strong></p> <p>Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.</p> SQL Server Microsoft Yes CVE-2026-32167 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 21090 21091 11478 11821 12048 12053 12147 12145 20748 16785 Elevation of Privilege 21090 Elevation of Privilege 21091 Elevation of Privilege 11478 Elevation of Privilege 11821 Elevation of Privilege 12048 Elevation of Privilege 12053 Elevation of Privilege 12147 Elevation of Privilege 12145 Elevation of Privilege 20748 Elevation of Privilege 16785 Important 21090 Important 21091 Important 11478 Important 11821 Important 12048 Important 12053 Important 12147 Important 12145 Important 20748 Important 16785 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 21090 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 21091 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11478 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11821 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12048 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12053 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12147 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12145 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20748 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16785 5083245 https://www.microsoft.com/en-us/download/details.aspx?id=108618 21090 Maybe Security Update 17.0.4030.1 https://support.microsoft.com/help/5083245 21090 5083245 5083252 https://www.microsoft.com/en-us/download/details.aspx?id=108620 21091 Maybe Security Update 16.0.4250.1 https://support.microsoft.com/help/5083252 21091 5083252 5084819 https://www.microsoft.com/en-us/download/details.aspx?id=108621 11478 Maybe Security Update 14.0.2105.1 https://support.microsoft.com/help/5084819 11478 5084819 5084817 https://www.microsoft.com/en-us/download/details.aspx?id=108619 11821 Maybe Security Update 15.0.2165.1 https://support.microsoft.com/help/5084817 11821 5084817 5084821 https://www.microsoft.com/en-us/download/details.aspx?id=108617 12048 Maybe Security Update 13.0.6485.1 https://support.microsoft.com/help/5084821 12048 5084821 5084820 https://www.microsoft.com/en-us/download/details.aspx?id=108624 12053 Maybe Security Update 13.0.7080.1 https://support.microsoft.com/help/5084820 12053 5084820 5084815 https://www.microsoft.com/en-us/download/details.aspx?id=108622 12147 Maybe Security Update 16.0.1175.1 https://support.microsoft.com/help/5084815 12147 5084815 5084818 https://www.microsoft.com/en-us/download/details.aspx?id=108623 12145 Maybe Security Update 14.0.3525.1 https://support.microsoft.com/help/5084818 12145 5084818 5084814 https://www.microsoft.com/en-us/download/details.aspx?id=108625 20748 Maybe Security Update 17.0.1110.1 https://support.microsoft.com/help/5084814 20748 5084814 5084816 https://www.microsoft.com/en-us/download/details.aspx?id=108626 16785 Maybe Security Update 15.0.4465.1 https://support.microsoft.com/help/5084816 16785 5084816 Dimitri Furman with Microsoft Dimitri Furman with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Azure Monitor Agent Elevation of Privilege Vulnerability <p>Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could an attacker gain with successful exploitation?</strong></p> <p>An attacker who successfully exploited the vulnerability could elevate their privileges to 'root' user.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker with the ability to run code as the syslog user on an affected Azure Linux Virtual Machine could modify specific configuration files used by the Azure Monitor agent. The agent processes these files with root‑level permissions and does not properly validate their contents, a malicious modification could cause the agent to execute unintended commands with elevated privileges. If exploited, the attacker could gain root access on the affected VM.</p> Azure Monitor Agent Microsoft Yes CVE-2026-32168 Improper Input Validation 12331 Elevation of Privilege 12331 Important 12331 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12331 Release Notes https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-manage?tabs=azure-cli 12331 No Security Update 1.35.9 https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-extension-versions 12331 Release Notes P1hcn 1.0 2026-04-14T07:00:00 <p>Information published.</p> .NET Spoofing Vulnerability <p>Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.</p> .NET Microsoft Yes CVE-2026-32178 Improper Neutralization of Special Elements 12459 16767 20837 20838 20839 12260 12415 12414 12416 12432 12434 12433 Spoofing 12459 Spoofing 16767 Spoofing 20837 Spoofing 20838 Spoofing 20839 Spoofing 12260 Spoofing 12415 Spoofing 12414 Spoofing 12416 Spoofing 12432 Spoofing 12434 Spoofing 12433 Important 12459 Important 16767 Important 20837 Important 20838 Important 20839 Important 12260 Important 12415 Important 12414 Important 12416 Important 12432 Important 12434 Important 12433 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12459 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 16767 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20837 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20838 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20839 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12260 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12415 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12414 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12416 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12432 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12434 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12433 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.12 12459 Maybe Security Update 17.12.19 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 12459 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.14 16767 Maybe Security Update 17.14.30 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 16767 Release Notes 5086095 https://dotnet.microsoft.com/download/dotnet/10.0 20837 20838 20839 Maybe Security Update 10.0.6 https://support.microsoft.com/help/5086095 20837 20838 20839 5086095 5086096 https://dotnet.microsoft.com/download/dotnet/8.0 12260 12415 12414 12416 Maybe Security Update 8.0.26 https://support.microsoft.com/help/5086096 12260 12415 12414 12416 5086096 5086097 https://dotnet.microsoft.com/download/dotnet/9.0 12432 12434 12433 Maybe Security Update 9.0.15 https://support.microsoft.com/help/5086097 12432 12434 12433 5086097 Ludvig Pedersen 1.0 2026-04-14T07:00:00 <p>Information published.</p> Connected User Experiences and Telemetry Service Denial of Service Vulnerability <p>Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.</p> Microsoft Windows Microsoft Yes CVE-2026-32181 Improper Privilege Management 20854 20853 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Denial of Service 20854 Denial of Service 20853 Denial of Service 11923 Denial of Service 11924 Denial of Service 11929 Denial of Service 11930 Denial of Service 11931 Denial of Service 12097 Denial of Service 12098 Denial of Service 12099 Denial of Service 12437 Denial of Service 20437 Denial of Service 20438 Denial of Service 12242 Denial of Service 12243 Denial of Service 12244 Denial of Service 12389 Denial of Service 12390 Denial of Service 12436 Important 20854 Important 20853 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://x.com/h4urek">h4urek</a> with <a href="https://secsys.fudan.edu.cn/">secsys lab</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Snipping Tool Remote Code Execution Vulnerability <p>Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.</p> <p>For example, when the score indicates that the <strong>Attack Vector</strong> is <strong>Local</strong> and <strong>User Interaction</strong> is <strong>Required</strong>, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.</p> Windows Snipping Tool Microsoft Yes CVE-2026-32183 Improper Neutralization of Special Elements used in a Command ('Command Injection') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Remote Code Execution 20854 Remote Code Execution 20853 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Nacl Zeeshan Shaikh (@bugzzzhunter) working with <a href="https://www.zerodayinitiative.com/">TrendAI Zero Day Initiative</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability <p>Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>What do customers need to do to mitigate this vulnerability?</strong></p> <p>Customers should install the latest security update for <strong>HPC Pack 2019 Update 3</strong> on affected systems. Microsoft has released HPC Pack 2019 Update 3 Fixes (<strong>Build 6.3.8355</strong>), which includes all previously released fixes for this vulnerability. Customers running HPC Pack 2019 Update 3 can apply this update directly, regardless of whether earlier fixes were installed. Customers using earlier versions of HPC Pack must first upgrade to HPC Pack 2019 Update 3 (Build 6.3.8328) before applying the fix. HPC Pack 2016 is not supported for this update; customers using that version must migrate to HPC Pack 2019 Update 3 to be protected. This update applies <strong>only to head nodes</strong> and updates a limited set of binaries related to the HPC Scheduler and Management services. Other node types are not affected and do not require action.</p> <p><strong>Is a fix available for HPC Pack 2016?</strong></p> <p>No. There are no QFE updates available for HPC Pack 2016. Customers using HPC Pack 2016 must migrate to HPC Pack 2019 Update 3 and then apply the available QFE to receive the fix.</p> <p><strong>Do I need to apply the QFE to all nodes in an HPC Pack cluster?</strong></p> <p>No. The QFE only needs to be applied to the head nodes of the HPC Pack cluster. Compute nodes are not affected and do not require the update.</p> Microsoft High Performance Compute Pack (HPC) Microsoft Yes CVE-2026-32184 Deserialization of Untrusted Data 12455 Elevation of Privilege 12455 Important 12455 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12455 Release Notes https://www.microsoft.com/en-us/download/details.aspx?id=108564 12455 No Security Update 6.3.8355 https://github.com/Azure/hpcpack/blob/master/CHANGELOG.md#hpc-pack-2019-update-3-qfe-kb5081004-638355---2212026 12455 Release Notes Long Zhang Long Zhang 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Information Disclosure Vulnerability <p>Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32188 Out-of-bounds Read 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Information Disclosure 10836 Information Disclosure 11573 Information Disclosure 11574 Information Disclosure 11762 Information Disclosure 11763 Information Disclosure 11951 Information Disclosure 11952 Information Disclosure 11953 Information Disclosure 12420 Information Disclosure 12421 Information Disclosure 12440 Information Disclosure 10739 Information Disclosure 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 10836 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11573 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11574 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11762 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11763 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11951 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11952 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 11953 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 12420 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 12421 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 12440 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 10739 7.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 <a href="https://x.com/dnpushme">f4 &amp; Zhiniang Peng with HUST</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32189 Use After Free 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Remote Code Execution 10836 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10739 Remote Code Execution 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10836 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 Quan Jin with DBAPPSecurity WeBin Lab 1.0 2026-04-14T07:00:00 <p>Information published.</p> Azure Monitor Agent Elevation of Privilege Vulnerability <p>Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Azure Monitor Agent Microsoft Yes CVE-2026-32192 Deserialization of Untrusted Data 12331 Elevation of Privilege 12331 Important 12331 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12331 Release Notes https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-manage?tabs=azure-portal 12331 Maybe Security Update 1.41.0 https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-extension-versions 12331 Release Notes P1hcn 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Elevation of Privilege Vulnerability <p>Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows Kernel Microsoft Yes CVE-2026-32195 Stack-based Buffer Overflow 20854 20853 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://linkedin.com/in/jongseongkim">Jongseong Kim (nevul37), SEC-agent team</a> <a href="https://linkedin.com/in/hwiwonlee">Hwiwon Lee (hwiwonl), SEC-agent team</a> Gwanhyun Lee Dongjun Kim Anonymous <a href="https://x.com/x0rb1ts">0rb1t</a> with <a href="http://www.0rb1t.top/">None</a> <a href="https://github.com/qanux">Qanux</a> with None 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Spoofing Vulnerability <p>Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker would have to send the victim a malicious file that the victim would have to execute.</p> Windows Shell Microsoft Yes CVE-2026-32202 Protection Mechanism Failure 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Spoofing 11568 Spoofing 11569 Spoofing 11571 Spoofing 11572 Spoofing 11923 Spoofing 11924 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 12097 Spoofing 12098 Spoofing 12099 Spoofing 12437 Spoofing 20437 Spoofing 20438 Spoofing 12242 Spoofing 12243 Spoofing 12244 Spoofing 12389 Spoofing 12390 Spoofing 12436 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 10378 Spoofing 10379 Spoofing 10483 Spoofing 10543 Spoofing 20854 Spoofing 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11568 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11569 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11571 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11572 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11923 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11924 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11929 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11930 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11931 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12097 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12098 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12099 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12437 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20437 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20438 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12242 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12243 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12244 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12389 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12390 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12436 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10852 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10853 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10816 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10855 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10378 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10379 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10483 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10543 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20854 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://www.linkedin.com/in/maorisio/">Maor Dahan</a> with <a href="https://www.akamai.com/blog/security-research">Akamai</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Information Disclosure Vulnerability <p>Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.</p> Windows Kernel Microsoft Yes CVE-2026-32215 Insertion of Sensitive Information into Log File 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 MasterOogway 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Redirected Drive Buffering System Denial of Service Vulnerability <p>Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally.</p> Windows Redirected Drive Buffering Microsoft Yes CVE-2026-32216 NULL Pointer Dereference 20854 20853 Denial of Service 20854 Denial of Service 20853 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20853 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://bsky.app/profile/hexnomad.bsky.social">Erik Egsgard</a> with <a href="https://fieldeffect.com/">Field Effect</a> Xinyu Yu with Tsinghua University <a href="https://zhangshuqiao.org/">Shuqiao Zhang</a> with Tsinghua University ziiiro 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Information Disclosure Vulnerability <p>Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities.</p> Windows Kernel Microsoft Yes CVE-2026-32217 Insertion of Sensitive Information into Log File 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 MasterOogway 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Information Disclosure Vulnerability <p>Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities.</p> Windows Kernel Microsoft Yes CVE-2026-32218 Insertion of Sensitive Information into Log File 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 20854 Information Disclosure 20853 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 MasterOogway 1.0 2026-04-14T07:00:00 <p>Information published.</p> AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability <p>The vulnerability assigned to this CVE could lead to corruption of guest encrypted memory. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability.</p> <p>Please see the following for more information:</p> <ul> <li>[https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3016.html]</li> </ul> Input-Output Memory Management Unit (IOMMU) AMD Yes CVE-2023-20585 12437 20438 12390 12436 Tampering 12437 Tampering 20438 Tampering 12390 Tampering 12436 Important 12437 Important 20438 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.3 4.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C 12437 5.3 4.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C 20438 5.3 4.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C 12390 5.3 4.6 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C 12436 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 5083769 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12390 5083769 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Brokering File System Elevation of Privilege Vulnerability <p>Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Microsoft Brokering File System Microsoft Yes CVE-2026-32219 Double Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 12437 20437 20438 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 hazard 1.0 2026-04-14T07:00:00 <p>Information published.</p> UEFI Secure Boot Security Feature Bypass Vulnerability <p>Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass the <a href="https://learn.microsoft.com/windows-hardware/design/device-experiences/oem-vbs">Virtualization-based Security</a> feature.</p> Windows Virtualization-Based Security (VBS) Enclave Microsoft Yes CVE-2026-32220 Improper Access Control 20854 20853 12437 20437 20438 12389 12390 12436 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Important 20854 Important 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 20854 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 20853 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12437 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 20437 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 20438 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12389 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12390 4.4 3.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Graphics Component Remote Code Execution Vulnerability <p>Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> Microsoft Graphics Component Microsoft Yes CVE-2026-32221 Heap-based Buffer Overflow 12437 20437 20438 12389 12390 12436 20854 20853 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 20854 Remote Code Execution 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Win32k Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Win32K - ICOMP Microsoft Yes CVE-2026-32222 Untrusted Pointer Dereference 20854 20853 12437 20437 20438 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability <p>Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows USB Print Driver Microsoft Yes CVE-2026-32223 Heap-based Buffer Overflow 12437 20437 20438 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 6.8 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Dongjun Kim (smiljun), working with ENKI Whitehat <a href="https://x.com/h4urek">hao huang</a> with <a href="https://secsys.fudan.edu.cn/">Fudan University secsys lab</a> <a href="https://x.com/_patchpoint_">Donghyeon Oh</a> with <a href="https://patchpoint.io/">Patchpoint</a> Jonghoi Kim Dongjun Kim (smiljun), working with ENKI Whitehat 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability <p>Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires that the target system be set up in a specific manner and the attacker to have knowledge of that setup.