Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 08 Jun 2026 11:34:58 +0000 4c321acc-33b8-4548-9960-4aaa6c44a880 https://vulnerability.circl.lu/sighting/4c321acc-33b8-4548-9960-4aaa6c44a880/export {"uuid": "4c321acc-33b8-4548-9960-4aaa6c44a880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32175", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"} {"uuid": "4c321acc-33b8-4548-9960-4aaa6c44a880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32175", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"} https://vulnerability.circl.lu/sighting/4c321acc-33b8-4548-9960-4aaa6c44a880/export Wed, 13 May 2026 01:08:48 +0000 0c41a1f8-5fd3-482f-9fcd-f75601636c0f https://vulnerability.circl.lu/sighting/0c41a1f8-5fd3-482f-9fcd-f75601636c0f/export {"uuid": "0c41a1f8-5fd3-482f-9fcd-f75601636c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32177", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"} {"uuid": "0c41a1f8-5fd3-482f-9fcd-f75601636c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32177", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"} https://vulnerability.circl.lu/sighting/0c41a1f8-5fd3-482f-9fcd-f75601636c0f/export Wed, 13 May 2026 01:08:48 +0000 3de4263d-7450-4b48-9823-2774fb467b0e https://vulnerability.circl.lu/sighting/3de4263d-7450-4b48-9823-2774fb467b0e/export {"uuid": "3de4263d-7450-4b48-9823-2774fb467b0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32170", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"} {"uuid": "3de4263d-7450-4b48-9823-2774fb467b0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32170", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"} https://vulnerability.circl.lu/sighting/3de4263d-7450-4b48-9823-2774fb467b0e/export Wed, 13 May 2026 01:08:48 +0000 9d5cbf1a-d4a2-4c1b-b1d1-7c3790bff4cb https://vulnerability.circl.lu/sighting/9d5cbf1a-d4a2-4c1b-b1d1-7c3790bff4cb/export {"uuid": "9d5cbf1a-d4a2-4c1b-b1d1-7c3790bff4cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32177", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mlqjcyf55r2a", "content": "\ud83d\udd17 CVE : CVE-2026-32177, CVE-2026-42899, CVE-2026-32177, CVE-2026-42899", "creation_timestamp": "2026-05-13T14:30:33.414763Z"} {"uuid": "9d5cbf1a-d4a2-4c1b-b1d1-7c3790bff4cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32177", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mlqjcyf55r2a", "content": "\ud83d\udd17 CVE : CVE-2026-32177, CVE-2026-42899, CVE-2026-32177, CVE-2026-42899", "creation_timestamp": "2026-05-13T14:30:33.414763Z"} https://vulnerability.circl.lu/sighting/9d5cbf1a-d4a2-4c1b-b1d1-7c3790bff4cb/export Wed, 13 May 2026 14:30:33 +0000 ca34932b-8395-4108-bbdf-e1ddcaa265c2 https://vulnerability.circl.lu/sighting/ca34932b-8395-4108-bbdf-e1ddcaa265c2/export {"uuid": "ca34932b-8395-4108-bbdf-e1ddcaa265c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32177", "type": "seen", "source": "https://gist.github.com/alon710/20feb3751f65ab167c104ebcd62a67d5", "content": "# CVE-2026-32177: CVE-2026-32177: Heap-Based Buffer Overflow in .NET Core and Visual Studio\n\n> **CVSS Score:** 7.3\n> **Published:** 2026-05-12\n> **Full Report:** https://cvereports.com/reports/CVE-2026-32177\n\n## Summary\nCVE-2026-32177 is a high-severity heap-based buffer overflow affecting multiple versions of Microsoft .NET and Visual Studio. Triggered by insufficient input validation during file processing, the vulnerability permits local privilege escalation when a user opens a specially crafted file.\n\n## TL;DR\nA heap-based buffer overflow in the .NET runtime allows local privilege escalation when users open maliciously crafted files in vulnerable host applications like Visual Studio.\n\n## Technical Details\n\n- **CWE ID**: CWE-122\n- **Attack Vector**: Local (AV:L)\n- **CVSS v3.1 Score**: 7.3 (High)\n- **EPSS Probability**: 0.10%\n- **Primary Impact**: Local Elevation of Privilege\n- **Exploit Status**: Unexploited / No PoC\n- **CISA KEV**: Not Listed\n\n## Affected Systems\n\n- .NET 10.0\n- .NET 9.0\n- .NET 8.0\n- Microsoft .NET Framework 3.5\n- Microsoft .NET Framework 4.7.2\n- Microsoft .NET Framework 4.8\n- Microsoft .NET Framework 4.8.1\n- Microsoft Visual Studio 2022\n- Microsoft Visual Studio 2026\n- **.NET 10.0**: 10.0.0 to 10.0.7 (Fixed in: `10.0.8`)\n- **.NET 9.0**: 9.0.0 to 9.0.15 (Fixed in: `9.0.16`)\n- **.NET 8.0**: 8.0.0 to 8.0.26 (Fixed in: `8.0.27`)\n- **Microsoft .NET Framework 3.5, 4.7.2, 4.8, 4.8.1**: All prior to patch (Fixed in: `4.8.9334.0 / 4.8.4802.0`)\n- **Microsoft Visual Studio 2022**: 17.12.0 to 17.12.19, 17.14.0 to 17.14.30 (Fixed in: `17.12.20 / 17.14.31`)\n- **Microsoft Visual Studio 2026**: 18.5.0 to 18.5.2 (Fixed in: `18.5.3`)\n\n## Mitigation\n\n- Apply Microsoft May 2026 Patch Tuesday security updates across all affected .NET environments.\n- Enforce the principle of least privilege to prevent users from running development tools or applications with administrative rights.\n- Implement file screening and security controls to block suspicious or untrusted files.