Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33835 (GCVE-0-2026-33835)
Vulnerability from cvelistv5 – Published: 2026-05-12 16:59 – Updated: 2026-05-13 17:58
VLAI?
EPSS
Title
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Summary
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
Impacted products
14 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.8755
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19044.0 , < 10.0.19044.7291
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.7291
(custom)
|
|
| Microsoft | Windows 11 version 22H3 |
Affected:
10.0.22631.0 , < 10.0.22631.7079
(custom)
|
|
| Microsoft | Windows 11 Version 23H2 |
Affected:
10.0.22631.0 , < 10.0.22631.7079
(custom)
|
|
| Microsoft | Windows 11 Version 24H2 |
Affected:
10.0.26100.0 , < 10.0.26100.8457
(custom)
|
|
| Microsoft | Windows 11 Version 25H2 |
Affected:
10.0.26200.0 , < 10.0.26200.8457
(custom)
|
|
| Microsoft | Windows 11 version 26H1 |
Affected:
10.0.28000.0 , < 10.0.28000.2113
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.8755
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.8755
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.5139
(custom)
|
|
| Microsoft | Windows Server 2022, 23H2 Edition (Server Core installation) |
Affected:
10.0.25398.0 , < 10.0.25398.2330
(custom)
|
|
| Microsoft | Windows Server 2025 |
Affected:
10.0.26100.0 , < 10.0.26100.32860
(custom)
|
|
| Microsoft | Windows Server 2025 (Server Core installation) |
Affected:
10.0.26100.0 , < 10.0.26100.32860
(custom)
|
Date Public ?
2026-05-12 14:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33835",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T03:57:06.365111Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T10:06:43.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8755",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.7291",
"status": "affected",
"version": "10.0.19044.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.7291",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 11 version 22H3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.7079",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 11 Version 23H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.7079",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 24H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.8457",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 25H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26200.8457",
"status": "affected",
"version": "10.0.26200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 26H1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.28000.2113",
"status": "affected",
"version": "10.0.28000.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8755",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8755",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.5139",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.2330",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.32860",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.32860",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.8755",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.5139",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.8755",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.8755",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.7291",
"versionStartIncluding": "10.0.19044.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.7291",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.32860",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26200.8457",
"versionStartIncluding": "10.0.26200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.7079",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.8457",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.2330",
"versionStartIncluding": "10.0.25398.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.7079",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.32860",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.28000.2113",
"versionStartIncluding": "10.0.28000.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-05-12T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:58:59.721Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33835"
}
],
"title": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-33835",
"datePublished": "2026-05-12T16:59:09.217Z",
"dateReserved": "2026-03-24T00:52:01.353Z",
"dateUpdated": "2026-05-13T17:58:59.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33835",
"date": "2026-05-13",
"epss": "0.00059",
"percentile": "0.18407"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33835\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2026-05-12T18:17:05.477\",\"lastModified\":\"2026-05-13T15:34:52.573\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33835\",\"source\":\"secure@microsoft.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33835\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-13T03:57:06.365111Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-13T09:59:38.944Z\"}}], \"cna\": {\"title\": \"Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1809\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.8755\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 21H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19044.0\", \"lessThan\": \"10.0.19044.7291\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19045.0\", \"lessThan\": \"10.0.19045.7291\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H3\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.7079\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 23H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.7079\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 24H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.8457\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 25H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26200.0\", \"lessThan\": \"10.0.26200.8457\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 26H1\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.28000.0\", \"lessThan\": \"10.0.28000.2113\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.8755\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.8755\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.20348.0\", \"lessThan\": \"10.0.20348.5139\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022, 23H2 Edition (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.25398.0\", \"lessThan\": \"10.0.25398.2330\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.32860\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.32860\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2026-05-12T14:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33835\", \"name\": \"Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416: Use After Free\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.8755\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.20348.5139\", \"versionStartIncluding\": \"10.0.20348.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.8755\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.8755\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19044.7291\", \"versionStartIncluding\": \"10.0.19044.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19045.7291\", \"versionStartIncluding\": \"10.0.19045.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.32860\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26200.8457\", \"versionStartIncluding\": \"10.0.26200.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.7079\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.8457\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.25398.2330\", \"versionStartIncluding\": \"10.0.25398.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.7079\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.32860\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.28000.2113\", \"versionStartIncluding\": \"10.0.28000.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2026-05-13T17:58:59.721Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33835\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-13T17:58:59.721Z\", \"dateReserved\": \"2026-03-24T00:52:01.353Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2026-05-12T16:59:09.217Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-W4V7-8HGJ-37J2
Vulnerability from github – Published: 2026-05-12 18:30 – Updated: 2026-05-12 18:30
VLAI?