</p> Windows Server Update Service Microsoft Yes CVE-2026-32224 Use After Free 20854 20853 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> .NET Framework Denial of Service Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> .NET Framework Microsoft Yes CVE-2026-32226 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11650-10853 11650-10543 11650-10379 11650-10483 11676-11569 11676-11568 11676-11570 11676-11803 11677-11569 11677-11570 12079-20853 12079-20854 12079-12437 12079-12436 Denial of Service 11650-10853 Denial of Service 11650-10543 Denial of Service 11650-10379 Denial of Service 11650-10483 Denial of Service 11676-11569 Denial of Service 11676-11568 Denial of Service 11676-11570 Denial of Service 11676-11803 Denial of Service 11677-11569 Denial of Service 11677-11570 Denial of Service 12079-20853 Denial of Service 12079-20854 Denial of Service 12079-12437 Denial of Service 12079-12436 Important 11650-10853 Important 11650-10543 Important 11650-10379 Important 11650-10483 Important 11676-11569 Important 11676-11568 Important 11676-11570 Important 11676-11803 Important 11677-11569 Important 11677-11570 Important 12079-20853 Important 12079-20854 Important 12079-12437 Important 12079-12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10853 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10543 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10379 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10483 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11569 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11568 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11570 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11803 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11569 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11570 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20853 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20854 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12437 5.9 5.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12436 5082411 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082411 11650-10853 11650-10543 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082411 11650-10853 11650-10543 5082411 5082403 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082403 11650-10379 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082403 11650-10379 5082403 5082404 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082404 11650-10483 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082404 11650-10483 5082404 5082414 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082414 11676-11569 11676-11568 11676-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.8.4801.0 https://support.microsoft.com/help/5082414 11676-11569 11676-11568 11676-11570 5082414 5082426 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082426 11676-11803 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082426 11676-11803 5082426 5082413 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082413 11677-11569 11677-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.0 https://support.microsoft.com/help/5082413 11677-11569 11677-11570 5082413 5082421 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082421 12079-20853 12079-20854 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082421 12079-20853 12079-20854 5082421 5082417 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082417 12079-12437 12079-12436 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082417 12079-12437 12079-12436 5082417 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Word Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> Microsoft Office Word Microsoft Yes CVE-2026-33095 Use After Free 11762 11763 11951 11952 11953 12420 12421 12440 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 Click to Run 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes Haifei Li with <a href="https://pub.expmon.com/">EXPMON</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> HTTP.sys Denial of Service Vulnerability <p>Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.</p> Windows HTTP.sys Microsoft Yes CVE-2026-33096 Out-of-bounds Read 20854 20853 11923 11924 12437 20437 20438 12242 12243 12244 12389 12390 12436 Denial of Service 20854 Denial of Service 20853 Denial of Service 11923 Denial of Service 11924 Denial of Service 12437 Denial of Service 20437 Denial of Service 20438 Denial of Service 12242 Denial of Service 12243 Denial of Service 12244 Denial of Service 12389 Denial of Service 12390 Denial of Service 12436 Important 20854 Important 20853 Important 11923 Important 11924 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20854 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20438 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12242 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12243 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12244 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12389 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12390 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <p><a href="https://www.microsoft.com/en-us/msrc/glossary#Mitigation">Mitigation</a> refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability.</p> <p><strong>The following mitigating factors might help in your situation:</strong></p> <p><strong>Caution</strong> Follow these steps carefully. Serious problems might occur if you modify the registry incorrectly.</p> <p>To disable HTTP/3, remove the following registry values from the specified key:</p> <ol> <li>Open Registry Editor (regedit.exe).</li> <li>Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters.</li> <li>Back up the key: select <strong>Parameters</strong>, then select <strong>File</strong> &gt; <strong>Export</strong>, and save the .reg file to a secure location.</li> <li>If present, delete the <strong>EnableHttp3</strong> value.</li> <li>If present, delete the <strong>EnableAltSvc</strong> value.</li> <li>Restart the device after making these changes.</li> </ol> <p>After the restart, all http.sys-based server applications on that device will no longer serve HTTP/3 clients.</p> <p>Note: If either value is not present, no change is required for that value.</p> <p><strong>Restore:</strong> To undo this change, double-click the exported .reg file (or in Registry Editor, select <strong>File</strong> &gt; <strong>Import</strong>) to restore the previous settings.</p> <p>After you install the security update, you no longer need this mitigation.</p> WARP & MORSE teams at Microsoft Milad Nasr (Anthropic) and Calif.io with Claude WARP & MORSE teams at Microsoft Milad Nasr (Anthropic) and Calif.io with Claude 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability <p>Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Container Isolation FS Filter Driver Microsoft Yes CVE-2026-33098 Use After Free 11572 11924 11569 11571 11923 11929 11930 11931 12097 12099 20437 20438 12437 12098 12242 12243 11568 12244 12390 12389 12436 20854 20853 10852 10853 10816 10855 Elevation of Privilege 11572 Elevation of Privilege 11924 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11923 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12099 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12437 Elevation of Privilege 12098 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 11568 Elevation of Privilege 12244 Elevation of Privilege 12390 Elevation of Privilege 12389 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11572 Important 11924 Important 11569 Important 11571 Important 11923 Important 11929 Important 11930 Important 11931 Important 12097 Important 12099 Important 20437 Important 20438 Important 12437 Important 12098 Important 12242 Important 12243 Important 11568 Important 12244 Important 12390 Important 12389 Important 12436 Important 20854 Important 20853 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11572 11569 11571 11568 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11572 11569 11571 11568 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12099 12098 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12099 12098 5082200 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12390 12389 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12390 12389 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability <p>Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.</p> .NET, .NET Framework, Visual Studio Microsoft Yes CVE-2026-33116 Loop with Unreachable Exit Condition ('Infinite Loop') Uncontrolled Resource Consumption Improper Input Validation 20838 20839 12260 12414 12415 12432 12416 12434 12433 11650-10852 11650-10853 11650-10378 11650-10379 11650-10483 11650-10543 11676-11568 11676-11569 11676-11570 11676-11923 11676-11924 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 11677-11568 11677-11569 11677-11570 11863-10378 11863-10379 11863-10483 11863-10543 12079-11923 12079-11924 12079-11929 12079-11930 12079-11931 12079-12085 12079-12086 12079-12097 12079-12098 12079-12099 12079-20437 12079-20438 12079-12242 12079-12243 12079-12244 12079-12389 12079-12390 2472-10378 2472-10379 2472-10483 2472-10543 12079-12436 12079-20854 12079-12437 12079-21196 Denial of Service 20838 Denial of Service 20839 Denial of Service 12260 Denial of Service 12414 Denial of Service 12415 Denial of Service 12432 Denial of Service 12416 Denial of Service 12434 Denial of Service 12433 Denial of Service 11650-10852 Denial of Service 11650-10853 Denial of Service 11650-10378 Denial of Service 11650-10379 Denial of Service 11650-10483 Denial of Service 11650-10543 Denial of Service 11676-11568 Denial of Service 11676-11569 Denial of Service 11676-11570 Denial of Service 11676-11923 Denial of Service 11676-11924 Denial of Service 11676-11929 Denial of Service 11676-11930 Denial of Service 11676-11931 Denial of Service 11676-12097 Denial of Service 11676-12098 Denial of Service 11676-12099 Denial of Service 11677-11568 Denial of Service 11677-11569 Denial of Service 11677-11570 Denial of Service 11863-10378 Denial of Service 11863-10379 Denial of Service 11863-10483 Denial of Service 11863-10543 Denial of Service 12079-11923 Denial of Service 12079-11924 Denial of Service 12079-11929 Denial of Service 12079-11930 Denial of Service 12079-11931 Denial of Service 12079-12085 Denial of Service 12079-12086 Denial of Service 12079-12097 Denial of Service 12079-12098 Denial of Service 12079-12099 Denial of Service 12079-20437 Denial of Service 12079-20438 Denial of Service 12079-12242 Denial of Service 12079-12243 Denial of Service 12079-12244 Denial of Service 12079-12389 Denial of Service 12079-12390 Denial of Service 2472-10378 Denial of Service 2472-10379 Denial of Service 2472-10483 Denial of Service 2472-10543 Denial of Service 12079-12436 Denial of Service 12079-20854 Denial of Service 12079-12437 Denial of Service 12079-21196 Important 20838 Important 20839 Important 12260 Important 12414 Important 12415 Important 12432 Important 12416 Important 12434 Important 12433 Important 11650-10852 Important 11650-10853 Important 11650-10378 Important 11650-10379 Important 11650-10483 Important 11650-10543 Important 11676-11568 Important 11676-11569 Important 11676-11570 Important 11676-11923 Important 11676-11924 Important 11676-11929 Important 11676-11930 Important 11676-11931 Important 11676-12097 Important 11676-12098 Important 11676-12099 Important 11677-11568 Important 11677-11569 Important 11677-11570 Important 11863-10378 Important 11863-10379 Important 11863-10483 Important 11863-10543 Important 12079-11923 Important 12079-11924 Important 12079-11929 Important 12079-11930 Important 12079-11931 Important 12079-12085 Important 12079-12086 Important 12079-12097 Important 12079-12098 Important 12079-12099 Important 12079-20437 Important 12079-20438 Important 12079-12242 Important 12079-12243 Important 12079-12244 Important 12079-12389 Important 12079-12390 Important 2472-10378 Important 2472-10379 Important 2472-10483 Important 2472-10543 Important 12079-12436 Important 12079-20854 Important 12079-12437 Important 12079-21196 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20838 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20839 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12260 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12414 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12415 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12432 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12416 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12434 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12433 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10852 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10853 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11650-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12097 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12098 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11676-12099 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11568 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11569 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11677-11570 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11863-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11923 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11924 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11929 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11930 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-11931 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12085 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12086 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12097 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12098 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12099 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20438 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12242 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12243 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12244 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12389 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12390 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10378 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10379 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10483 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 2472-10543 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12436 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-20854 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-12437 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12079-21196 5086095 https://dotnet.microsoft.com/download/dotnet/10.0 20838 20839 Maybe Security Update 10.0.6 https://support.microsoft.com/help/5086095 20838 20839 5086095 5086096 https://dotnet.microsoft.com/download/dotnet/8.0 12260 12414 12415 12416 Maybe Security Update 8.0.26 https://support.microsoft.com/help/5086096 12260 12414 12415 12416 5086096 5086097 https://dotnet.microsoft.com/download/dotnet/9.0 12432 12434 12433 Maybe Security Update 9.0.15 https://support.microsoft.com/help/5086097 12432 12434 12433 5086097 5082411 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082411 11650-10852 11650-10853 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082411 11650-10852 11650-10853 5082411 5082403 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082403 11650-10378 11650-10379 11650-10483 11650-10543 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082403 11650-10378 11650-10379 11650-10483 11650-10543 5082403 5082414 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082414 11676-11568 11676-11569 11676-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.8.4801.0 https://support.microsoft.com/help/5082414 11676-11568 11676-11569 11676-11570 5082414 5082427 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082427 11676-11923 11676-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082427 11676-11923 11676-11924 5082427 5082426 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 5082426 5082413 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082413 11677-11568 11677-11569 11677-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.0 https://support.microsoft.com/help/5082413 11677-11568 11677-11569 11677-11570 5082413 5082400 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082400 11863-10378 11863-10379 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082400 11863-10378 11863-10379 5082400 5082402 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082402 11863-10483 11863-10543 Maybe Security Update 4.7.4141.0 https://support.microsoft.com/help/5082402 11863-10483 11863-10543 5082402 5082425 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082425 12079-11923 12079-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082425 12079-11923 12079-11924 5082425 5082419 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 5082419 5082424 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082424 12079-12085 12079-12086 12079-12242 12079-12243 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082424 12079-12085 12079-12086 12079-12242 12079-12243 5082424 5082417 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082417 12079-20437 12079-20438 12079-12436 12079-12437 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082417 12079-20437 12079-20438 12079-12436 12079-12437 5082417 5082418 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082418 12079-12244 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082418 12079-12244 5082418 5082420 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082420 12079-12389 12079-12390 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082420 12079-12389 12079-12390 5082420 5082398 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082398 2472-10378 2472-10379 2472-10483 2472-10543 Maybe Security Update 2.0.50727.8982 & 3.0.30729.8976 https://support.microsoft.com/help/5082398 2472-10378 2472-10379 2472-10483 2472-10543 5082398 5082421 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082421 12079-20854 12079-21196 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082421 12079-20854 12079-21196 5082421 Ludvig Pedersen 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft SQL Server Remote Code Execution Vulnerability <p>Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SQL sysadmin privileges.</p> <p><strong>I am running SQL Server on my system. What action do I need to take?</strong></p> <p>Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.</p> <p><strong>There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?</strong></p> <ul> <li>First, determine your SQL Server version number. For more information on determining your SQL Server version number, see <a href="https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates">Microsoft Knowledge Base Article 321185</a> - How to determine the version, edition, and update level of SQL Server and its components.</li> <li>Second, in the following table, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.</li> </ul> <p><strong>Note</strong> If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product to apply this and future security updates.