\n\n**Remediation Steps:**\n1. Inventory all systems running .NET 8.0, 9.0, 10.0, and .NET Framework.\n2. Identify installations of Visual Studio 2022 and 2026.\n3. Deploy the specific fixed versions listed in the MSRC advisory (e.g., .NET 10.0.8, VS 2026 18.5.3).\n4. Verify the patch installation by checking assembly file versions.\n\n## References\n\n- [MSRC Advisory](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32177)\n- [CVE.org Record](https://www.cve.org/CVERecord?id=CVE-2026-32177)\n- [NVD Record](https://nvd.nist.gov/vuln/detail/CVE-2026-32177)\n- [ZDI May 2026 Review](https://www.zerodayinitiative.com/blog/2026/5/12/the-may-2026-security-update-review)\n- [OffSeq Threat Radar](https://radar.offseq.com/threat/cve-2026-32177-cwe-122-heap-based-buffer-overflow--a6e5dc9f)\n- [Rapid7 Analysis](https://www.rapid7.com/blog/post/em-patch-tuesday-may-2026/)\n- [Sophos Blog](https://www.sophos.com/en-us/blog/may-patch-tuesday-hauls-out-132-cves)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-32177) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-19T08:40:50.000000Z"} {"uuid": "ca34932b-8395-4108-bbdf-e1ddcaa265c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32177", "type": "seen", "source": "https://gist.github.com/alon710/20feb3751f65ab167c104ebcd62a67d5", "content": "# CVE-2026-32177: CVE-2026-32177: Heap-Based Buffer Overflow in .NET Core and Visual Studio\n\n> **CVSS Score:** 7.3\n> **Published:** 2026-05-12\n> **Full Report:** https://cvereports.com/reports/CVE-2026-32177\n\n## Summary\nCVE-2026-32177 is a high-severity heap-based buffer overflow affecting multiple versions of Microsoft .NET and Visual Studio. Triggered by insufficient input validation during file processing, the vulnerability permits local privilege escalation when a user opens a specially crafted file.\n\n## TL;DR\nA heap-based buffer overflow in the .NET runtime allows local privilege escalation when users open maliciously crafted files in vulnerable host applications like Visual Studio.\n\n## Technical Details\n\n- **CWE ID**: CWE-122\n- **Attack Vector**: Local (AV:L)\n- **CVSS v3.1 Score**: 7.3 (High)\n- **EPSS Probability**: 0.10%\n- **Primary Impact**: Local Elevation of Privilege\n- **Exploit Status**: Unexploited / No PoC\n- **CISA KEV**: Not Listed\n\n## Affected Systems\n\n- .NET 10.0\n- .NET 9.0\n- .NET 8.0\n- Microsoft .NET Framework 3.5\n- Microsoft .NET Framework 4.7.2\n- Microsoft .NET Framework 4.8\n- Microsoft .NET Framework 4.8.1\n- Microsoft Visual Studio 2022\n- Microsoft Visual Studio 2026\n- **.NET 10.0**: 10.0.0 to 10.0.7 (Fixed in: `10.0.8`)\n- **.NET 9.0**: 9.0.0 to 9.0.15 (Fixed in: `9.0.16`)\n- **.NET 8.0**: 8.0.0 to 8.0.26 (Fixed in: `8.0.27`)\n- **Microsoft .NET Framework 3.5, 4.7.2, 4.8, 4.8.1**: All prior to patch (Fixed in: `4.8.9334.0 / 4.8.4802.0`)\n- **Microsoft Visual Studio 2022**: 17.12.0 to 17.12.19, 17.14.0 to 17.14.30 (Fixed in: `17.12.20 / 17.14.31`)\n- **Microsoft Visual Studio 2026**: 18.5.0 to 18.5.2 (Fixed in: `18.5.3`)\n\n## Mitigation\n\n- Apply Microsoft May 2026 Patch Tuesday security updates across all affected .NET environments.\n- Enforce the principle of least privilege to prevent users from running development tools or applications with administrative rights.\n- Implement file screening and security controls to block suspicious or untrusted files.\n\n**Remediation Steps:**\n1. Inventory all systems running .NET 8.0, 9.0, 10.0, and .NET Framework.\n2. Identify installations of Visual Studio 2022 and 2026.\n3. Deploy the specific fixed versions listed in the MSRC advisory (e.g., .NET 10.0.8, VS 2026 18.5.3).\n4. Verify the patch installation by checking assembly file versions.\n\n## References\n\n- [MSRC Advisory](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32177)\n- [CVE.org Record](https://www.cve.org/CVERecord?id=CVE-2026-32177)\n- [NVD Record](https://nvd.nist.gov/vuln/detail/CVE-2026-32177)\n- [ZDI May 2026 Review](https://www.zerodayinitiative.com/blog/2026/5/12/the-may-2026-security-update-review)\n- [OffSeq Threat Radar](https://radar.offseq.com/threat/cve-2026-32177-cwe-122-heap-based-buffer-overflow--a6e5dc9f)\n- [Rapid7 Analysis](https://www.rapid7.com/blog/post/em-patch-tuesday-may-2026/)\n- [Sophos Blog](https://www.sophos.com/en-us/blog/may-patch-tuesday-hauls-out-132-cves)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-32177) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-19T08:40:50.000000Z"} https://vulnerability.circl.lu/sighting/ca34932b-8395-4108-bbdf-e1ddcaa265c2/export Tue, 19 May 2026 08:40:50 +0000 d0ba6592-131e-40d9-b83a-942de007e73a https://vulnerability.circl.lu/sighting/d0ba6592-131e-40d9-b83a-942de007e73a/export {"uuid": "d0ba6592-131e-40d9-b83a-942de007e73a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32175", "type": "seen", "source": "https://gist.github.com/alon710/261ffaf79cb2412380434d62f37902b8", "content": "# CVE-2026-32175: CVE-2026-32175: Absolute Path Traversal and Arbitrary File Write in .NET Core Archive Extraction\n\n> **CVSS