Details
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2026-33835"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T18:17:05Z",
"severity": "HIGH"
},
"details": "Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-w4v7-8hgj-37j2",
"modified": "2026-05-12T18:30:42Z",
"published": "2026-05-12T18:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33835"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33835"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
MSRC_CVE-2026-33835
Vulnerability from csaf_microsoft - Published: 2026-05-12 07:00 - Updated: 2026-05-12 07:00Summary
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Severity
Important
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.
CWE-416
- Use After Free
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Windows 10 Version 1809 for 32-bit Systems 10.0.17763.8755
Windows 10 Version 1809 for 32-bit Systems
|
10.0.17763.8755 | ||
|
Windows 10 Version 1809 for x64-based Systems 10.0.17763.8755
Windows 10 Version 1809 for x64-based Systems
|
10.0.17763.8755 | ||
|
Windows Server 2019 10.0.17763.8755
Windows Server 2019
|
10.0.17763.8755 | ||
|
Windows Server 2019 (Server Core installation) 10.0.17763.8755
Windows Server 2019 (Server Core installation)
|
10.0.17763.8755 | ||
|
Windows Server 2022 10.0.20348.5139
Windows Server 2022
|
10.0.20348.5139 | ||
|
Windows Server 2022 (Server Core installation) 10.0.20348.5139
Windows Server 2022 (Server Core installation)
|
10.0.20348.5139 | ||
|
Windows 10 Version 21H2 for 32-bit Systems 10.0.19044.7291
Windows 10 Version 21H2 for 32-bit Systems
|
10.0.19044.7291 | ||
|
Windows 10 Version 21H2 for ARM64-based Systems 10.0.19044.7291
Windows 10 Version 21H2 for ARM64-based Systems
|
10.0.19044.7291 | ||
|
Windows 10 Version 21H2 for x64-based Systems 10.0.19044.7291
Windows 10 Version 21H2 for x64-based Systems
|
10.0.19044.7291 | ||
|
Windows 10 Version 22H2 for x64-based Systems 10.0.19045.7291
Windows 10 Version 22H2 for x64-based Systems
|
10.0.19045.7291 | ||
|
Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.7291
Windows 10 Version 22H2 for ARM64-based Systems
|
10.0.19045.7291 | ||
|
Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.7291
Windows 10 Version 22H2 for 32-bit Systems
|
10.0.19045.7291 | ||
|
Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.7079
Windows 11 Version 23H2 for ARM64-based Systems
|
10.0.22631.7079 | ||
|
Windows 11 Version 23H2 for x64-based Systems 10.0.22631.7079
Windows 11 Version 23H2 for x64-based Systems
|
10.0.22631.7079 | ||
|
Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.2330
Windows Server 2022, 23H2 Edition (Server Core installation)
|
10.0.25398.2330 | ||
|
Windows 11 Version 24H2 for ARM64-based Systems 10.0.26100.8457
Windows 11 Version 24H2 for ARM64-based Systems
|
10.0.26100.8457 | ||
|
Windows 11 Version 24H2 for x64-based Systems 10.0.26100.8457
Windows 11 Version 24H2 for x64-based Systems
|
10.0.26100.8457 | ||
|
Windows Server 2025 10.0.26100.32860
Windows Server 2025
|
10.0.26100.32860 | ||
|
Windows Server 2025 (Server Core installation) 10.0.26100.32860
Windows Server 2025 (Server Core installation)
|
10.0.26100.32860 | ||
|
Windows 11 Version 25H2 for ARM64-based Systems 10.0.26200.8457
Windows 11 Version 25H2 for ARM64-based Systems
|
10.0.26200.8457 | ||
|
Windows 11 Version 25H2 for x64-based Systems 10.0.26200.8457
Windows 11 Version 25H2 for x64-based Systems
|
10.0.26200.8457 | ||
|
Windows 11 version 26H1 for x64-based Systems 10.0.28000.2113
Windows 11 version 26H1 for x64-based Systems
|
10.0.28000.2113 | ||
|
Windows 11 Version 26H1 for ARM64-based Systems 10.0.28000.2113
Windows 11 Version 26H1 for ARM64-based Systems
|
10.0.28000.2113 |
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Windows 11 Version 26H1 for ARM64-based Systems <10.0.28000.2113
Windows 11 Version 26H1 for ARM64-based Systems
|
<10.0.28000.2113 |
Vendor Fix
fix
|
|
|
Windows 11 version 26H1 for x64-based Systems <10.0.28000.2113
Windows 11 version 26H1 for x64-based Systems
|
<10.0.28000.2113 |