</p> <table> <thead> <tr> <th>Update Number</th> <th>Title</th> <th>Version</th> <th>Apply if current product version is…</th> <th>This security update also includes servicing releases up through…</th> </tr> </thead> <tbody> <tr> <td><strong>5083245</strong></td> <td>Security update for SQL Server 2025 CU3+GDR</td> <td>17.0.4030.1</td> <td>17.0.4006.2 - 17.0.4025.3</td> <td>KB5077896 - Previous SQL2025 RTM CU3</td> </tr> <tr> <td><strong>5084814</strong></td> <td>Security update for SQL Server 2025 RTM+GDR</td> <td>17.0.1110.1</td> <td>17.0.1000.7 - 17.0.1105.2</td> <td>KB5077468 - Previous SQL2025 RTM GDR</td> </tr> <tr> <td><strong>5083252</strong></td> <td>Security update for SQL Server 2022 CU24+GDR</td> <td>16.0.4250.1</td> <td>16.0.4003.1 - 16.0.4245.2</td> <td>KB5080999 - Previous SQL2022 RTM CU24</td> </tr> <tr> <td><strong>5084815</strong></td> <td>Security update for SQL Server 2022 RTM+GDR</td> <td>16.0.1175.1</td> <td>16.0.1000.6 - 16.0.1170.5</td> <td>KB5077465 - Previous SQL2022 RTM GDR</td> </tr> <tr> <td><strong>5084816</strong></td> <td>Security update for SQL Server 2019 CU32+GDR</td> <td>15.0.4465.1</td> <td>15.0.4003.23 - 15.0.4460.4</td> <td>KB 5077469 - Previous SQL2019 RTM CU32 GDR</td> </tr> <tr> <td><strong>5084817</strong></td> <td>Security update for SQL Server 2019 RTM+GDR</td> <td>15.0.2165.1</td> <td>15.0.2000.5 - 15.0.2160.4</td> <td>KB 5077470 - Previous SQL2019 RTM GDR</td> </tr> <tr> <td><strong>5084818</strong></td> <td>Security update for SQL Server 2017 CU31+GDR</td> <td>14.0.3525.1</td> <td>14.0.3006.16 - 14.0.3520.4</td> <td>KB 5077471 - Previous SQL2017 RTM CU31 GDR</td> </tr> <tr> <td><strong>5084819</strong></td> <td>Security update for SQL Server 2017 RTM+GDR</td> <td>14.0.2105.1</td> <td>14.0.1000.169 - 14.0.2100.4</td> <td>KB 5077472 - Previous SQL2017 RTM GDR</td> </tr> <tr> <td><strong>5084820</strong></td> <td>Security update for SQL Server 2016 Azure Connect Feature Pack+GDR</td> <td>13.0.7080.1</td> <td>13.0.7000.253 - 13.0.7075.5</td> <td>KB 5077473 - Previous SQL2016 Azure Connect Feature Pack GDR</td> </tr> <tr> <td><strong>5084821</strong></td> <td>Security update for SQL Server 2016 SP3+GDR</td> <td>13.0.6485.1</td> <td>13.0.6300.2 - 13.0.6480.4</td> <td>KB 5077474 - Previous SQL2016 RTM GDR</td> </tr> </tbody> </table> <p><strong>What are the GDR and CU update designations and how do they differ?</strong></p> <p>The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.</p> <ul> <li>GDR updates – cumulatively only contain security updates for the given baseline.</li> <li>CU updates – cumulatively contain all functional fixes and security updates for the given baseline.</li> </ul> <p>For any given baseline, either the GDR or CU updates could be options (see below).</p> <ul> <li>If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.</li> <li>If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.</li> <li>If SQL Server installation has intentionally installed previous CU updates, then choose to install the CU security update package.</li> </ul> <p><strong>Note:</strong> You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.</p> <p><strong>Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?</strong></p> <p>Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.</p> SQL Server Microsoft Yes CVE-2026-33120 Untrusted Pointer Dereference 12147 Remote Code Execution 12147 Important 12147 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12147 5084815 https://www.microsoft.com/en-us/download/details.aspx?id=108622 12147 Maybe Security Update 16.0.1175.1 https://support.microsoft.com/help/5084815 12147 5084815 David Hayman 1.0 2026-04-14T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5289 Use after free in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5289 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:55 <p>Information published.</p> Chromium: CVE-2026-5286 Use after free in Dawn <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5286 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:53 <p>Information published.</p> Chromium: CVE-2026-5287 Use after free in PDF <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5287 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:54 <p>Information published.</p> Chromium: CVE-2026-5285 Use after free in WebGL <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5285 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:52 <p>Information published.</p> Chromium: CVE-2026-5284 Use after free in Dawn <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5284 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:51 <p>Information published.</p> Chromium: CVE-2026-5283 Inappropriate implementation in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5283 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:50 <p>Information published.</p> Chromium: CVE-2026-5281 Use after free in Dawn <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information. Google is aware that an exploit for CVE-2026-5281 exists in the wild.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5281 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:49 <p>Information published.</p> Chromium: CVE-2026-5280 Use after free in WebCodecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5280 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:48 <p>Information published.</p> Chromium: CVE-2026-5279 Object corruption in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5279 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:47 <p>Information published.</p> Microsoft Word Information Disclosure Vulnerability <p>Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office Word Microsoft Yes CVE-2026-33822 Out-of-bounds Read 11762 11763 11951 12440 Information Disclosure 11762 Information Disclosure 11763 Information Disclosure 11951 Information Disclosure 12440 Important 11762 Important 11763 Important 11951 Important 12440 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C 11762 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C 11763 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C 11951 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C 12440 Click to Run 11762 11763 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes wh1tc@Kunlun lab&amp; devoke &amp; Zhiniang Peng with HUST 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Defender Elevation of Privilege Vulnerability <p>Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.</p> <table> <thead> <tr> <th>References</th> <th>Identification</th> </tr> </thead> <tbody> <tr> <td>Last version of the Microsoft Defender Antimalware Platform affected by this vulnerability</td> <td>Version 4.18.26020.6</td> </tr> <tr> <td>First version of the Microsoft Defender Antimalware Platform with this vulnerability addressed</td> <td>Version 4.18.26030.3011</td> </tr> </tbody> </table> <p>See <a href="https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus">Manage Updates Baselines Microsoft Defender Antivirus</a> for more information.</p> <p><strong>Microsoft Defender is disabled in my environment, why are vulnerability scanners showing that I am vulnerable to this issue?</strong></p> <p>Vulnerability scanners are looking for specific binaries and version numbers on devices. Microsoft Defender files are still on disk even when disabled. Systems that have disabled Microsoft Defender are not in an exploitable state.</p> <p><strong>Why is no action required to install this update?</strong></p> <p>In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Windows Defender Antimalware Platform. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner.</p> <p>For enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Windows Defender Antimalware Platform are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating.</p> <p>Best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Windows Defender Antimalware Platform updates and malware definitions, is working as expected in their environment.</p> <p><strong>How often are the Microsoft Defender Antimalware Platform and malware definitions updated?</strong></p> <p>Microsoft typically releases an update for the Microsoft Defender Antimalware Platform once a month or as needed to protect against new threats. Microsoft also typically updates the malware definitions three times daily and can increase the frequency when needed.</p> <p>Depending on which Microsoft antimalware software is used and how it is configured, the software may search for platform, engine and definition updates every day when connected to the Internet, up to multiple times daily. Customers can also choose to manually check for updates at any time.</p> <p><strong>What is the Microsoft Defender Antimalware Platform?</strong></p> <p>The Microsoft Defender Antimalware Platform is a collection of user-mode binaries (e.g. MsMpEng.exe) and kernel-mode drivers that run on top of Windows to keep devices protected against new and prevalent threats.</p> <p><strong>Microsoft Defender uses the Windows Defender Antimalware Platform. On which products is Defender installed and active by default?</strong></p> <p>Defender runs on all supported versions of Windows.</p> <p><strong>Are there other products that use the Microsoft Defender Antimalware Platform?</strong></p> <p>Yes, Microsoft System Center Endpoint Protection, Microsoft System Center 2012 R2 Endpoint Protection, Microsoft System Center 2012 Endpoint Protection and Microsoft Security Essentials.</p> <p><strong>Does this update contain any additional security-related changes to functionality?</strong></p> <p>Yes.  In addition to the changes that are listed for this vulnerability, this update includes defense-in-depth updates to help improve security-related features.</p> <h2 id="suggested-actions">Suggested Actions</h2> <p><strong>Verify that the update is installed</strong></p> <p>Customers should verify that the latest version of the Microsoft Malware Protection Platform and definition updates are being actively downloaded and installed for their Microsoft antimalware products.</p> <ol> <li>Open the Windows Security program. For example, type Security in the Search bar, and select the Windows Security program.</li> <li>In the navigation pane, select Virus &amp; threat protection.</li> <li>Then click on <strong>Protection Updates</strong> in the Virus &amp; threat protection section updates.</li> <li>Select <strong>Check for updates</strong>.</li> <li>In the navigation pane, select <strong>Settings</strong>, and then select <strong>About</strong>.</li> <li>Examine the <strong>Antimalware ClientVersion</strong> number. The update was successfully installed if the Malware Protection Platform version number or the signature package version number matches or exceeds the version number that you are trying to verify as installed.</li> </ol> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Microsoft Defender Microsoft Yes CVE-2026-33825 Insufficient Granularity of Access Control 11744 Elevation of Privilege 11744 Important 11744 Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 7.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C 11744 Release Notes 11744 Maybe Security Update 4.18.26030.3011 https://www.microsoft.com/en-us/wdsi/defenderupdates 11744 Release Notes Yuanpei XU (HUST) with Diffract & 0x25028335 & 0xa773900 Yuanpei XU (HUST) with Diffract & 0x25028335 & 0xa773900 <a href="https://github.com/steadytao">Zen Dodd</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Active Directory Remote Code Execution Vulnerability <p>Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>To exploit this vulnerability, an authenticated attacker would need to send a specially crafted RPC call to an RPC host. This could result in remote code execution on the server side with the same permissions as the RPC service.</p> <p><strong>According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires that an attacker needs to be in the same restricted Active Directory domain as the target system. The attack surface is not reachable from broader networks, which is why the attack vector is considered adjacent (AV:A).</p> Windows Active Directory Microsoft Yes CVE-2026-33826 Improper Input Validation 11571 11572 11923 11924 12437 12244 12436 10816 10855 10483 10543 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 12437 Remote Code Execution 12244 Remote Code Execution 12436 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10483 Remote Code Execution 10543 Critical 11571 Critical 11572 Critical 11923 Critical 11924 Critical 12437 Critical 12244 Critical 12436 Critical 10816 Critical 10855 Critical 10483 Critical 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/aniqfakhrul">Aniq Fakhrul</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability <p>Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>This vulnerability could allow a local, non‑administrator attacker to read any files that are accessible to the UPnP Device Host Service, which runs under the LOCAL SERVICE account. This may include restricted system files or configuration data that the attacker would not normally be able to access. The specific information exposed depends on the files that the service is permitted to read.</p> Universal Plug and Play (upnp.dll) Microsoft Yes CVE-2026-32212 Improper Link Resolution Before File Access ('Link Following') Improper Privilege Management 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Integer Truncation on SQLite <p><strong>Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?</strong></p> <p>One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See <a href="https://www.microsoft.com/en-us/msrc/blog/2025/10/toward-greater-transparency-machine-readable-vulnerability-exploitability-xchange-for-azure-linux">this blog</a> post for more information. If impact to additional products is identified, we will update the CVE to reflect this.</p> Mariner Google Yes CVE-2025-6965 Numeric Truncation Error 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 19582-16823 20296-17084 19759-17086 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 19582-16823 20296-17084 19759-17086 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Important 19582-16823 Important 20296-17084 Important 19759-17086 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 12242 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 12243 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 19582-16823 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 20296-17084 9.8 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 19759-17086 5073723 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073723 5071544 11568 11569 11571 11572 Yes Security Update 10.0.17763.8276 https://support.microsoft.com/help/5073723 11568 11569 11571 11572 5073723 5073723 https://support.microsoft.com/help/5073723 11568 11569 11571 11572 5073457 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073457 5071547 11923 11924 Yes Security Update 10.0.20348.4648 https://support.microsoft.com/help/5073457 11923 11924 5073457 5073457 https://support.microsoft.com/help/5073457 11923 11924 5073724 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073724 5071546 11929 11930 11931 Yes Security Update 10.0.19044.6809 https://support.microsoft.com/help/5073724 11929 11930 11931 5073724 5073724 https://support.microsoft.com/help/5073724 11929 11930 11931 12097 12098 12099 5073724 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073724 5071546 12097 12098 12099 Yes Security Update 10.0.19045.6809 https://support.microsoft.com/help/5073724 12097 12098 12099 5073724 5073379 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073379 5072033 12437 12436 Yes Security Update 10.0.26100.32230 https://support.microsoft.com/en-us/topic/a6021fd2-b3b7-45a7-b68e-35c28a2a77da 12437 12436 5073379 5073379 https://support.microsoft.com/help/5073379 12437 12436 5074109 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5074109 5072033 20437 20438 Yes Security Update 10.0.26200.7623 https://support.microsoft.com/help/5074109 20437 20438 5074109 5074109 https://support.microsoft.com/help/5074109 20437 20438 12389 12390 5073455 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073455 5071417 12242 12243 Yes Security Update 10.0.22631.6491 https://support.microsoft.com/help/5073455 12242 12243 5073455 5073455 https://support.microsoft.com/help/5073455 12242 12243 5073450 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073450 5071542 12244 Yes Security Update 10.0.25398.2092 https://support.microsoft.com/help/5073450 12244 5073450 5073450 https://support.microsoft.com/help/5073450 12244 5074109 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5074109 5072033 12389 12390 Yes Security Update 10.0.26100.7623 https://support.microsoft.com/help/5074109 12389 12390 5074109 5073722 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073722 5071543 10852 10853 10816 10855 Yes Security Update 10.0.14393.8783 https://support.microsoft.com/help/5073722 10852 10853 10816 10855 5073722 CBL-Mariner Releases 19582-16823 19759-17086 No Security Update 3.39.2-4 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 19582-16823 19759-17086 CBL-Mariner Releases CBL-Mariner Releases 20296-17084 No Security Update 3.44.0-2 https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade 20296-17084 CBL-Mariner Releases Anonymous 2.0 2026-03-05T08:00:00 <p>Added Affected Software for Windows packages</p> 1.0 2025-08-14T00:00:00 <p>Information published.</p> 3.0 2026-02-18T01:48:45 <p>Information published.</p> 4.0 2026-04-14T07:00:00 <p>This CVE has been updated to include new package information</p> GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashes <p><a href="https://www.cve.org/CVERecord?id=CVE-2026-32631">CVE-2026-32631</a> is regarding a vulnerability where it is possible to obtain a user's NTLM hash by tricking them into cloning a malicious repository, or checking out a malicious branch that accesses an attacker-controlled server. By default, NTLM authentication does not need any user interaction. GitHub created this CVE on their behalf. The documented Visual Studio updates incorporate updates in Git which address this vulnerability.</p> <p>Please see <a href="https://www.cve.org/CVERecord?id=CVE-2026-32631">CVE-2026-32631</a> for more information.</p> GitHub Repo: Git for Windows GitHub Yes CVE-2026-32631 Exposure of Private Personal Information to an Unauthorized Actor 11720 11600 12459 16767 Information Disclosure 11720 Information Disclosure 11600 Information Disclosure 12459 Information Disclosure 16767 Important 11720 Important 11600 Important 12459 Important 16767 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 11720 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 11600 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 12459 7.4 6.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C 16767 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 16.11 11720 Maybe Security Update 16.11.55 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 11720 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 15.9 11600 Maybe Security Update 15.9.79 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 11600 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.12 12459 Maybe Security Update 17.12.19 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 12459 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.14 16767 Maybe Security Update 17.14.30 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 16767 Release Notes 1.0 2026-04-14T07:00:00 <p>Information published.</p> HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers <p><a href="https://www.cve.org/CVERecord?id=CVE-2026-21637">CVE-2026-21637</a> is regarding a vulnerability in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths (tlsClientError and error), causing either immediate process termination or silent file descriptor leaks that eventually lead to denial of service. Because these callbacks process attacker-controlled input during the TLS handshake, a remote client can repeatedly trigger the issue. HackerOne created this CVE on their behalf. The documented Visual Studio updates incorporate updates in Node.js which address this vulnerability.</p> <p>Please see <a href="https://www.cve.org/CVERecord?id=CVE-2026-21637">CVE-2026-21637</a> for more information.</p> Node.js HackerOne Yes CVE-2026-21637 Uncontrolled Resource Consumption 11935 12459 16767 Denial of Service 11935 Denial of Service 12459 Denial of Service 16767 Moderate 11935 Moderate 12459 Moderate 16767 Publicly Disclosed:No;Exploited:No;Latest Software Release:N/A 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 11935 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12459 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 16767 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 16.11 11935 Maybe Security Update 16.11.55 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 11935 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.12 12459 Maybe Security Update 17.12.19 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 12459 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.14 16767 Maybe Security Update 17.14.30 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 16767 Release Notes 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Recovery Environment Security Feature Bypass Vulnerability <p>Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.</p> Windows Recovery Environment Agent Microsoft Yes CVE-2026-20928 Improper Removal of Sensitive Information Before Storage or Transfer 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 20854 Security Feature Bypass 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 4.6 4.0 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://dfir.ru/">Maxim Suhanov</a> with CICADA8 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows COM Server Information Disclosure Vulnerability <p>Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could potentially read User Mode Service Memory.