Score:** 7.5\n> **Published:** 2026-05-12\n> **Full Report:** https://cvereports.com/reports/CVE-2026-32175\n\n## Summary\nCVE-2026-32175 is a high-severity tampering vulnerability affecting .NET Core versions 8.0, 9.0, and 10.0 on Windows platforms. The vulnerability stems from an Absolute Path Traversal (CWE-36) flaw in the extraction mechanisms handling NuGet packages and application bundles. An unauthenticated remote attacker can exploit this weakness by providing a specially crafted archive file. The extraction logic fails to sanitize archive entry names containing absolute paths, leading to arbitrary file writes on the host system. Successful exploitation allows the attacker to compromise application integrity by overwriting critical system files or planting malicious executables.\n\n## TL;DR\nA path traversal vulnerability in .NET Core's archive extraction logic allows unauthenticated attackers to write arbitrary files to the filesystem by crafting malicious NuGet packages or application bundles.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-36\n- **Attack Vector**: Network\n- **CVSS Score**: 7.5 (High)\n- **Impact**: High Integrity (Arbitrary File Write)\n- **Exploit Status**: Proof of Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Windows x86\n- Windows x64\n- Windows ARM\n- Windows ARM64\n- CI/CD Environments executing vulnerable .NET SDKs\n- **.NET 10.0**: 10.0.0 to 10.0.7 (Fixed in: `10.0.8`)\n- **.NET 9.0**: 9.0.0 to 9.0.15 (Fixed in: `9.0.16`)\n- **.NET 8.0**: 8.0.0 to 8.0.26 (Fixed in: `8.0.27`)\n- **Visual Studio 2026 (v18.5)**: < 18.5.3 (Fixed in: `18.5.3`)\n- **Visual Studio 2022 (v17.14)**: < 17.14.31 (Fixed in: `17.14.31`)\n\n## Mitigation\n\n- Update .NET SDK and Runtimes to the latest available servicing releases.\n- Update all instances of Visual Studio to integrate the patched SDK versions.\n- Implement strict package source mapping to restrict dependency resolution to trusted registries.\n- Recompile and redeploy all existing self-contained applications built with affected .NET versions.\n\n**Remediation Steps:**\n1. Identify all systems running .NET 8.0, 9.0, or 10.0 using inventory management tools.\n2. Execute `dotnet --info` on hosts to determine the current active runtime versions.\n3. Deploy .NET versions 10.0.8, 9.0.16, or 8.0.27 to the affected systems.\n4. Trigger rebuild pipelines for self-contained applications ensuring the CI/CD runners possess the updated SDK.\n5. Validate the patch deployment by re-running the version verification commands.\n\n## References\n\n- [Microsoft Security Response Center Advisory](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32175)\n- [.NET GitHub Announcements](https://github.com/dotnet/announcements/issues/396)\n- [GitHub Security Advisory (GHSA)](https://github.com/dotnet/runtime/security/advisories/GHSA-rg75-q538-x34v)\n- [OSV Entry for GHSA-rg75-q538-x34v](https://osv.dev/vulnerability/GHSA-rg75-q538-x34v)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-32175) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-20T11:20:50.000000Z"} {"uuid": "d0ba6592-131e-40d9-b83a-942de007e73a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32175", "type": "seen", "source": "https://gist.github.com/alon710/261ffaf79cb2412380434d62f37902b8", "content": "# CVE-2026-32175: CVE-2026-32175: Absolute Path Traversal and Arbitrary File Write in .NET Core Archive Extraction\n\n> **CVSS Score:** 7.5\n> **Published:** 2026-05-12\n> **Full Report:** https://cvereports.com/reports/CVE-2026-32175\n\n## Summary\nCVE-2026-32175 is a high-severity tampering vulnerability affecting .NET Core versions 8.0, 9.0, and 10.0 on Windows platforms. The vulnerability stems from an Absolute Path Traversal (CWE-36) flaw in the extraction mechanisms handling NuGet packages and application bundles. An unauthenticated remote attacker can exploit this weakness by providing a specially crafted archive file. The extraction logic fails to sanitize archive entry names containing absolute paths, leading to arbitrary file writes on the host system. Successful exploitation allows the attacker to compromise application integrity by overwriting critical system files or planting malicious executables.\n\n## TL;DR\nA path traversal vulnerability in .NET Core's archive extraction logic allows unauthenticated attackers to write arbitrary files to the filesystem by crafting malicious NuGet packages or application bundles.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-36\n- **Attack Vector**: Network\n- **CVSS Score**: 7.5 (High)\n- **Impact**: High Integrity (Arbitrary File Write)\n- **Exploit Status**: Proof of Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Windows x86\n- Windows x64\n- Windows ARM\n- Windows ARM64\n- CI/CD Environments executing vulnerable .NET SDKs\n- **.NET 10.0**: 10.0.0 to 10.0.7 (Fixed in: `10.0.8`)\n- **.NET 9.0**: 9.0.0 to 9.0.15 (Fixed in: `9.0.16`)\n- **.NET 8.0**: 8.0.0 to 8.0.26 (Fixed in: `8.0.27`)\n- **Visual Studio 2026 (v18.5)**: < 18.5.3 (Fixed in: `18.5.3`)\n- **Visual Studio 2022 (v17.14)**: < 17.14.31 (Fixed in: `17.14.31`)\n\n## Mitigation\n\n- Update .NET SDK and Runtimes to the latest available servicing releases.