Vendor Fix
fix
|
|
|
Windows 11 Version 25H2 for x64-based Systems <10.0.26200.8457
Windows 11 Version 25H2 for x64-based Systems
|
<10.0.26200.8457 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows 11 Version 25H2 for ARM64-based Systems <10.0.26200.8457
Windows 11 Version 25H2 for ARM64-based Systems
|
<10.0.26200.8457 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2025 (Server Core installation) <10.0.26100.32860
Windows Server 2025 (Server Core installation)
|
<10.0.26100.32860 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2025 <10.0.26100.32860
Windows Server 2025
|
<10.0.26100.32860 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows 11 Version 24H2 for x64-based Systems <10.0.26100.8457
Windows 11 Version 24H2 for x64-based Systems
|
<10.0.26100.8457 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows 11 Version 24H2 for ARM64-based Systems <10.0.26100.8457
Windows 11 Version 24H2 for ARM64-based Systems
|
<10.0.26100.8457 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2022, 23H2 Edition (Server Core installation) <10.0.25398.2330
Windows Server 2022, 23H2 Edition (Server Core installation)
|
<10.0.25398.2330 |
Vendor Fix
fix
|
|
|
Windows 11 Version 23H2 for x64-based Systems <10.0.22631.7079
Windows 11 Version 23H2 for x64-based Systems
|
<10.0.22631.7079 |
Vendor Fix
fix
|
|
|
Windows 11 Version 23H2 for ARM64-based Systems <10.0.22631.7079
Windows 11 Version 23H2 for ARM64-based Systems
|
<10.0.22631.7079 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for 32-bit Systems <10.0.19045.7291
Windows 10 Version 22H2 for 32-bit Systems
|
<10.0.19045.7291 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for ARM64-based Systems <10.0.19045.7291
Windows 10 Version 22H2 for ARM64-based Systems
|
<10.0.19045.7291 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for x64-based Systems <10.0.19045.7291
Windows 10 Version 22H2 for x64-based Systems
|
<10.0.19045.7291 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for x64-based Systems <10.0.19044.7291
Windows 10 Version 21H2 for x64-based Systems
|
<10.0.19044.7291 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for ARM64-based Systems <10.0.19044.7291
Windows 10 Version 21H2 for ARM64-based Systems
|
<10.0.19044.7291 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for 32-bit Systems <10.0.19044.7291
Windows 10 Version 21H2 for 32-bit Systems
|
<10.0.19044.7291 |
Vendor Fix
fix
|
|
|
Windows Server 2022 (Server Core installation) <10.0.20348.5139
Windows Server 2022 (Server Core installation)
|
<10.0.20348.5139 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2022 <10.0.20348.5139
Windows Server 2022
|
<10.0.20348.5139 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2019 (Server Core installation) <10.0.17763.8755
Windows Server 2019 (Server Core installation)
|
<10.0.17763.8755 |
Vendor Fix
fix
|
|
|
Windows Server 2019 <10.0.17763.8755
Windows Server 2019
|
<10.0.17763.8755 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1809 for x64-based Systems <10.0.17763.8755
Windows 10 Version 1809 for x64-based Systems
|
<10.0.17763.8755 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1809 for 32-bit Systems <10.0.17763.8755
Windows 10 Version 1809 for 32-bit Systems
|
<10.0.17763.8755 |
Vendor Fix
fix
|
Threats
Impact
Elevation of Privilege
Exploit Status
Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely
References
7 references
Acknowledgments
<a href="https://x.com/_dez">Joe Desimone</a> with Elastic Security
{
"document": {
"acknowledgments": [
{
"names": [
"\u003ca href=\"https://x.com/_dez\"\u003eJoe Desimone\u003c/a\u003e with Elastic Security"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33835 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33835"
},
{
"category": "self",
"summary": "CVE-2026-33835 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-33835.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability",
"tracking": {
"current_release_date": "2026-05-12T07:00:00.000Z",
"generator": {