</p> Windows COM Microsoft Yes CVE-2026-20806 Access of Resource Using Incompatible Type ('Type Confusion') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Pwnforr777 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Word Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> Microsoft Office Word Microsoft Yes CVE-2026-23657 Use After Free 11762 11763 12420 12421 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 12420 Remote Code Execution 12421 Important 11762 Important 11763 Important 12420 Important 12421 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 Click to Run 11762 11763 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 12420 12421 Click to Run Haifei Li with <a href="https://pub.expmon.com/">EXPMON</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft PowerShell Security Feature Bypass Vulnerability <p>Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker would have to send the victim a malicious file that the victim would have to execute.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>Exploiting this vulnerability bypasses dynamic-expression security checks which may lead to arbitrary code execution when then -SkipLimitCheck is used with Import-PowerShellDataFile. If you do not use the -SkipLimitCheck switch, you are not affected.</p> <p><strong>Is the Windows native version of PowerShell affected by this vulnerability?</strong></p> <p>No, this vulnerability was introduced after PowerShell was forked from Windows powerShell so the inbox version is not affected.</p> <p>The current store app addresses the vulnerability.</p> Microsoft PowerShell Microsoft Yes CVE-2026-26143 Improper Input Validation 16787 12262 Security Feature Bypass 16787 Security Feature Bypass 12262 Important 16787 Important 12262 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16787 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12262 Release Notes https://github.com/PowerShell/Announcements/issues/82 16787 Maybe Security Update 7.5.5 https://github.com/PowerShell/Announcements/issues/82 16787 Release Notes Release Notes https://github.com/PowerShell/Announcements/issues/82 12262 Maybe Security Update 7.4.14 https://github.com/PowerShell/Announcements/issues/82 12262 Release Notes <a href="https://github.com/surfingoldelephant">surfingoldelephant</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Cryptographic Services Elevation of Privilege Vulnerability <p>Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment.</p> Windows Cryptographic Services Microsoft Yes CVE-2026-26152 Insecure Storage of Sensitive Information 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability <p>Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Encrypting File System (EFS) Microsoft Yes CVE-2026-26153 Out-of-bounds Read 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 Hangyu Hua(@HBh25Y) with Shuffle Team and Hunan University Hangyu Hua(@HBh25Y) with Shuffle Team and Hunan University 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Hyper-V Remote Code Execution Vulnerability <p>Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.</p> <p>For example, when the score indicates that the <strong>Attack Vector</strong> is <strong>Local</strong> and <strong>User Interaction</strong> is <strong>Required</strong>, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.</p> Role: Windows Hyper-V Microsoft Yes CVE-2026-26156 Heap-based Buffer Overflow Out-of-bounds Read Improper Input Validation 20854 20853 11569 11571 11572 11923 11924 11931 12097 12437 20437 20438 12242 12243 12244 12389 12390 12436 10853 10816 10855 Remote Code Execution 20854 Remote Code Execution 20853 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Important 20854 Important 20853 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11931 Important 12097 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10853 10816 10855 5082198 cyanbamboo and b2ahex 1.0 2026-04-14T07:00:00 <p>Information published.</p> Remote Desktop Licensing Service Elevation of Privilege Vulnerability <p>Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Remote Desktop Licensing Service Microsoft Yes CVE-2026-26159 Missing Authentication for Critical Function 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Howard McGreehan with MSRC V&M 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Elevation of Privilege Vulnerability <p>Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Kernel Microsoft Yes CVE-2026-26163 Double Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Samer Karim with Microsoft Inc. 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>In this case, a successful attack could be performed from a low privilege <a href="https://docs.microsoft.com/windows/win32/secauthz/appcontainer-isolation">AppContainer</a>. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-26168 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kernel Memory Information Disclosure Vulnerability <p>Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>Exploiting this vulnerability could allow the disclosure of certain kernel memory content.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and some loss of integrity (I:L), but no loss of availability (A:N). What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could view sensitive information, (Confidentiality), and make some changes to disclosed information (Integrity), but they would not be able to affect Availability.</p> Windows Kernel Memory Microsoft Yes CVE-2026-26169 Buffer Over-read 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20854 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20853 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11568 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11569 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11571 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11572 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11923 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11924 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11929 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11930 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 11931 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12097 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12098 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12099 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12437 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20437 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 20438 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12242 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12243 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12244 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12389 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12390 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 12436 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10852 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10853 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10816 6.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Faiustov Denis with GMO Cybersecurity by Ierae, Inc. Masahiro Kawada with GMO Cybersecurity by Ierae, Inc. 1.0 2026-04-14T07:00:00 <p>Information published.</p> PowerShell Elevation of Privilege Vulnerability <p>Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Microsoft PowerShell Microsoft Yes CVE-2026-26170 Improper Input Validation 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Push Notifications Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows Push Notifications Microsoft Yes CVE-2026-26172 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-26173 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free NULL Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability <p>Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Client Side Caching driver (csc.sys) Microsoft Yes CVE-2026-26176 Heap-based Buffer Overflow 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://github.com/cbwang505">ChengBin Wang</a> with <a href="https://www.guolisec.com/">ZheJiang Guoli Security Technology</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-26177 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/her0m4nt">her0m4nt</a> <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability <p>Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker could create malicious WebGL content that triggers an unsafe buffer copy inside D3D10Warp.dll(Direct3D 10 WARP (Windows Advanced Rasterization Platform)).</p> <p>When a user’s browser processes this content, the attacker‑controlled parameters can cause a buffer overflow in the Windows graphics component, potentially enabling elevated privileges on the system.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>A user would need to visit a website or open content that uses WebGL features such as gl.texStorage3D or gl.texSubImage3D inside a Chromium‑based browser. No additional actions beyond loading this content are required.</p> Windows Advanced Rasterization Platform Microsoft Yes CVE-2026-26178 Incorrect Conversion between Numeric Types Integer Overflow or Wraparound 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Dongzhuo Zhao working with ADLab of Venustech Dongzhuo Zhao working with ADLab of Venustech 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-26182 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-26184 Buffer Over-read 20854 20853 11571 11569 11568 11923 11572 11924 11930 11931 11929 12097 12099 12098 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11571 Elevation of Privilege 11569 Elevation of Privilege 11568 Elevation of Privilege 11923 Elevation of Privilege 11572 Elevation of Privilege 11924 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 11929 Elevation of Privilege 12097 Elevation of Privilege 12099 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11571 Important 11569 Important 11568 Important 11923 Important 11572 Important 11924 Important 11930 Important 11931 Important 11929 Important 12097 Important 12099 Important 12098 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11569 11568 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11569 11568 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11930 11931 11929 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11930 11931 11929 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12099 12098 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12099 12098 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Search Service Elevation of Privilege Vulnerability <p>Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Microsoft Windows Search Component Microsoft Yes CVE-2026-27909 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://linkedin.com/in/jongseongkim">Jongseong Kim (nevul37), SEC-agent team</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Installer Elevation of Privilege Vulnerability <p>Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Installer Microsoft Yes CVE-2026-27910 Improper Handling of Insufficient Permissions or Privileges 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://infosec.exchange/@jagotu">JaGoTu</a> with <a href="https://www.dcit.cz/">DCIT, a.s.</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows User Interface Core Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows User Interface Core Microsoft Yes CVE-2026-27911 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Kerberos Elevation of Privilege Vulnerability <p>Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.</p> <p><strong>According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires that an attacker needs to be in the same restricted Active Directory domain as the target system. The attack surface is not reachable from broader networks, which is why the attack vector is considered adjacent (AV:A).</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Kerberos Microsoft Yes CVE-2026-27912 Improper Authorization 11571 11572 11923 11924 12437 12244 12436 10816 10855 10378 10379 10483 10543 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 12244 Elevation of Privilege 12436 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.0 7.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://www.linkedin.com/in/shailaron">Shai Laron</a> with Semperis 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows BitLocker Security Feature Bypass Vulnerability <p>Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass Secure Boot.</p> Windows BitLocker Microsoft Yes CVE-2026-27913 Improper Input Validation 11571 12244 10816 10855 11572 11923 10379 10378 10483 10543 11924 Security Feature Bypass 11571 Security Feature Bypass 12244 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 10379 Security Feature Bypass 10378 Security Feature Bypass 10483 Security Feature Bypass 10543 Security Feature Bypass 11924 Important 11571 Important 12244 Important 10816 Important 10855 Important 11572 Important 11923 Important 10379 Important 10378 Important 10483 Important 10543 Important 11924 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10816 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10855 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10379 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10378 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10483 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 10543 7.7 6.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10379 10378 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10379 10378 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/alon_leviev">Alon Leviev</a> with Microsoft (STORM) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Management Console Elevation of Privilege Vulnerability <p>Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Microsoft Management Console Microsoft Yes CVE-2026-27914 Improper Access Control 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://twitter.com/filip_dragovic">Filip Dragović</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploits this vulnerability could gain access to a limited set of administrator-protected objects.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27916 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27920 Untrusted Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-27922 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://twitter.com/scwuaptx">Angelboy (@scwuaptx)</a> with <a href="https://devco.re/">DEVCORE</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Desktop Window Manager Microsoft Yes CVE-2026-27923 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Varun Goel 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Information Disclosure Vulnerability <p>Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-27925 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 6.5 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Hello Security Feature Bypass Vulnerability <p>Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.</p> <p><strong>According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could bypass the MFA required for Windows Hello for Business PIN provisioning.</p> <p><strong>Where can I find more information about Windows Hello for Business PIN provisioning?</strong></p> <p>Please see <a href="https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/how-it-works-provisioning">Windows Hello for Business PIN provisioning</a> for updated details.</p> Windows Hello Microsoft Yes CVE-2026-27928 Improper Input Validation 11571 11572 11923 11924 12437 12244 12436 10816 10855 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 12437 Security Feature Bypass 12244 Security Feature Bypass 12436 Security Feature Bypass 10816 Security Feature Bypass 10855 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 12437 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 12436 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 10816 8.7 7.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 sec-42a020b982ef sec-42a020b982ef 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows GDI Information Disclosure Vulnerability <p>Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>This vulnerability may allow an attacker to access small portions of memory from the affected application when it processes a specially crafted Enhanced Metafile (EMF). This issue is an out‑of‑bounds read, any disclosure would be limited to whatever data happens to reside in adjacent memory at the time.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>The user would have to open or preview content that contains the malicious Enhanced Metafile (EMF).</p> Windows GDI Microsoft Yes CVE-2026-27930 Out-of-bounds Read 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Information Disclosure 20854 Information Disclosure 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 xina1i@psbc 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows SSDP Service Microsoft Yes CVE-2026-32068 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-32069 Double Free 11924 11923 11571 11929 11930 11572 11931 11568 11569 12097 12098 12437 12099 20438 20437 12242 12243 12244 12390 12389 12436 20854 20853 Elevation of Privilege 11924 Elevation of Privilege 11923 Elevation of Privilege 11571 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11572 Elevation of Privilege 11931 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 12099 Elevation of Privilege 20438 Elevation of Privilege 20437 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12390 Elevation of Privilege 12389 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11924 Important 11923 Important 11571 Important 11929 Important 11930 Important 11572 Important 11931 Important 11568 Important 11569 Important 12097 Important 12098 Important 12437 Important 12099 Important 20438 Important 20437 Important 12242 Important 12243 Important 12244 Important 12390 Important 12389 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 11568 11569 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 11568 11569 5082123 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 20437 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 20437 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12390 12389 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12390 12389 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Common Log File System Driver Elevation of Privilege Vulnerability <p>Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Common Log File System Driver Microsoft Yes CVE-2026-32070 Use After Free 20854 20853 11923 11568 11571 11569 11924 11572 11930 11931 11929 12097 12098 12437 12099 20438 20437 12244 12243 12242 12389 12390 12436 10853 10852 10816 10855 10379 10378 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11923 Elevation of Privilege 11568 Elevation of Privilege 11571 Elevation of Privilege 11569 Elevation of Privilege 11924 Elevation of Privilege 11572 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 11929 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 12099 Elevation of Privilege 20438 Elevation of Privilege 20437 Elevation of Privilege 12244 Elevation of Privilege 12243 Elevation of Privilege 12242 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10853 Elevation of Privilege 10852 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10379 Elevation of Privilege 10378 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11923 Important 11568 Important 11571 Important 11569 Important 11924 Important 11572 Important 11930 Important 11931 Important 11929 Important 12097 Important 12098 Important 12437 Important 12099 Important 20438 Important 20437 Important 12244 Important 12243 Important 12242 Important 12389 Important 12390 Important 12436 Important 10853 Important 10852 Important 10816 Important 10855 Important 10379 Important 10378 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11571 11569 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11571 11569 11572 5082123 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11930 11931 11929 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11930 11931 11929 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 20437 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 20437 5083769 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12243 12242 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12243 12242 5082052 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10853 10852 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10853 10852 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10379 10378 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10379 10378 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security <a href="https://www.linkedin.com/in/daniel-dutra-4671a72a0/">Daniel Dutra</a> with <a href="https://templo.tech/">Templo</a> <a href="https://www.linkedin.com/in/henrique-antonov-3b7471236/">Henrique</a> with <a href="https://templo.tech/">Templo</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Active Directory Spoofing Vulnerability <p>Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.