\n- Update all instances of Visual Studio to integrate the patched SDK versions.\n- Implement strict package source mapping to restrict dependency resolution to trusted registries.\n- Recompile and redeploy all existing self-contained applications built with affected .NET versions.\n\n**Remediation Steps:**\n1. Identify all systems running .NET 8.0, 9.0, or 10.0 using inventory management tools.\n2. Execute `dotnet --info` on hosts to determine the current active runtime versions.\n3. Deploy .NET versions 10.0.8, 9.0.16, or 8.0.27 to the affected systems.\n4. Trigger rebuild pipelines for self-contained applications ensuring the CI/CD runners possess the updated SDK.\n5. Validate the patch deployment by re-running the version verification commands.\n\n## References\n\n- [Microsoft Security Response Center Advisory](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32175)\n- [.NET GitHub Announcements](https://github.com/dotnet/announcements/issues/396)\n- [GitHub Security Advisory (GHSA)](https://github.com/dotnet/runtime/security/advisories/GHSA-rg75-q538-x34v)\n- [OSV Entry for GHSA-rg75-q538-x34v](https://osv.dev/vulnerability/GHSA-rg75-q538-x34v)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-32175) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-20T11:20:50.000000Z"} https://vulnerability.circl.lu/sighting/d0ba6592-131e-40d9-b83a-942de007e73a/export Wed, 20 May 2026 11:20:50 +0000 8f9e2008-ecfe-4d37-a837-a6312cac61ff https://vulnerability.circl.lu/sighting/8f9e2008-ecfe-4d37-a837-a6312cac61ff/export {"uuid": "8f9e2008-ecfe-4d37-a837-a6312cac61ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32176", "type": "seen", "source": "https://bsky.app/profile/aws-news.com/post/3mmf62zugzl2n", "content": "Amazon RDS Custom for SQL Server now supports the latest GDR security updates for SQL Server 2019 and 2022, addressing critical vulnerabilities CVE-2026-32167 and CVE-2026-32176.", "creation_timestamp": "2026-05-21T19:35:00.323696Z"} {"uuid": "8f9e2008-ecfe-4d37-a837-a6312cac61ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32176", "type": "seen", "source": "https://bsky.app/profile/aws-news.com/post/3mmf62zugzl2n", "content": "Amazon RDS Custom for SQL Server now supports the latest GDR security updates for SQL Server 2019 and 2022, addressing critical vulnerabilities CVE-2026-32167 and CVE-2026-32176.", "creation_timestamp": "2026-05-21T19:35:00.323696Z"} https://vulnerability.circl.lu/sighting/8f9e2008-ecfe-4d37-a837-a6312cac61ff/export Thu, 21 May 2026 19:35:00 +0000 7bb4a347-01fc-4093-8166-e2561c0d5e42 https://vulnerability.circl.lu/sighting/7bb4a347-01fc-4093-8166-e2561c0d5e42/export {"uuid": "7bb4a347-01fc-4093-8166-e2561c0d5e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32176", "type": "seen", "source": "https://bsky.app/profile/awsrecentnews.bsky.social/post/3mmfa2hi22d2b", "content": "\ud83c\udd95 Amazon RDS Custom now supports GDR updates for Microsoft SQL Server 2019 and 2022, addressing vulnerabilities CVE-2026-32167 and CVE-2026-32176. Upgrade via AWS Management Console, SDK, or CLI. See Amazon RDS Custom User Guide for details.\n\n#AWS #AmazonRdsForSqlServer", "creation_timestamp": "2026-05-21T20:10:28.482791Z"} {"uuid": "7bb4a347-01fc-4093-8166-e2561c0d5e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32176", "type": "seen", "source": "https://bsky.app/profile/awsrecentnews.bsky.social/post/3mmfa2hi22d2b", "content": "\ud83c\udd95 Amazon RDS Custom now supports GDR updates for Microsoft SQL Server 2019 and 2022, addressing vulnerabilities CVE-2026-32167 and CVE-2026-32176. Upgrade via AWS Management Console, SDK, or CLI. See Amazon RDS Custom User Guide for details.\n\n#AWS #AmazonRdsForSqlServer", "creation_timestamp": "2026-05-21T20:10:28.482791Z"} https://vulnerability.circl.lu/sighting/7bb4a347-01fc-4093-8166-e2561c0d5e42/export Thu, 21 May 2026 20:10:28 +0000 c73ebc74-a645-4fe6-ba83-33366ac598e9 https://vulnerability.circl.lu/sighting/c73ebc74-a645-4fe6-ba83-33366ac598e9/export {"uuid": "c73ebc74-a645-4fe6-ba83-33366ac598e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32171", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mn5hzpfirm2i", "content": "\ud83d\udccc CVE-2026-32171 - Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network. https://www.cyberhub.blog/cves/CVE-2026-32171", "creation_timestamp": "2026-05-31T11:37:06.625336Z"} {"uuid": "c73ebc74-a645-4fe6-ba83-33366ac598e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32171", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mn5hzpfirm2i", "content": "\ud83d\udccc CVE-2026-32171 - Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network. https://www.cyberhub.blog/cves/CVE-2026-32171", "creation_timestamp": "2026-05-31T11:37:06.625336Z"} https://vulnerability.circl.lu/sighting/c73ebc74-a645-4fe6-ba83-33366ac598e9/export Sun, 31 May 2026 11:37:06 +0000 eacc5005-6895-4414-89ad-89266739fb2f https://vulnerability.circl.lu/sighting/eacc5005-6895-4414-89ad-89266739fb2f/export {"uuid": "eacc5005-6895-4414-89ad-89266739fb2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32170", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0141", "content": "Microsoft heeft kwetsbaarheden verholpen in Windows. Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Uitvoeren van willekeurige code (root/admin-rechten)\n- Uitvoeren van willekeurige code (gebruikersrechten)\n- Verkrijgen van verhoogde rechten\n- Omzeilen van een beveiligingsmaatregel\n- Toegang tot gevoelige gegevens\n\nDe ernstigste kwetsbaarheden hebben kenmerken CVE-2026-40402, CVE-2026-41089 en CVE-2026-41096 toegewezen gekregen en bevinden zich respectievelijk in Hyper-V, NETLOGON en de DNS Client. De kwetsbaarheid in Hyper-V stelt een geauthenticeerde kwaadwillende in staat om uit de Guest-VM te breken en toegang te krijgen tot geheugen van de host en mogelijk willekeurige code uit te voeren op de host. De kwetsbaarheden in NETLOGON en de DNS Client stellen een ongeauthenticeerde kwaadwillende op afstand in staat om willekeurige code uit te voeren op het kwetsbare systeem.\n\n**Met name Domain Controllers die toegankelijk zijn vanaf externe netwerken lopen een hoog risico voor actief misbruik van de kwetsbaarheid in NETLOGON.**\n\nHet verdient altijd aanbeveling om een systeem met de rol van Domain Controller niet publiek toegankelijk te hebben en, indien dit noodzakelijk is, additionele maatregelen te hebben genomen.\n\n**Update:** Inmiddels wordt door diverse partijen actief misbruik gemeld van CVE-2026-41089, de kwetsbaarheid in NETLOGON.\n\n```\nWindows Projected File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34340 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Application Identity (AppID) Subsystem: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34343 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nUndisclosed: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41095 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40398 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows DNS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41096 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34344 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34345 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35416 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-41088 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33841 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35420 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40369 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Secure Boot: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41097 | 6.70 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Native WiFi Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32161 | 7.50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Kernel-Mode Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40408 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34332 | 8.00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nTelnet Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35423 | 5.40 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Print Spooler Components: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34342 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows SMB Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40410 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Storage Spaces Controller: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35415 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Filtering Platform (WFP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32209 | 4.40 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Volume Manager Extension Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40380 | 6.20 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40377 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33839 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34330 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34331 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34333 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34347 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40403 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35438 | 8.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40402 | 9.