"date": "2026-05-12T17:08:13.569Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-33835",
"initial_release_date": "2026-05-12T07:00:00.000Z",
"revision_history": [
{
"date": "2026-05-12T07:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.8755",
"product": {
"name": "Windows Server 2019 \u003c10.0.17763.8755",
"product_id": "21"
}
},
{
"category": "product_version",
"name": "10.0.17763.8755",
"product": {
"name": "Windows Server 2019 10.0.17763.8755",
"product_id": "11571"
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.5139",
"product": {
"name": "Windows Server 2022 \u003c10.0.20348.5139",
"product_id": "19"
}
},
{
"category": "product_version",
"name": "10.0.20348.5139",
"product": {
"name": "Windows Server 2022 10.0.20348.5139",
"product_id": "11923"
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.8755",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems \u003c10.0.17763.8755",
"product_id": "23"
}
},
{
"category": "product_version",
"name": "10.0.17763.8755",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems 10.0.17763.8755",
"product_id": "11568"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.8755",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems \u003c10.0.17763.8755",
"product_id": "22"
}
},
{
"category": "product_version",
"name": "10.0.17763.8755",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems 10.0.17763.8755",
"product_id": "11569"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.5139",
"product": {
"name": "Windows Server 2022 (Server Core installation) \u003c10.0.20348.5139",
"product_id": "18"
}
},
{
"category": "product_version",
"name": "10.0.20348.5139",
"product": {
"name": "Windows Server 2022 (Server Core installation) 10.0.20348.5139",
"product_id": "11924"
}
}
],
"category": "product_name",
"name": "Windows Server 2022 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.8755",
"product": {
"name": "Windows Server 2019 (Server Core installation) \u003c10.0.17763.8755",
"product_id": "20"
}
},
{
"category": "product_version",
"name": "10.0.17763.8755",
"product": {
"name": "Windows Server 2019 (Server Core installation) 10.0.17763.8755",
"product_id": "11572"
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.7291",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems \u003c10.0.19044.7291",
"product_id": "16"
}
},
{
"category": "product_version",
"name": "10.0.19044.7291",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems 10.0.19044.7291",
"product_id": "11930"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.7291",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems \u003c10.0.19044.7291",
"product_id": "17"
}
},
{
"category": "product_version",
"name": "10.0.19044.7291",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems 10.0.19044.7291",
"product_id": "11929"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.7291",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems \u003c10.0.19044.7291",
"product_id": "15"
}
},
{
"category": "product_version",
"name": "10.0.19044.7291",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems 10.0.19044.7291",
"product_id": "11931"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.7291",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems \u003c10.0.19045.7291",
"product_id": "14"
}
},
{
"category": "product_version",
"name": "10.0.19045.7291",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems 10.0.19045.7291",
"product_id": "12097"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.7291",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems \u003c10.0.19045.7291",
"product_id": "13"
}
},
{
"category": "product_version",
"name": "10.0.19045.7291",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.7291",
"product_id": "12098"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.7291",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems \u003c10.0.19045.7291",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "10.0.19045.7291",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.7291",