</p> Windows Active Directory Microsoft Yes CVE-2026-32072 Improper Authentication 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Spoofing 11568 Spoofing 11569 Spoofing 11571 Spoofing 11572 Spoofing 11923 Spoofing 11924 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 12097 Spoofing 12098 Spoofing 12099 Spoofing 12437 Spoofing 20437 Spoofing 20438 Spoofing 12242 Spoofing 12243 Spoofing 12244 Spoofing 12389 Spoofing 12390 Spoofing 12436 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 20854 Spoofing 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 6.2 5.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-32074 Double Free 20854 20853 11571 11572 11569 11923 11924 11568 11929 11930 11931 12097 12099 12098 12437 20438 20437 12242 12243 12244 12389 12390 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11569 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11568 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12099 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 20438 Elevation of Privilege 20437 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 20854 Important 20853 Important 11571 Important 11572 Important 11569 Important 11923 Important 11924 Important 11568 Important 11929 Important 11930 Important 11931 Important 12097 Important 12099 Important 12098 Important 12437 Important 20438 Important 20437 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 11569 11568 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 11569 11568 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12099 12098 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12099 12098 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 20437 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 20437 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Storage Spaces Controller Elevation of Privilege Vulnerability <p>Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Storage Spaces Controller Microsoft Yes CVE-2026-32076 Out-of-bounds Read 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Yoon Jung Hyun(Yuil Muil (@YuilMuil) / X) Yoon Jung Hyun(Yuil Muil (@YuilMuil) / X) 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows UPnP Device Host Elevation of Privilege Vulnerability <p>Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Windows Universal Plug and Play (UPnP) Device Host Microsoft Yes CVE-2026-32077 Untrusted Pointer Dereference 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5082806 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082806 5078738 10483 10543 Yes IE Cumulative 1.000 https://support.microsoft.com/help/5082806 10483 10543 5082806 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Projected File System Elevation of Privilege Vulnerability <p>Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Projected File System Microsoft Yes CVE-2026-32078 Use After Free 11924 11923 11572 11571 11930 11929 11569 11568 11931 12097 12098 12437 12099 12242 20438 12243 12389 12390 12244 20437 12436 20854 20853 Elevation of Privilege 11924 Elevation of Privilege 11923 Elevation of Privilege 11572 Elevation of Privilege 11571 Elevation of Privilege 11930 Elevation of Privilege 11929 Elevation of Privilege 11569 Elevation of Privilege 11568 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12437 Elevation of Privilege 12099 Elevation of Privilege 12242 Elevation of Privilege 20438 Elevation of Privilege 12243 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12244 Elevation of Privilege 20437 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11924 Important 11923 Important 11572 Important 11571 Important 11930 Important 11929 Important 11569 Important 11568 Important 11931 Important 12097 Important 12098 Important 12437 Important 12099 Important 12242 Important 20438 Important 12243 Important 12389 Important 12390 Important 12244 Important 20437 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11924 11923 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11924 11923 5082142 5082142 https://support.microsoft.com/help/5082142 11924 11923 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11572 11571 11569 11568 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11572 11571 11569 11568 5082123 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11930 11929 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11930 11929 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20438 20437 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20438 20437 5083769 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 ChenJian with Sea Security Orca Team 1.0 2026-04-14T07:00:00 <p>Information published.</p> Web Account Manager Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained (&quot;sandboxed&quot;) execution environment.</p> <p>Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows File Explorer Microsoft Yes CVE-2026-32079 Exposure of Sensitive Information to an Unauthorized Actor 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 20854 Information Disclosure 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows WalletService Elevation of Privilege Vulnerability <p>Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows WalletService Microsoft Yes CVE-2026-32080 Use After Free 11571 11572 11923 11924 12437 12244 12436 10816 10855 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 12437 Elevation of Privilege 12244 Elevation of Privilege 12436 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 11571 Important 11572 Important 11923 Important 11924 Important 12437 Important 12244 Important 12436 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10816 10855 5082198 <a href="https://twitter.com/hillstone_lab">Zhang WangJunJie, He YiSheng</a> with <a href="https://www.hillstonenet.com/">Hillstone Networks</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Print Spooler Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained (&quot;sandboxed&quot;) execution environment.</p> <p>Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows File Explorer Microsoft Yes CVE-2026-32084 Exposure of Sensitive Information to an Unauthorized Actor 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Information Disclosure 20854 Information Disclosure 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 David Zhu with Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Function Discovery Service (fdwsd.dll) Microsoft Yes CVE-2026-32086 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Biometric Service Security Feature Bypass Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>This vulnerability could allow an attacker to bypass the Windows biometric authentication feature. A malicious biometric device could be incorrectly recognized as trusted, allowing an attacker to falsely present biometric data and potentially gain access to the device without the legitimate user's fingerprint or face.</p> Windows Biometric Service Microsoft Yes CVE-2026-32088 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Security Feature Bypass 20854 Security Feature Bypass 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20854 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20853 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11568 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11569 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11571 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11572 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11923 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11924 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11929 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11930 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 11931 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12097 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12098 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12099 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12437 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20437 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 20438 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12242 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12243 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12244 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12389 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12390 6.1 5.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C 12436 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://www.linkedin.com/in/paragmali/">Parag Mali</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Brokering File System Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain the privileges of the logged-on user.</p> Microsoft Brokering File System Microsoft Yes CVE-2026-32091 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Hyper-V Remote Code Execution Vulnerability <p>Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. The vulnerable endpoint is only available over the local VM interface as all external communication is blocked. This means an attacker needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?</strong></p> <p>An authorized attacker with privileges could send controlled inputs to exploit this vulnerability.</p> Role: Windows Hyper-V Microsoft Yes CVE-2026-32149 Improper Input Validation Integer Underflow (Wrap or Wraparound) Heap-based Buffer Overflow 20854 20853 11569 11571 11572 11923 11924 11931 12097 12437 20437 20438 12242 12243 12244 12389 12390 12436 10853 10816 10855 Remote Code Execution 20854 Remote Code Execution 20853 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Important 20854 Important 20853 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11931 Important 12097 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.3 6.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10853 10816 10855 5082198 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Function Discovery Service (fdwsd.dll) Microsoft Yes CVE-2026-32150 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Information Disclosure Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address.</p> Windows Shell Microsoft Yes CVE-2026-32151 Exposure of Sensitive Information to an Unauthorized Actor 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Information Disclosure 20854 Information Disclosure 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 6.5 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Speech Runtime Elevation of Privilege Vulnerability <p>Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> Microsoft Windows Speech Microsoft Yes CVE-2026-32153 Use After Free Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11929 11930 11931 12097 12098 12099 20437 20438 12242 12243 12389 12390 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 20437 Important 20438 Important 12242 Important 12243 Important 12389 Important 12390 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 5082123 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Desktop Window Manager Elevation of Privilege Vulnerability <p>Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-free vulnerability, even as a standard user.</p> Desktop Window Manager Microsoft Yes CVE-2026-32155 Use After Free 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 <a href="https://x.com/dez_">Joe Desimone</a> with Elastic Security 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows COM Elevation of Privilege Vulnerability <p>Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows COM Microsoft Yes CVE-2026-32162 Acceptance of Extraneous Untrusted Data With Trusted Data 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Faiustov Denis with GMO Cybersecurity by Ierae, Inc. Masahiro Kawada with GMO Cybersecurity by Ierae, Inc. 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows User Interface Core Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> Windows User Interface Core Microsoft Yes CVE-2026-32163 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20854 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows User Interface Core Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to a contained execution environment escape. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer Isolation</a> for more information.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained (&quot;sandboxed&quot;) execution environment to a Medium Integrity Level. Please refer to <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation">AppContainer isolation</a> and <a href="https://learn.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control">Mandatory Integrity Control</a> for more information.</p> Windows User Interface Core Microsoft Yes CVE-2026-32164 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.8 6.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Azure Logic Apps Elevation of Privilege Vulnerability <p>Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain administrator privileges.</p> <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>An attacker could create a forged authentication token and use it to access administrative function APIs. This may allow them to retrieve keys, access the file system, and deploy unauthorized code within the Logic Apps environment.</p> <p><strong>How do customers mitigate this vulnerability?</strong></p> <p>Customers are protected through service-side (control plane) updates, which are automatically applied—there is no download, build number, or manual update required to receive the fix.</p> <p>The only exception is for existing Logic Apps that were created when WEBSITE_AUTH_ENCRYPTION_KEY was configured as an environment variable. For those existing apps, customers must make a small update (edit any environment variable) to trigger the change and fully mitigate the issue.</p> <p>New or updated Logic Apps already use a secret reference for the auth key and are automatically mitigated without any customer action.</p> Azure Logic Apps Microsoft Yes CVE-2026-32171 Insufficiently Protected Credentials 12228 Elevation of Privilege 12228 Important 12228 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12228 Nick Wojciechowski 1.0 2026-04-14T07:00:00 <p>Information published.</p> SQL Server Elevation of Privilege Vulnerability <p>Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited the vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SQL sysadmin privileges.</p> <p><strong>I am running SQL Server on my system. What action do I need to take?</strong></p> <p>Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.</p> <p><strong>There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?</strong></p> <ul> <li>First, determine your SQL Server version number. For more information on determining your SQL Server version number, see <a href="https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates">Microsoft Knowledge Base Article 321185</a> - How to determine the version, edition, and update level of SQL Server and its components.</li> <li>Second, in the following table, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.</li> </ul> <p><strong>Note</strong> If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product to apply this and future security updates.</p> <table> <thead> <tr> <th>Update Number</th> <th>Title</th> <th>Version</th> <th>Apply if current product version is…</th> <th>This security update also includes servicing releases up through…</th> </tr> </thead> <tbody> <tr> <td><strong>5083245</strong></td> <td>Security update for SQL Server 2025 CU3+GDR</td> <td>17.0.4030.1</td> <td>17.0.4006.2 - 17.0.4025.3</td> <td>KB5077896 - Previous SQL2025 RTM CU3</td> </tr> <tr> <td><strong>5084814</strong></td> <td>Security update for SQL Server 2025 RTM+GDR</td> <td>17.0.1110.1</td> <td>17.0.1000.7 - 17.0.1105.2</td> <td>KB5077468 - Previous SQL2025 RTM GDR</td> </tr> <tr> <td><strong>5083252</strong></td> <td>Security update for SQL Server 2022 CU24+GDR</td> <td>16.0.4250.1</td> <td>16.0.4003.1 - 16.0.4245.2</td> <td>KB5080999 - Previous SQL2022 RTM CU24</td> </tr> <tr> <td><strong>5084815</strong></td> <td>Security update for SQL Server 2022 RTM+GDR</td> <td>16.0.1175.1</td> <td>16.0.1000.6 - 16.0.1170.5</td> <td>KB5077465 - Previous SQL2022 RTM GDR</td> </tr> <tr> <td><strong>5084816</strong></td> <td>Security update for SQL Server 2019 CU32+GDR</td> <td>15.0.4465.1</td> <td>15.0.4003.23 - 15.0.4460.4</td> <td>KB 5077469 - Previous SQL2019 RTM CU32 GDR</td> </tr> <tr> <td><strong>5084817</strong></td> <td>Security update for SQL Server 2019 RTM+GDR</td> <td>15.0.2165.1</td> <td>15.0.2000.5 - 15.0.2160.4</td> <td>KB 5077470 - Previous SQL2019 RTM GDR</td> </tr> <tr> <td><strong>5084818</strong></td> <td>Security update for SQL Server 2017 CU31+GDR</td> <td>14.0.3525.1</td> <td>14.0.3006.16 - 14.0.3520.4</td> <td>KB 5077471 - Previous SQL2017 RTM CU31 GDR</td> </tr> <tr> <td><strong>5084819</strong></td> <td>Security update for SQL Server 2017 RTM+GDR</td> <td>14.0.2105.1</td> <td>14.0.1000.169 - 14.0.2100.4</td> <td>KB 5077472 - Previous SQL2017 RTM GDR</td> </tr> <tr> <td><strong>5084820</strong></td> <td>Security update for SQL Server 2016 Azure Connect Feature Pack+GDR</td> <td>13.0.7080.1</td> <td>13.0.7000.253 - 13.0.7075.5</td> <td>KB 5077473 - Previous SQL2016 Azure Connect Feature Pack GDR</td> </tr> <tr> <td><strong>5084821</strong></td> <td>Security update for SQL Server 2016 SP3+GDR</td> <td>13.0.6485.1</td> <td>13.0.6300.2 - 13.0.6480.4</td> <td>KB 5077474 - Previous SQL2016 RTM GDR</td> </tr> </tbody> </table> <p><strong>What are the GDR and CU update designations and how do they differ?</strong></p> <p>The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.</p> <ul> <li>GDR updates – cumulatively only contain security updates for the given baseline.</li> <li>CU updates – cumulatively contain all functional fixes and security updates for the given baseline.</li> </ul> <p>For any given baseline, either the GDR or CU updates could be options (see below).</p> <ul> <li>If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.</li> <li>If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.</li> <li>If SQL Server installation has intentionally installed previous CU updates, then choose to install the CU security update package.</li> </ul> <p><strong>Note:</strong> You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.</p> <p><strong>Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?</strong></p> <p>Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.</p> SQL Server Microsoft Yes CVE-2026-32176 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 21090 20748 21091 11478 11821 12048 12053 12145 12147 16785 Elevation of Privilege 21090 Elevation of Privilege 20748 Elevation of Privilege 21091 Elevation of Privilege 11478 Elevation of Privilege 11821 Elevation of Privilege 12048 Elevation of Privilege 12053 Elevation of Privilege 12145 Elevation of Privilege 12147 Elevation of Privilege 16785 Important 21090 Important 20748 Important 21091 Important 11478 Important 11821 Important 12048 Important 12053 Important 12145 Important 12147 Important 16785 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 21090 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20748 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 21091 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11478 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11821 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12048 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12053 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12145 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12147 6.7 5.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 16785 5083245 https://www.microsoft.com/en-us/download/details.aspx?id=108618 21090 Maybe Security Update 17.0.4030.1 https://support.microsoft.com/help/5083245 21090 5083245 5084814 https://www.microsoft.com/en-us/download/details.aspx?id=108625 20748 Maybe Security Update 17.0.1110.1 https://support.microsoft.com/help/5084814 20748 5084814 5083252 https://www.microsoft.com/en-us/download/details.aspx?id=108620 21091 Maybe Security Update 16.0.4250.1 https://support.microsoft.com/help/5083252 21091 5083252 5084819 https://www.microsoft.com/en-us/download/details.aspx?id=108621 11478 Maybe Security Update 14.0.2105.1 https://support.microsoft.com/help/5084819 11478 5084819 5084817 https://www.microsoft.com/en-us/download/details.aspx?id=108619 11821 Maybe Security Update 15.0.2165.1 https://support.microsoft.com/help/5084817 11821 5084817 5084821 https://www.microsoft.com/en-us/download/details.aspx?id=108617 12048 Maybe Security Update 13.0.6485.1 https://support.microsoft.com/help/5084821 12048 5084821 5084820 https://www.microsoft.com/en-us/download/details.aspx?id=108624 12053 Maybe Security Update 13.0.7080.1 https://support.microsoft.com/help/5084820 12053 5084820 5084818 https://www.microsoft.com/en-us/download/details.aspx?id=108623 12145 Maybe Security Update 14.0.3525.1 https://support.microsoft.com/help/5084818 12145 5084818 5084815 https://www.microsoft.com/en-us/download/details.aspx?id=108622 12147 Maybe Security Update 16.0.1175.1 https://support.microsoft.com/help/5084815 12147 5084815 5084816 https://www.microsoft.com/en-us/download/details.aspx?id=108626 16785 Maybe Security Update 15.0.4465.1 https://support.microsoft.com/help/5084816 16785 5084816 Anon 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Office Remote Code Execution Vulnerability <p>Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>Yes, the Preview Pane is an attack vector.