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit Control: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32170 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Event Logging Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33834 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Internet Key Exchange (IKE) Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35424 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Netlogon: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41089 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Storport Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34350 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Common Log File System Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40407 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40397 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Cloud Files Mini Filter Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35418 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-33835 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34337 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - ICOMP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33840 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35417 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows GDI: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35421 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-21530 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows TCP/IP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34351 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35422 | 6.50 | Omzeilen van beveiligingsmaatregel | \n| CVE-2026-40399 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40405 | 7.50 | Denial-of-Service | \n| CVE-2026-40406 | 7.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-40414 | 7.40 | Denial-of-Service | \n| CVE-2026-40415 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2026-33837 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34334 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40401 | 6.20 | Denial-of-Service | \n| CVE-2026-40413 | 7.40 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows LDAP - Lightweight Directory Access Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34339 | 5.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-42825 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34338 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40382 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Message Queuing: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34329 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2026-33838 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35419 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-42896 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34336 | 7.80 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Link-Layer Discovery Protocol (LLDP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34341 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\n```", "creation_timestamp": "2026-06-02T09:33:41.000000Z"} {"uuid": "eacc5005-6895-4414-89ad-89266739fb2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32170", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0141", "content": "Microsoft heeft kwetsbaarheden verholpen in Windows. Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Uitvoeren van willekeurige code (root/admin-rechten)\n- Uitvoeren van willekeurige code (gebruikersrechten)\n- Verkrijgen van verhoogde rechten\n- Omzeilen van een beveiligingsmaatregel\n- Toegang tot gevoelige gegevens\n\nDe ernstigste kwetsbaarheden hebben kenmerken CVE-2026-40402, CVE-2026-41089 en CVE-2026-41096 toegewezen gekregen en bevinden zich respectievelijk in Hyper-V, NETLOGON en de DNS Client. De kwetsbaarheid in Hyper-V stelt een geauthenticeerde kwaadwillende in staat om uit de Guest-VM te breken en toegang te krijgen tot geheugen van de host en mogelijk willekeurige code uit te voeren op de host. De kwetsbaarheden in NETLOGON en de DNS Client stellen een ongeauthenticeerde kwaadwillende op afstand in staat om willekeurige code uit te voeren op het kwetsbare systeem.\n\n**Met name Domain Controllers die toegankelijk zijn vanaf externe netwerken lopen een hoog risico voor actief misbruik van de kwetsbaarheid in NETLOGON.**\n\nHet verdient altijd aanbeveling om een systeem met de rol van Domain Controller niet publiek toegankelijk te hebben en, indien dit noodzakelijk is, additionele maatregelen te hebben genomen.\n\n**Update:** Inmiddels wordt door diverse partijen actief misbruik gemeld van CVE-2026-41089, de kwetsbaarheid in NETLOGON.\n\n```\nWindows Projected File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34340 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Application Identity (AppID) Subsystem: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34343 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nUndisclosed: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41095 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40398 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows DNS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41096 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34344 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34345 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35416 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-41088 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33841 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35420 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40369 