"product_id": "12099"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.32860",
"product": {
"name": "Windows Server 2025 (Server Core installation) \u003c10.0.26100.32860",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "10.0.26100.32860",
"product": {
"name": "Windows Server 2025 (Server Core installation) 10.0.26100.32860",
"product_id": "12437"
}
}
],
"category": "product_name",
"name": "Windows Server 2025 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26200.8457",
"product": {
"name": "Windows 11 Version 25H2 for ARM64-based Systems \u003c10.0.26200.8457",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "10.0.26200.8457",
"product": {
"name": "Windows 11 Version 25H2 for ARM64-based Systems 10.0.26200.8457",
"product_id": "20437"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.7079",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems \u003c10.0.22631.7079",
"product_id": "11"
}
},
{
"category": "product_version",
"name": "10.0.22631.7079",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.7079",
"product_id": "12242"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26200.8457",
"product": {
"name": "Windows 11 Version 25H2 for x64-based Systems \u003c10.0.26200.8457",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "10.0.26200.8457",
"product": {
"name": "Windows 11 Version 25H2 for x64-based Systems 10.0.26200.8457",
"product_id": "20438"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.8457",
"product": {
"name": "Windows 11 Version 24H2 for ARM64-based Systems \u003c10.0.26100.8457",
"product_id": "8"
}
},
{
"category": "product_version",
"name": "10.0.26100.8457",
"product": {
"name": "Windows 11 Version 24H2 for ARM64-based Systems 10.0.26100.8457",
"product_id": "12389"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.25398.2330",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) \u003c10.0.25398.2330",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "10.0.25398.2330",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.2330",
"product_id": "12244"
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.8457",
"product": {
"name": "Windows 11 Version 24H2 for x64-based Systems \u003c10.0.26100.8457",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "10.0.26100.8457",
"product": {
"name": "Windows 11 Version 24H2 for x64-based Systems 10.0.26100.8457",
"product_id": "12390"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.7079",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems \u003c10.0.22631.7079",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "10.0.22631.7079",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems 10.0.22631.7079",
"product_id": "12243"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.32860",
"product": {
"name": "Windows Server 2025 \u003c10.0.26100.32860",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "10.0.26100.32860",
"product": {
"name": "Windows Server 2025 10.0.26100.32860",
"product_id": "12436"
}
}
],
"category": "product_name",
"name": "Windows Server 2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.28000.2113",
"product": {
"name": "Windows 11 version 26H1 for x64-based Systems \u003c10.0.28000.2113",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "10.0.28000.2113",
"product": {
"name": "Windows 11 version 26H1 for x64-based Systems 10.0.28000.2113",
"product_id": "20853"
}
}
],
"category": "product_name",
"name": "Windows 11 version 26H1 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.28000.2113",
"product": {
"name": "Windows 11 Version 26H1 for ARM64-based Systems \u003c10.0.28000.2113",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "10.0.28000.2113",
"product": {
"name": "Windows 11 Version 26H1 for ARM64-based Systems 10.0.28000.2113",
"product_id": "20854"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 26H1 for ARM64-based Systems"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33835",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.",
"title": "What privileges could be gained by an attacker who successfully exploited this vulnerability?"