</p> Microsoft Office Microsoft Yes CVE-2026-32190 Use After Free 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10753 10754 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10753 Remote Code Execution 10754 Critical 11573 Critical 11574 Critical 11762 Critical 11763 Critical 11951 Critical 11952 Critical 11953 Critical 12420 Critical 12421 Critical 12440 Critical 10753 Critical 10754 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10753 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10754 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002859 https://www.microsoft.com/en-us/download/details.aspx?id=108606 5002838 10753 10754 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002859 10753 10754 5002859 Anonymous Li Shuang, willJ and Guang Gong with Vulnerability Research Institute 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Admin Center Spoofing Vulnerability <p>Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).</p> <p><strong>According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?</strong></p> <p>This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>The user would have to click on a specially crafted URL to be compromised by the attacker.</p> Windows Admin Center Microsoft Yes CVE-2026-32196 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 11629 Spoofing 11629 Important 11629 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 6.1 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C 11629 Release Notes https://aka.ms/downloadwac 11629 Maybe Security Update 2.6.5.16 https://learn.microsoft.com/en-us/windows-server/manage/windows-admin-center/support/release-history 11629 Release Notes <a href="https://www.linkedin.com/in/ben-zamir-401003237">Ben Zamir</a> with <a href="https://cymulate.com/">Cymulate</a> <a href="https://www.linkedin.com/in/ilan-kalendarov-4826741a0">Ilan Kalendarov</a> with <a href="https://cymulate.com/">Cymulate</a> <a href="https://www.linkedin.com/in/elad-beber-a17946184">Elad Beber</a> with <a href="https://cymulate.com/">Cymulate</a> <a href="https://www.linkedin.com/in/ruben-en/">Ruben Enkaoua</a> with <a href="https://cymulate.com/">Cymulate</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32197 Use After Free 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Remote Code Execution 10836 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10739 Remote Code Execution 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10836 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 wh1tc@Kunlun lab&amp; devoke &amp; Zhiniang Peng with HUST 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32198 Use After Free 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Remote Code Execution 10836 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10739 Remote Code Execution 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10836 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 <a href="https://x.com/dnpushme">f4 &amp; Zhiniang Peng with HUST</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Excel Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must send a user a malicious Office file and convince them to open it.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> Microsoft Office Excel Microsoft Yes CVE-2026-32199 Use After Free 10836 11573 11574 11762 11763 11951 11952 11953 12420 12421 12440 10739 10740 Remote Code Execution 10836 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Remote Code Execution 10739 Remote Code Execution 10740 Important 10836 Important 11573 Important 11574 Important 11762 Important 11763 Important 11951 Important 11952 Important 11953 Important 12420 Important 12421 Important 12440 Important 10739 Important 10740 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10836 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10739 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10740 5002855 https://www.microsoft.com/en-us/download/details.aspx?id=108613 5002846 10836 Maybe Security Update 16.0.10417.20113 https://support.microsoft.com/help/5002846 10836 5002855 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes 5002860 https://www.microsoft.com/en-us/download/details.aspx?id=108609 5002849 10739 10740 Maybe Security Update 16.0.5548.1000 https://support.microsoft.com/help/5002860 10739 10740 5002860 Haifei Li with <a href="https://pub.expmon.com/">EXPMON</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft PowerPoint Remote Code Execution Vulnerability <p>Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>How could an attacker exploit the vulnerability?</strong></p> <p>An attacker who successfully exploits this vulnerability could achieve remote code execution without user interaction.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>No, the Preview Pane is not an attack vector.</p> Microsoft Office PowerPoint Microsoft Yes CVE-2026-32200 Use After Free 11573 11574 11762 11763 11952 11953 12420 12421 10741 10742 Remote Code Execution 11573 Remote Code Execution 11574 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 10741 Remote Code Execution 10742 Important 11573 Important 11574 Important 11762 Important 11763 Important 11952 Important 11953 Important 12420 Important 12421 Important 10741 Important 10742 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11573 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11574 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10741 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10742 Click to Run 11573 11574 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates 11573 11574 11762 11763 11952 11953 12420 12421 Click to Run 5002808 https://www.microsoft.com/en-us/download/details.aspx?id=108610 5002790 10741 10742 Maybe Security Update 16.0.5548.1001 https://support.microsoft.com/help/5002808 10741 10742 5002808 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft SharePoint Server Spoofing Vulnerability <p>Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).</p> Microsoft Office SharePoint Microsoft Yes CVE-2026-32201 Improper Input Validation 10950 11585 11961 Spoofing 10950 Spoofing 11585 Spoofing 11961 Important 10950 Important 11585 Important 11961 Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C 10950 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C 11585 6.5 6.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C 11961 5002861 https://www.microsoft.com/en-us/download/details.aspx?id=108611 5002850 10950 Maybe Security Update 16.0.5548.1003 https://support.microsoft.com/help/5002861 10950 5002861 5002854 https://www.microsoft.com/en-us/download/details.aspx?id=108608 5002845 11585 Maybe Security Update 16.0.10417.20114 https://support.microsoft.com/help/5002854 11585 5002854 5002853 https://www.microsoft.com/en-us/download/details.aspx?id=108607 5002843 11961 Maybe Security Update 16.0.19725.20210 https://support.microsoft.com/help/5002853 11961 5002853 Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> 1.1 2026-04-14T07:00:00 <p>Added an acknowledgement. This is an informational change only.</p> .NET Denial of Service Vulnerability <p>Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.</p> .NET Microsoft Yes CVE-2026-26171 Uncontrolled Resource Consumption Improper Restriction of XML External Entity Reference 20839 12414 20838 12415 12416 12432 12434 12433 20837 Denial of Service 20839 Denial of Service 12414 Denial of Service 20838 Denial of Service 12415 Denial of Service 12416 Denial of Service 12432 Denial of Service 12434 Denial of Service 12433 Denial of Service 20837 Important 20839 Important 12414 Important 20838 Important 12415 Important 12416 Important 12432 Important 12434 Important 12433 Important 20837 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20839 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12414 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20838 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12415 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12416 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12432 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12434 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12433 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20837 5086095 https://dotnet.microsoft.com/download/dotnet/10.0 20839 20838 20837 Maybe Security Update 10.0.6 https://support.microsoft.com/help/5086095 20839 20838 20837 5086095 5086096 https://dotnet.microsoft.com/download/dotnet/8.0 12414 12415 12416 Maybe Security Update 8.0.26 https://support.microsoft.com/help/5086096 12414 12415 12416 5086096 5086097 https://dotnet.microsoft.com/download/dotnet/9.0 12432 12434 12433 Maybe Security Update 9.0.15 https://support.microsoft.com/help/5086097 12432 12434 12433 5086097 Ludvig Pedersen Ludvig Pedersen 1.0 2026-04-14T07:00:00 <p>Information published.</p> .NET and Visual Studio Denial of Service Vulnerability <p>Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.</p> .NET and Visual Studio Microsoft Yes CVE-2026-32203 Stack-based Buffer Overflow Improper Input Validation 12459 16767 20837 20838 20839 12414 12415 12416 12432 12433 12434 Denial of Service 12459 Denial of Service 16767 Denial of Service 20837 Denial of Service 20838 Denial of Service 20839 Denial of Service 12414 Denial of Service 12415 Denial of Service 12416 Denial of Service 12432 Denial of Service 12433 Denial of Service 12434 Important 12459 Important 16767 Important 20837 Important 20838 Important 20839 Important 12414 Important 12415 Important 12416 Important 12432 Important 12433 Important 12434 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12459 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 16767 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20837 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20838 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 20839 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12414 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12415 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12416 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12432 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12433 7.5 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C 12434 Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.12 12459 Maybe Security Update 17.12.19 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 12459 Release Notes Release Notes https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.14 16767 Maybe Security Update 17.14.30 https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes 16767 Release Notes 5086095 https://dotnet.microsoft.com/download/dotnet/10.0 20837 20838 20839 Maybe Security Update 10.0.6 https://support.microsoft.com/help/5086095 20837 20838 20839 5086095 5086096 https://dotnet.microsoft.com/download/dotnet/8.0 12414 12415 12416 Maybe Security Update 8.0.26 https://support.microsoft.com/help/5086096 12414 12415 12416 5086096 5086097 https://dotnet.microsoft.com/download/dotnet/9.0 12432 12433 12434 Maybe Security Update 9.0.15 https://support.microsoft.com/help/5086097 12432 12433 12434 5086097 Ludvig Pedersen <a href="https://github.com/vcsjones">vcsjones</a> with GitHub 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Shell Security Feature Bypass Vulnerability <p>Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.</p> <p><strong>What kind of security feature could be bypassed by successfully exploiting this vulnerability?</strong></p> <p>This vulnerability could allow an attacker to bypass SmartScreen protections that rely on the Mark of the Web (MotW) to identify files originating from the internet.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker could exploit this issue by convincing a user to open a specially crafted .lnk file delivered through email, a website download, or removable media. When opened, the shortcut causes Windows to launch commands or Control Panel applets without proper MotW handling, potentially allowing arbitrary command execution or loading attacker‑controlled DLLs.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>To successfully exploit this vulnerability, an attacker must convince a user to open a malicious link or shortcut file.</p> Windows Shell Microsoft Yes CVE-2026-32225 Protection Mechanism Failure 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 20854 20853 Security Feature Bypass 11568 Security Feature Bypass 11569 Security Feature Bypass 11571 Security Feature Bypass 11572 Security Feature Bypass 11923 Security Feature Bypass 11924 Security Feature Bypass 11929 Security Feature Bypass 11930 Security Feature Bypass 11931 Security Feature Bypass 12097 Security Feature Bypass 12098 Security Feature Bypass 12099 Security Feature Bypass 12437 Security Feature Bypass 20437 Security Feature Bypass 20438 Security Feature Bypass 12242 Security Feature Bypass 12243 Security Feature Bypass 12244 Security Feature Bypass 12389 Security Feature Bypass 12390 Security Feature Bypass 12436 Security Feature Bypass 10852 Security Feature Bypass 10853 Security Feature Bypass 10816 Security Feature Bypass 10855 Security Feature Bypass 10378 Security Feature Bypass 10379 Security Feature Bypass 10483 Security Feature Bypass 10543 Security Feature Bypass 20854 Security Feature Bypass 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.8 7.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 Jeong Lee with <a href="https://www.microsoft.com/">Microsoft</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-33099 Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 20437 20438 12242 12243 12244 12389 12390 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous working with TrendAI Zero Day Initiative Anonymous working with TrendAI Zero Day Initiative Anonymous working with TrendAI Zero Day Initiative 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability <p>Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Ancillary Function Driver for WinSock Microsoft Yes CVE-2026-33100 Use After Free 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 20854 Elevation of Privilege 20853 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous working with TrendAI Zero Day Initiative Anonymous working with TrendAI Zero Day Initiative 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Print Spooler Elevation of Privilege Vulnerability <p>Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Print Spooler Components Microsoft Yes CVE-2026-33101 Use After Free 12437 20437 20438 12244 12389 12390 12436 20854 20853 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20854 Elevation of Privilege 20853 Important 12437 Important 20437 Important 20438 Important 12244 Important 12389 Important 12390 Important 12436 Important 20854 Important 20853 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.8 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 <a href="https://x.com/zeifan">Nafiez</a> with <a href="https://zeifan.my/">NLab Security</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability <p>Improper access control in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.</p> Microsoft Dynamics 365 (on-premises) Microsoft Yes CVE-2026-33103 Improper Access Control 11664 Information Disclosure 11664 Important 11664 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11664 5078943 https://www.microsoft.com/en-us/download/details.aspx?id=108455 11664 Maybe Security Update 9.1.0044.0015 https://support.microsoft.com/help/5078943 11664 5078943 <a href="https://twitter.com/hoangnx99">Hoangnx and hoangha</a> with <a href="https://lab.viettelcybersecurity.com/">VCSLab of Viettel Cyber Security</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Win32k Elevation of Privilege Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition.</p> <p><strong>What privileges could be gained by an attacker who successfully exploited this vulnerability?</strong></p> <p>An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.</p> Windows Win32K - GRFX Microsoft Yes CVE-2026-33104 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Use After Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20853 20854 10852 10853 10816 10855 10378 10379 10483 10543 Elevation of Privilege 11568 Elevation of Privilege 11569 Elevation of Privilege 11571 Elevation of Privilege 11572 Elevation of Privilege 11923 Elevation of Privilege 11924 Elevation of Privilege 11929 Elevation of Privilege 11930 Elevation of Privilege 11931 Elevation of Privilege 12097 Elevation of Privilege 12098 Elevation of Privilege 12099 Elevation of Privilege 12437 Elevation of Privilege 20437 Elevation of Privilege 20438 Elevation of Privilege 12242 Elevation of Privilege 12243 Elevation of Privilege 12244 Elevation of Privilege 12389 Elevation of Privilege 12390 Elevation of Privilege 12436 Elevation of Privilege 20853 Elevation of Privilege 20854 Elevation of Privilege 10852 Elevation of Privilege 10853 Elevation of Privilege 10816 Elevation of Privilege 10855 Elevation of Privilege 10378 Elevation of Privilege 10379 Elevation of Privilege 10483 Elevation of Privilege 10543 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 20853 Important 20854 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 7.0 6.1 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20853 20854 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20853 20854 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Marcin Wiazowski working with <a href="https://www.zerodayinitiative.com/">TrendAI Zero Day Initiative</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Word Remote Code Execution Vulnerability <p>Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>Yes, the Preview Pane is an attack vector.</p> Microsoft Office Word Microsoft Yes CVE-2026-33114 Untrusted Pointer Dereference 11762 11763 11951 11952 11953 12420 12421 12440 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Critical 11762 Critical 11763 Critical 11951 Critical 11952 Critical 11953 Critical 12420 Critical 12421 Critical 12440 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 Click to Run 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes tiebuchen 1.0 2026-04-14T07:00:00 <p>Information published.</p> Microsoft Word Remote Code Execution Vulnerability <p>Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.</p> <p><strong>According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?</strong></p> <p>The word <strong>Remote</strong> in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.</p> <p><strong>Is the Preview Pane an attack vector for this vulnerability?</strong></p> <p>Yes, the Preview Pane is an attack vector.</p> Microsoft Office Word Microsoft Yes CVE-2026-33115 Use After Free 11762 11763 11951 11952 11953 12420 12421 12440 Remote Code Execution 11762 Remote Code Execution 11763 Remote Code Execution 11951 Remote Code Execution 11952 Remote Code Execution 11953 Remote Code Execution 12420 Remote Code Execution 12421 Remote Code Execution 12440 Critical 11762 Critical 11763 Critical 11951 Critical 11952 Critical 11953 Critical 12420 Critical 12421 Critical 12440 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11762 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11763 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11951 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11952 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11953 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12420 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12421 8.4 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12440 Click to Run 11762 11763 11952 11953 12420 12421 No Security Update https://aka.ms/OfficeSecurityReleases https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates 11762 11763 11952 11953 12420 12421 Click to Run Release Notes https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Maybe Security Update 16.108.26041219 https://go.microsoft.com/fwlink/p/?linkid=831049 11951 12440 Release Notes <a href="https://linkedin.com/in/ghirmay">Ghirmay Desta</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5292 Out of bounds read in WebCodecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5292 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5291 Inappropriate implementation in WebGL <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5291 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:56 <p>Information published.</p> Chromium: CVE-2026-5290 Use after free in Compositing <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5290 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:55 <p>Information published.