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Secure Boot: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41097 | 6.70 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Native WiFi Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32161 | 7.50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Kernel-Mode Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40408 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34332 | 8.00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nTelnet Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35423 | 5.40 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Print Spooler Components: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34342 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows SMB Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40410 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Storage Spaces Controller: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35415 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Filtering Platform (WFP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32209 | 4.40 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Volume Manager Extension Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40380 | 6.20 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40377 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33839 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34330 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34331 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34333 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34347 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40403 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35438 | 8.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40402 | 9.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit Control: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32170 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Event Logging Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33834 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Internet Key Exchange (IKE) Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35424 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Netlogon: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41089 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Storport Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34350 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Common Log File System Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40407 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40397 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Cloud Files Mini Filter Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35418 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-33835 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34337 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - ICOMP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33840 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35417 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows GDI: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35421 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-21530 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows TCP/IP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34351 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35422 | 6.50 | Omzeilen van beveiligingsmaatregel | \n| CVE-2026-40399 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40405 | 7.50 | Denial-of-Service | \n| CVE-2026-40406 | 7.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-40414 | 7.40 | Denial-of-Service | \n| CVE-2026-40415 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2026-33837 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34334 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40401 | 6.20 | Denial-of-Service | \n| CVE-2026-40413 | 7.40 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows LDAP - Lightweight Directory Access Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34339 | 5.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-42825 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34338 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40382 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Message Queuing: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34329 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2026-33838 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35419 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-42896 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34336 | 7.80 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Link-Layer Discovery Protocol (LLDP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34341 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\n```", "creation_timestamp": "2026-06-02T09:33:41.000000Z"} https://vulnerability.circl.lu/sighting/eacc5005-6895-4414-89ad-89266739fb2f/export Tue, 02 Jun 2026 09:33:41 +0000