}
],
"product_status": {
"fixed": [
"11568",
"11569",
"11571",
"11572",
"11923",
"11924",
"11929",
"11930",
"11931",
"12097",
"12098",
"12099",
"12242",
"12243",
"12244",
"12389",
"12390",
"12436",
"12437",
"20437",
"20438",
"20853",
"20854"
],
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33835 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33835"
},
{
"category": "self",
"summary": "CVE-2026-33835 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-33835.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.17763.8755:Security Update:https://support.microsoft.com/help/5087538",
"product_ids": [
"21",
"23",
"22",
"20"
],
"url": "https://support.microsoft.com/help/5087538"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.20348.5139:Security Update:https://support.microsoft.com/help/5087545",
"product_ids": [
"19",
"18"
],
"url": "https://support.microsoft.com/help/5087545"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.20348.5074:Security Hotpatch Update:https://support.microsoft.com/help/5087424",
"product_ids": [
"19",
"18"
],
"url": "https://support.microsoft.com/help/5087424"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.19044.7291:Security Update:https://support.microsoft.com/help/5087544",
"product_ids": [
"16",
"17",
"15"
],
"url": "https://support.microsoft.com/help/5087544"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.19045.7291:Security Update:https://support.microsoft.com/help/5087544",
"product_ids": [
"14",
"13",
"12"
],
"url": "https://support.microsoft.com/help/5087544"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.26100.32860:Security Update:https://support.microsoft.com/help/5087539",
"product_ids": [
"5",
"6"
],
"url": "https://support.microsoft.com/help/5087539"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.26100.32772:Security Hotpatch Update:https://support.microsoft.com/help/5087423",
"product_ids": [
"5",
"6"
],
"url": "https://support.microsoft.com/help/5087423"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.26200.8457:Security Update:https://support.microsoft.com/help/5089549",
"product_ids": [
"4",
"3"
],
"url": "https://support.microsoft.com/help/5089549"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.26200.8390:Security Hotpatch Update:https://support.microsoft.com/help/5089466",
"product_ids": [
"4",
"3"
],
"url": "https://support.microsoft.com/help/5089466"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.22631.7079:Security Update:https://support.microsoft.com/help/5087420",
"product_ids": [
"11",
"10"
],
"url": "https://support.microsoft.com/help/5087420"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.26100.8457:Security Update:https://support.microsoft.com/help/5089549",
"product_ids": [
"8",
"7"
],
"url": "https://support.microsoft.com/help/5089549"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.26100.8390:Security Hotpatch Update:https://support.microsoft.com/help/5089466",
"product_ids": [
"8",
"7"
],
"url": "https://support.microsoft.com/help/5089466"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.25398.2330:Security Update:https://support.microsoft.com/help/5087541",
"product_ids": [
"9"
],
"url": "https://support.microsoft.com/help/5087541"
},
{
"category": "vendor_fix",
"date": "2026-05-12T07:00:00.000Z",
"details": "10.0.28000.2113:Security Update:https://support.microsoft.com/help/5089548",
"product_ids": [
"2",
"1"
],
"url": "https://support.microsoft.com/help/5089548"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23"
]
}
],
"threats": [
{
"category": "impact",
"details": "Elevation of Privilege"
},
{
"category": "exploit_status",
"details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely"
}
],
"title": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability"
}
]
}
FKIE_CVE-2026-33835
Vulnerability from fkie_nvd - Published: 2026-05-12 18:17 - Updated: 2026-05-13 15:34
Severity ?
Summary
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally."
}
],
"id": "CVE-2026-33835",
"lastModified": "2026-05-13T15:34:52.573",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Primary"
}
]
},
"published": "2026-05-12T18:17:05.477",
"references": [
{
"source": "secure@microsoft.com",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33835"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secure@microsoft.com",
"type": "Primary"
}
]
}
NCSC-2026-0141
Vulnerability from csaf_ncscnl - Published: 2026-05-12 17:52 - Updated: 2026-05-12 17:52Summary
Kwetsbaarheden verholpen in Microsoft Windows
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Microsoft heeft kwetsbaarheden verholpen in Windows.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Uitvoeren van willekeurige code (root/admin-rechten)
- Uitvoeren van willekeurige code (gebruikersrechten)
- Verkrijgen van verhoogde rechten
- Omzeilen van een beveiligingsmaatregel
- Toegang tot gevoelige gegevens
De ernstigste kwetsbaarheden hebben kenmerken CVE-2026-40402, CVE-2026-41089 en CVE-2026-41096 toegewezen gekregen en bevinden zich respectievelijk in Hyper-V, NETLOGON en de DNS Client. De kwetsbaarheid in Hyper-V stelt een geauthenticeerde kwaadwillende in staat om uit de Guest-VM te breken en toegang te krijgen tot geheugen van de host en mogelijk willekeurige code uit te voeren op de host. De kwetsbaarheden in NETLOGON en de DNS Client stellen een ongeauthenticeerde kwaadwillende op afstand in staat om willekeurige code uit te voeren op het kwetsbare systeem.