</p> Chromium: CVE-2026-5277 Integer overflow in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5277 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:46 <p>Information published.</p> Chromium: CVE-2026-5276 Insufficient policy enforcement in WebUSB <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5276 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:45 <p>Information published.</p> Chromium: CVE-2026-5275 Heap buffer overflow in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5275 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:44 <p>Information published.</p> Chromium: CVE-2026-5274 Integer overflow in Codecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5274 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:43 <p>Information published.</p> Chromium: CVE-2026-5273 Use after free in CSS <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5273 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:42 <p>Information published.</p> Chromium: CVE-2026-5272 Heap buffer overflow in GPU <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>146.0.3856.97</td> <td>04/02/2026</td> <td>146.0.7680.178</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5272 11655 11655 11655 Release Notes 11655 No Security Update 146.0.3856.97 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-02T18:46:41 <p>Information published.</p> Windows TCP/IP Remote Code Execution Vulnerability <p>Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network.</p> <p><strong>According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?</strong></p> <p>Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine.</p> Windows TCP/IP Microsoft Yes CVE-2026-33827 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20853 20854 10852 10853 10816 10855 10378 10379 10483 10543 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 20853 Remote Code Execution 20854 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Remote Code Execution 10378 Remote Code Execution 10379 Remote Code Execution 10483 Remote Code Execution 10543 Critical 11568 Critical 11569 Critical 11571 Critical 11572 Critical 11923 Critical 11924 Critical 11929 Critical 11930 Critical 11931 Critical 12097 Critical 12098 Critical 12099 Critical 12437 Critical 20437 Critical 20438 Critical 12242 Critical 12243 Critical 12244 Critical 12389 Critical 12390 Critical 12436 Critical 20853 Critical 20854 Critical 10852 Critical 10853 Critical 10816 Critical 10855 Critical 10378 Critical 10379 Critical 10483 Critical 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10378 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10379 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10483 8.1 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20853 20854 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20853 20854 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 WARP & MORSE team at Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability <p>Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An unauthenticated attacker could send specially crafted packets to a Windows machine with Internet Key Exchange (IKE) version 2 enabled, which could enable remote code execution.</p> Windows IKE Extension Microsoft Yes CVE-2026-33824 Double Free 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20853 20854 10852 10853 10816 10855 Remote Code Execution 11568 Remote Code Execution 11569 Remote Code Execution 11571 Remote Code Execution 11572 Remote Code Execution 11923 Remote Code Execution 11924 Remote Code Execution 11929 Remote Code Execution 11930 Remote Code Execution 11931 Remote Code Execution 12097 Remote Code Execution 12098 Remote Code Execution 12099 Remote Code Execution 12437 Remote Code Execution 20437 Remote Code Execution 20438 Remote Code Execution 12242 Remote Code Execution 12243 Remote Code Execution 12244 Remote Code Execution 12389 Remote Code Execution 12390 Remote Code Execution 12436 Remote Code Execution 20853 Remote Code Execution 20854 Remote Code Execution 10852 Remote Code Execution 10853 Remote Code Execution 10816 Remote Code Execution 10855 Critical 11568 Critical 11569 Critical 11571 Critical 11572 Critical 11923 Critical 11924 Critical 11929 Critical 11930 Critical 11931 Critical 12097 Critical 12098 Critical 12099 Critical 12437 Critical 20437 Critical 20438 Critical 12242 Critical 12243 Critical 12244 Critical 12389 Critical 12390 Critical 12436 Critical 20853 Critical 20854 Critical 10852 Critical 10853 Critical 10816 Critical 10855 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11568 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11569 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11571 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11572 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11923 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11924 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11929 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11930 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 11931 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12097 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12098 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12099 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12437 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20437 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20438 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12242 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12243 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12244 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12389 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12390 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 12436 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20853 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 20854 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10852 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10853 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10816 9.8 8.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C 10855 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20853 20854 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20853 20854 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 <p>The following <a href="https://technet.microsoft.com/library/security/dn848375.aspx#Mitigation">mitigating factors</a> might be helpful in your situation:</p> <p>Customers who cannot immediately install the security update can take one of the following actions, depending on their environment:</p> <ul> <li>Block inbound traffic on UDP ports 500 and 4500 for systems that do not use IKE.</li> <li>For systems that require IKE, configure firewall rules to allow inbound traffic on UDP ports 500 and 4500 only from known peer addresses.</li> </ul> <p><em><strong>These actions reduce the attack surface but do not replace installing the security update when it becomes available.</strong></em></p> WARP & MORSE team at Microsoft WARP & MORSE team at Microsoft 1.0 2026-04-14T07:00:00 <p>Information published.</p> Windows Snipping Tool Spoofing Vulnerability <p>Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker must induce the user into launching a crafted malicious link and confirming the launch of the Snipping Tool program.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>How could an attacker exploit this vulnerability?</strong></p> <p>An attacker could induce the user into clicking a specially crafted link in a Web browser or other URL source, by embedding it in a Web page or email message. If the user approves the launching of the link, the crafted URL can induce the computer to connect to an SMB server of the attacker’s choosing, which would disclose the user’s NTLMv2 hash to the attacker, who could use this to authenticate as the user.</p> Windows Snipping Tool Microsoft Yes CVE-2026-33829 Exposure of Sensitive Information to an Unauthorized Actor 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 20853 20854 10852 10853 10816 10855 10378 10379 10483 10543 Spoofing 11568 Spoofing 11569 Spoofing 11571 Spoofing 11572 Spoofing 11923 Spoofing 11924 Spoofing 11929 Spoofing 11930 Spoofing 11931 Spoofing 12097 Spoofing 12098 Spoofing 12099 Spoofing 12437 Spoofing 20437 Spoofing 20438 Spoofing 12242 Spoofing 12243 Spoofing 12244 Spoofing 12389 Spoofing 12390 Spoofing 12436 Spoofing 20853 Spoofing 20854 Spoofing 10852 Spoofing 10853 Spoofing 10816 Spoofing 10855 Spoofing 10378 Spoofing 10379 Spoofing 10483 Spoofing 10543 Moderate 11568 Moderate 11569 Moderate 11571 Moderate 11572 Moderate 11923 Moderate 11924 Moderate 11929 Moderate 11930 Moderate 11931 Moderate 12097 Moderate 12098 Moderate 12099 Moderate 12437 Moderate 20437 Moderate 20438 Moderate 12242 Moderate 12243 Moderate 12244 Moderate 12389 Moderate 12390 Moderate 12436 Moderate 20853 Moderate 20854 Moderate 10852 Moderate 10853 Moderate 10816 Moderate 10855 Moderate 10378 Moderate 10379 Moderate 10483 Moderate 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11568 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11569 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11571 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11572 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11923 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11924 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11929 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11930 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11931 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12097 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12098 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12099 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12437 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20437 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20438 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12242 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12243 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12244 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12389 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12390 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 12436 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20853 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 20854 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10852 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10853 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10816 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10855 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10378 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10379 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10483 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 10543 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20853 20854 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20853 20854 5083768 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 <a href="https://www.linkedin.com/in/mdiazcast/">Marcos D&#237;az</a> with <a href="https://www.tarlogic.com/blackarrow/">Blackarrow (Tarlogic)</a> 1.0 2026-04-14T07:00:00 <p>Information published.</p> Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability <p>Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.</p> <p><strong>What type of information could be disclosed by this vulnerability?</strong></p> <p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is file content.</p> Universal Plug and Play (upnp.dll) Microsoft Yes CVE-2026-32214 Improper Access Control 20854 20853 11568 11569 11571 11572 11923 11924 11929 11930 11931 12097 12098 12099 12437 20437 20438 12242 12243 12244 12389 12390 12436 10852 10853 10816 10855 10378 10379 10483 10543 Information Disclosure 20854 Information Disclosure 20853 Information Disclosure 11568 Information Disclosure 11569 Information Disclosure 11571 Information Disclosure 11572 Information Disclosure 11923 Information Disclosure 11924 Information Disclosure 11929 Information Disclosure 11930 Information Disclosure 11931 Information Disclosure 12097 Information Disclosure 12098 Information Disclosure 12099 Information Disclosure 12437 Information Disclosure 20437 Information Disclosure 20438 Information Disclosure 12242 Information Disclosure 12243 Information Disclosure 12244 Information Disclosure 12389 Information Disclosure 12390 Information Disclosure 12436 Information Disclosure 10852 Information Disclosure 10853 Information Disclosure 10816 Information Disclosure 10855 Information Disclosure 10378 Information Disclosure 10379 Information Disclosure 10483 Information Disclosure 10543 Important 20854 Important 20853 Important 11568 Important 11569 Important 11571 Important 11572 Important 11923 Important 11924 Important 11929 Important 11930 Important 11931 Important 12097 Important 12098 Important 12099 Important 12437 Important 20437 Important 20438 Important 12242 Important 12243 Important 12244 Important 12389 Important 12390 Important 12436 Important 10852 Important 10853 Important 10816 Important 10855 Important 10378 Important 10379 Important 10483 Important 10543 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20854 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11568 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11569 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11571 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11572 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11923 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11924 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11929 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11930 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 11931 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12097 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12098 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12099 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20437 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 20438 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12242 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12243 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12244 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12389 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12390 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 12436 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10852 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10853 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10816 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10855 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10378 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10379 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10483 5.5 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C 10543 5083768 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083768 5079466 20854 20853 Yes Security Update 10.0.28000.1836 https://support.microsoft.com/help/5083768 20854 20853 5083768 5082123 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082123 5078752 11568 11569 11571 11572 Yes Security Update 10.0.17763.8644 https://support.microsoft.com/help/5082123 11568 11569 11571 11572 5082123 5082142 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082142 5078766 11923 11924 Yes Security Update 10.0.20348.5020 https://support.microsoft.com/help/5082142 11923 11924 5082142 5082142 https://support.microsoft.com/help/5082142 11923 11924 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 11929 11930 11931 Yes Security Update 10.0.19044.7184 https://support.microsoft.com/help/5082200 11929 11930 11931 5082200 5082200 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082200 5078885 12097 12098 12099 Yes Security Update 10.0.19045.7184 https://support.microsoft.com/help/5082200 12097 12098 12099 5082200 5082063 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082063 5078740 12437 12436 Yes Security Update 10.0.26100.32690 https://support.microsoft.com/help/5082063 12437 12436 5082063 5082063 https://support.microsoft.com/help/5082063 12437 12436 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5079473 20437 20438 Yes Security Update 10.0.26200.8246 https://support.microsoft.com/help/5083769 20437 20438 5083769 5082052 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082052 5078883 12242 12243 Yes Security Update 10.0.22631.6936 https://support.microsoft.com/help/5082052 12242 12243 5082052 5082060 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082060 5078734 12244 Yes Security Update 10.0.25398.2274 https://support.microsoft.com/help/5082060 12244 5082060 5082060 https://support.microsoft.com/help/5082060 12244 5083769 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5083769 5078740 12389 12390 Yes Security Update 10.0.26100.8246 https://support.microsoft.com/help/5083769 12389 12390 5083769 5082198 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082198 5078938 10852 10853 10816 10855 Yes Security Update 10.0.14393.9060 https://support.microsoft.com/help/5082198 10852 10853 10816 10855 5082198 5082127 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082127 5078775 10378 10379 Yes Monthly Rollup 6.2.9200.26026 https://support.microsoft.com/help/5082127 10378 10379 5082127 5082126 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082126 5078774 10483 10543 Yes Monthly Rollup 6.3.9600.23132 https://support.microsoft.com/help/5082126 10483 10543 5082126 Anonymous 1.0 2026-04-14T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5899 Incorrect security UI in History Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5899 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:48 <p>Information published.</p> Microsoft Edge (Chromium-based) Spoofing Vulnerability <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>An attacker would have to send the victim a malicious file that the victim would have to execute.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2026-33118 User Interface (UI) Misrepresentation of Critical Information 11655 Spoofing 11655 Low 11655 Publicly Disclosed:No;Exploited:No 4.3 3.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes nakanoou 1.0 2026-04-10T07:00:00 <p>Information published.</p> Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability <p>User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.</p> <p><strong>According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability?</strong></p> <p>An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).</p> <p><strong>According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?</strong></p> <p>Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. * In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.</p> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Microsoft Yes CVE-2026-33119 User Interface (UI) Misrepresentation of Critical Information 11815 Spoofing 11815 Moderate 11815 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unlikely 5.4 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C 11815 Release Notes 11815 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11815 Release Notes <a href="https://twitter.com/renwax23">Renwa (@RenwaX23)</a> <a href="https://www.linkedin.com/in/jodyritonga/">Jody Ritonga</a> with test 1.0 2026-04-10T07:00:00 <p>Information published.</p> Chromium: CVE-2026-5896 Policy bypass in Audio <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5896 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:45 <p>Information published.</p> Chromium: CVE-2026-5897 Incorrect security UI in Downloads <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5897 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:46 <p>Information published.</p> Chromium: CVE-2026-5898 Incorrect security UI in Omnibox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5898 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:47 <p>Information published.</p> Chromium: CVE-2026-5894 Inappropriate implementation in PDF <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5894 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:43 <p>Information published.</p> Chromium: CVE-2026-5895 Incorrect security UI in Omnibox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5895 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:44 <p>Information published.</p> Chromium: CVE-2026-5889 Cryptographic Flaw in PDFium <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5889 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:38 <p>Information published.</p> Chromium: CVE-2026-5892 Insufficient policy enforcement in PWAs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5892 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:41 <p>Information published.</p> Chromium: CVE-2026-5890 Race in WebCodecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5890 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:39 <p>Information published.</p> Chromium: CVE-2026-5893 Race in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5893 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:42 <p>Information published.</p> Chromium: CVE-2026-5884 Insufficient validation of untrusted input in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5884 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:33 <p>Information published.</p> Chromium: CVE-2026-5887 Insufficient validation of untrusted input in Downloads <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5887 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:36 <p>Information published.</p> Chromium: CVE-2026-5883 Use after free in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5883 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:32 <p>Information published.</p> Chromium: CVE-2026-5879 Insufficient validation of untrusted input in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5879 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:28 <p>Information published.</p> Chromium: CVE-2026-5885 Insufficient validation of untrusted input in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5885 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:34 <p>Information published.</p> Chromium: CVE-2026-5891 Insufficient policy enforcement in browser UI <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5891 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:40 <p>Information published.</p> Chromium: CVE-2026-5881 Policy bypass in LocalNetworkAccess <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5881 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:30 <p>Information published.</p> Chromium: CVE-2026-5878 Incorrect security UI in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5878 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:27 <p>Information published.</p> Chromium: CVE-2026-5877 Use after free in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5877 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:26 <p>Information published.</p> Chromium: CVE-2026-5888 Uninitialized Use in WebCodecs <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5888 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:37 <p>Information published.</p> Chromium: CVE-2026-5874 Use after free in PrivateAI <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5874 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:23 <p>Information published.</p> Chromium: CVE-2026-5886 Out of bounds read in WebAudio <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5886 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:35 <p>Information published.</p> Chromium: CVE-2026-5876 Side-channel information leakage in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5876 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:25 <p>Information published.</p> Chromium: CVE-2026-5872 Use after free in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5872 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:21 <p>Information published.</p> Chromium: CVE-2026-5875 Policy bypass in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5875 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:24 <p>Information published.</p> Chromium: CVE-2026-5873 Out of bounds read and write in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5873 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:22 <p>Information published.</p> Chromium: CVE-2026-5871 Type Confusion in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5871 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:20 <p>Information published.</p> Chromium: CVE-2026-5867 Heap buffer overflow in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5867 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:16 <p>Information published.</p> Chromium: CVE-2026-5868 Heap buffer overflow in ANGLE <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5868 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:17 <p>Information published.</p> Chromium: CVE-2026-5866 Use after free in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5866 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:15 <p>Information published.</p> Chromium: CVE-2026-5869 Heap buffer overflow in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5869 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:18 <p>Information published.</p> Chromium: CVE-2026-5864 Heap buffer overflow in WebAudio <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5864 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:13 <p>Information published.</p> Chromium: CVE-2026-5861 Use after free in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5861 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:10 <p>Information published.</p> Chromium: CVE-2026-5862 Inappropriate implementation in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5862 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:11 <p>Information published.</p> Chromium: CVE-2026-5860 Use after free in WebRTC <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5860 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:09 <p>Information published.</p> Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5919 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:06 <p>Information published.</p> Chromium: CVE-2026-5858 Heap buffer overflow in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5858 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:05 <p>Information published.</p> Chromium: CVE-2026-5859 Integer overflow in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5859 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:08 <p>Information published.</p> Chromium: CVE-2026-5918 Inappropriate implementation in Navigation <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5918 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:05 <p>Information published.</p> Chromium: CVE-2026-5863 Inappropriate implementation in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5863 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:12 <p>Information published.</p> Chromium: CVE-2026-5913 Out of bounds read in Blink <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5913 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:02 <p>Information published.</p> Chromium: CVE-2026-5912 Integer overflow in WebRTC <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5912 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:01 <p>Information published.</p> Chromium: CVE-2026-5914 Type Confusion in CSS <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5914 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:03 <p>Information published.</p> Chromium: CVE-2026-5865 Type Confusion in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5865 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:14 <p>Information published.</p> Chromium: CVE-2026-5870 Integer overflow in Skia <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5870 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:18 <p>Information published.</p> Chromium: CVE-2026-5915 Insufficient validation of untrusted input in WebML <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5915 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:04 <p>Information published.</p> Chromium: CVE-2026-5908 Integer overflow in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5908 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:57 <p>Information published.</p> Chromium: CVE-2026-5909 Integer overflow in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5909 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:58 <p>Information published.</p> Chromium: CVE-2026-5905 Incorrect security UI in Permissions <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5905 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:54 <p>Information published.</p> Chromium: CVE-2026-5911 Policy bypass in ServiceWorkers <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5911 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:32:00 <p>Information published.</p> Chromium: CVE-2026-5906 Incorrect security UI in Omnibox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5906 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:55 <p>Information published.</p> Chromium: CVE-2026-5907 Insufficient data validation in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5907 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:56 <p>Information published.</p> Chromium: CVE-2026-5901 Policy bypass in DevTools <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5901 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:50 <p>Information published.</p> Chromium: CVE-2026-5904 Use after free in V8 <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5904 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:53 <p>Information published.</p> Chromium: CVE-2026-5910 Integer overflow in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5910 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:59 <p>Information published.</p> Chromium: CVE-2026-5900 Policy bypass in Downloads <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5900 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:49 <p>Information published.</p> Chromium: CVE-2026-5903 Policy bypass in IFrameSandbox <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5903 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:52 <p>Information published.</p> Chromium: CVE-2026-5902 Race in Media <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5902 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:51 <p>Information published.</p> Chromium: CVE-2026-5882 Incorrect security UI in Fullscreen <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5882 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:31 <p>Information published.</p> Chromium: CVE-2026-5880 Incorrect security UI in browser UI <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026">Google Chrome Releases</a> for more information.</p> <p><strong>Why is this Chrome CVE included in the Security Update Guide?</strong></p> <p>The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.</p> <p><strong>How can I see the version of the browser?</strong></p> <ol> <li>In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window</li> <li>Click on <strong>Help and Feedback</strong></li> <li>Click on <strong>About Microsoft Edge</strong></li> </ol> <p><strong>What is the version information for this release?</strong></p> <table> <thead> <tr> <th>Microsoft Edge Version</th> <th>Date Released</th> <th>Based on Chromium Version</th> </tr> </thead> <tbody> <tr> <td>147.0.3912.60</td> <td>04/10/2026</td> <td>147.0.7727.55/.56</td> </tr> </tbody> </table> Microsoft Edge (Chromium-based) Chrome Yes CVE-2026-5880 11655 11655 11655 Release Notes 11655 No Security Update 147.0.3912.60 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security 11655 Release Notes 1.0 2026-04-10T17:31:29 <p>Information published.</p> .NET Framework Denial of Service Vulnerability <p>Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.</p> .NET Framework Microsoft Yes CVE-2026-23666 Improper Handling of Exceptional Conditions 11650-10852 11650-10853 11650-10378 11650-10379 11650-10483 11650-10543 11676-11568 11676-11569 11676-11570 11676-11923 11676-11924 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 11677-11568 11677-11569 11677-11570 11863-10378 11863-10379 11863-10483 11863-10543 12079-11923 12079-11924 12079-11929 12079-11930 12079-11931 12079-12085 12079-12086 12079-12097 12079-12098 12079-12099 12079-20437 12079-20438 12079-12242 12079-12243 12079-12244 12079-12389 12079-12390 2472-10378 2472-10379 2472-10483 2472-10543 12079-12437 12079-20853 12079-12436 12079-20854 Denial of Service 11650-10852 Denial of Service 11650-10853 Denial of Service 11650-10378 Denial of Service 11650-10379 Denial of Service 11650-10483 Denial of Service 11650-10543 Denial of Service 11676-11568 Denial of Service 11676-11569 Denial of Service 11676-11570 Denial of Service 11676-11923 Denial of Service 11676-11924 Denial of Service 11676-11929 Denial of Service 11676-11930 Denial of Service 11676-11931 Denial of Service 11676-12097 Denial of Service 11676-12098 Denial of Service 11676-12099 Denial of Service 11677-11568 Denial of Service 11677-11569 Denial of Service 11677-11570 Denial of Service 11863-10378 Denial of Service 11863-10379 Denial of Service 11863-10483 Denial of Service 11863-10543 Denial of Service 12079-11923 Denial of Service 12079-11924 Denial of Service 12079-11929 Denial of Service 12079-11930 Denial of Service 12079-11931 Denial of Service 12079-12085 Denial of Service 12079-12086 Denial of Service 12079-12097 Denial of Service 12079-12098 Denial of Service 12079-12099 Denial of Service 12079-20437 Denial of Service 12079-20438 Denial of Service 12079-12242 Denial of Service 12079-12243 Denial of Service 12079-12244 Denial of Service 12079-12389 Denial of Service 12079-12390 Denial of Service 2472-10378 Denial of Service 2472-10379 Denial of Service 2472-10483 Denial of Service 2472-10543 Denial of Service 12079-12437 Denial of Service 12079-20853 Denial of Service 12079-12436 Denial of Service 12079-20854 Critical 11650-10852 Critical 11650-10853 Critical 11650-10378 Critical 11650-10379 Critical 11650-10483 Critical 11650-10543 Critical 11676-11568 Critical 11676-11569 Critical 11676-11570 Critical 11676-11923 Critical 11676-11924 Critical 11676-11929 Critical 11676-11930 Critical 11676-11931 Critical 11676-12097 Critical 11676-12098 Critical 11676-12099 Critical 11677-11568 Critical 11677-11569 Critical 11677-11570 Critical 11863-10378 Critical 11863-10379 Critical 11863-10483 Critical 11863-10543 Critical 12079-11923 Critical 12079-11924 Critical 12079-11929 Critical 12079-11930 Critical 12079-11931 Critical 12079-12085 Critical 12079-12086 Critical 12079-12097 Critical 12079-12098 Critical 12079-12099 Critical 12079-20437 Critical 12079-20438 Critical 12079-12242 Critical 12079-12243 Critical 12079-12244 Critical 12079-12389 Critical 12079-12390 Critical 2472-10378 Critical 2472-10379 Critical 2472-10483 Critical 2472-10543 Critical 12079-12437 Critical 12079-20853 Critical 12079-12436 Critical 12079-20854 Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10852 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10853 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10378 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10379 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10483 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11650-10543 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11568 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11569 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11570 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11923 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11924 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11929 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11930 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-11931 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-12097 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-12098 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11676-12099 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11677-11568 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11677-11569 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11677-11570 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11863-10378 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11863-10379 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11863-10483 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 11863-10543 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11923 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11924 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11929 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11930 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-11931 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12085 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12086 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12097 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12098 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12099 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-20437 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-20438 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12242 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12243 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12244 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12389 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12390 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 2472-10378 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 2472-10379 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 2472-10483 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 2472-10543 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12437 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-20853 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-12436 7.5 6.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C 12079-20854 5082411 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082411 11650-10852 11650-10853 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082411 11650-10852 11650-10853 5082411 5082403 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082403 11650-10378 11650-10379 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082403 11650-10378 11650-10379 5082403 5082404 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082404 11650-10483 11650-10543 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082404 11650-10483 11650-10543 5082404 5082414 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082414 11676-11568 11676-11569 11676-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.8.4801.0 https://support.microsoft.com/help/5082414 11676-11568 11676-11569 11676-11570 5082414 5082427 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082427 11676-11923 11676-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082427 11676-11923 11676-11924 5082427 5082426 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.4801.0 https://support.microsoft.com/help/5082426 11676-11929 11676-11930 11676-11931 11676-12097 11676-12098 11676-12099 5082426 5082413 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082413 11677-11568 11677-11569 11677-11570 Maybe Security Update 2.0.50727.9068 & 3.0.30729.9065 & 4.7.4141.0 https://support.microsoft.com/help/5082413 11677-11568 11677-11569 11677-11570 5082413 5082400 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082400 11863-10378 11863-10379 Maybe Security Update 4.8.4801.0 https://support.microsoft.com/help/5082400 11863-10378 11863-10379 5082400 5082402 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082402 11863-10483 11863-10543 Maybe Security Update 4.7.4141.0 https://support.microsoft.com/help/5082402 11863-10483 11863-10543 5082402 5082425 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082425 12079-11923 12079-11924 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082425 12079-11923 12079-11924 5082425 5082419 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082419 12079-11929 12079-11930 12079-11931 12079-12097 12079-12098 12079-12099 5082419 5082424 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082424 12079-12085 12079-12086 12079-12242 12079-12243 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082424 12079-12085 12079-12086 12079-12242 12079-12243 5082424 5082417 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082417 12079-20437 12079-20438 12079-12437 12079-12436 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082417 12079-20437 12079-20438 12079-12437 12079-12436 5082417 5082418 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082418 12079-12244 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082418 12079-12244 5082418 5082420 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082420 12079-12389 12079-12390 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082420 12079-12389 12079-12390 5082420 5082398 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082398 2472-10378 2472-10379 Maybe Security Update 2.0.50727.8982 & 3.0.30729.8976 https://support.microsoft.com/help/5082398 2472-10378 2472-10379 5082398 5082406 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082406 2472-10483 2472-10543 Maybe Security Update 2.0.50727.8982 & 3.0.30729.8976 https://support.microsoft.com/help/5082406 2472-10483 2472-10543 5082406 5082421 https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5082421 12079-20853 12079-20854 Maybe Security Update 2.0.50727.9181 & 3.0.30729.9165 & 4.8.9332.0 https://support.microsoft.com/help/5082421 12079-20853 12079-20854 5082421 Anonymous 1.1 2026-04-15T07:00:00 <p>Executive Summary updated</p> 1.0 2026-04-14T07:00:00 <p>Information published.</p>