**Met name Domain Controllers die toegankelijk zijn vanaf externe netwerken lopen een hoog risico voor actief misbruik van de kwetsbaarheid in NETLOGON.**
Het verdient altijd aanbeveling om een systeem met de rol van Domain Controller niet publiek toegankelijk te hebben en, indien dit noodzakelijk is, additionele maatregelen te hebben genomen.
```
Windows Projected File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34340 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Application Identity (AppID) Subsystem:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34343 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Undisclosed:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-41095 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Desktop:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-40398 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Windows DNS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-41096 | 9.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Ancillary Function Driver for WinSock:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34344 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-34345 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-35416 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-41088 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kernel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-33841 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-35420 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-40369 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Secure Boot:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-41097 | 6.70 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Native WiFi Miniport Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-32161 | 7.50 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Kernel-Mode Drivers:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-40408 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-34332 | 8.00 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Telnet Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-35423 | 5.40 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Print Spooler Components:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34342 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows SMB Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-40410 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Storage Spaces Controller:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-35415 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Filtering Platform (WFP):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-32209 | 4.40 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Volume Manager Extension Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-40380 | 6.20 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Cryptographic Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-40377 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Win32K - GRFX:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-33839 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-34330 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-34331 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-34333 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-34347 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-40403 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Admin Center:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-35438 | 8.30 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Hyper-V:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-40402 | 9.30 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Rich Text Edit Control:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-32170 | 6.70 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Event Logging Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-33834 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Internet Key Exchange (IKE) Protocol:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-35424 | 7.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Netlogon:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-41089 | 9.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Storport Miniport Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34350 | 6.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Common Log File System Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-40407 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-40397 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Cloud Files Mini Filter Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-35418 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-33835 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-34337 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Win32K - ICOMP:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-33840 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-35417 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows GDI:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-35421 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Rich Text Edit:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-21530 | 6.70 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows TCP/IP:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34351 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-35422 | 6.50 | Omzeilen van beveiligingsmaatregel |
| CVE-2026-40399 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-40405 | 7.50 | Denial-of-Service |
| CVE-2026-40406 | 7.50 | Toegang tot gevoelige gegevens |
| CVE-2026-40414 | 7.40 | Denial-of-Service |
| CVE-2026-40415 | 8.10 | Uitvoeren van willekeurige code |
| CVE-2026-33837 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-34334 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-40401 | 6.20 | Denial-of-Service |
| CVE-2026-40413 | 7.40 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows LDAP - Lightweight Directory Access Protocol:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34339 | 5.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Telephony Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-42825 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-34338 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-40382 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Message Queuing:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34329 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2026-33838 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows DWM Core Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-35419 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2026-42896 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-34336 | 7.80 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Link-Layer Discovery Protocol (LLDP):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-34341 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
```
Oplossingen: Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Kans: medium
Schade: high
CWE-73: External Control of File Name or Path
CWE-121: Stack-based Buffer Overflow
CWE-122: Heap-based Buffer Overflow
CWE-125: Out-of-bounds Read
CWE-126: Buffer Over-read
CWE-190: Integer Overflow or Wraparound
CWE-191: Integer Underflow (Wrap or Wraparound)
CWE-197: Numeric Truncation Error
CWE-284: Improper Access Control
CWE-288: Authentication Bypass Using an Alternate Path or Channel
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-401: Missing Release of Memory after Effective Lifetime
CWE-415: Double Free
CWE-416: Use After Free
CWE-476: NULL Pointer Dereference
CWE-822: Untrusted Pointer Dereference
CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CWE-862: Missing Authorization
CWE-1329: Reliance on Component That is Not Updateable
A race condition in Windows Print Spooler Components caused by improper synchronization enables an authorized local attacker to elevate privileges.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in the Windows Application Identity (AppID) Subsystem allows an authorized local attacker to elevate privileges.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A type confusion vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges on affected systems.
CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges due to improper synchronization of shared resources.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Win32K GRFX component allows an authorized local attacker to elevate privileges.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition in Windows TCP/IP due to improper synchronization of shared resources allows authorized local attackers to elevate privileges.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An integer overflow vulnerability in the Windows Storage Spaces Controller allows an authorized local attacker to elevate privileges on affected systems.
CWE-190 - Integer Overflow or WraparoundAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A type confusion vulnerability in Windows Win32K - ICOMP allows an authorized local attacker to elevate privileges by accessing resources with incompatible types.
CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Cloud Files Mini Filter Driver allows an authorized local attacker to elevate privileges on affected systems.
CWE-367 - Time-of-check Time-of-use (TOCTOU) Race ConditionAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in the Windows Graphics Device Interface (GDI) enables unauthorized local attackers to execute arbitrary code.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An authentication bypass vulnerability in Windows TCP/IP allows an authorized attacker to circumvent security features by exploiting an alternate path or channel over a network.
CWE-288 - Authentication Bypass Using an Alternate Path or ChannelAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An out-of-bounds read vulnerability in the Telnet Client allows unauthorized attackers to disclose sensitive information over a network, posing a significant security risk.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A memory release flaw after the effective lifetime in the Windows Internet Key Exchange (IKE) Protocol allows unauthorized attackers to cause network denial of service.
CWE-401 - Missing Release of Memory after Effective LifetimeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in Windows Cryptographic Services enables an authorized local attacker to elevate privileges by exploiting memory corruption.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in the Volume Manager Extension Driver enables an authorized attacker with physical access to execute arbitrary code.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A stack-based buffer overflow vulnerability in Windows TCP/IP allows an authorized local attacker to elevate privileges.
CWE-121 - Stack-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows TCP/IP stack allows unauthorized attackers to disclose sensitive information over a network.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in the Windows Common Log File System Driver enables an authorized local attacker to elevate privileges.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in Windows Kernel-Mode Drivers allows an authorized local attacker to elevate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use after free vulnerability in the Windows SMB Client allows an authorized attacker to locally elevate privileges by exploiting improper memory handling.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows TCP/IP stack allows unauthorized remote attackers to execute arbitrary code over a network.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition vulnerability in the Windows Native WiFi Miniport Driver enables unauthorized code execution from an adjacent network, posing a significant security risk.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A double free vulnerability in the Windows Rich Text Edit Control allows an authorized local attacker to elevate privileges on affected systems.
CWE-415 - Double FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Telephony Service allows an authorized local attacker to elevate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Cloud Files Mini Filter Driver allows an authorized local attacker to elevate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in Windows TCP/IP allows an authorized local attacker to elevate privileges by exploiting memory corruption.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A double free vulnerability in Windows Message Queuing allows an authorized local attacker to elevate privileges by exploiting improper memory management.
CWE-415 - Double FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition in Windows TCP/IP due to improper synchronization of shared resources allows authorized local attackers to elevate privileges.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A buffer over-read vulnerability in the Windows DWM Core Library allows an authorized local attacker to disclose sensitive information.
CWE-126 - Buffer Over-readAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Cloud Files Mini Filter Driver allows an authorized local attacker to elevate privileges on affected systems.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Telephony Service allows an authorized local attacker to elevate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in Windows LDAP allows an authorized attacker to cause a local denial of service, impacting system availability.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Projected File System allows an authorized local attacker to elevate privileges by exploiting improper memory handling.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A double free vulnerability in the Windows Link-Layer Discovery Protocol (LLDP) allows an authorized local attacker to elevate privileges on affected systems.
CWE-415 - Double FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Telephony Service allows an authorized local attacker to elevate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An integer underflow vulnerability in the Windows Common Log File System Driver allows an authorized local attacker to elevate privileges on affected systems.
CWE-191 - Integer Underflow (Wrap or Wraparound)Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An improper access control vulnerability in the Windows Filtering Platform (WFP) allows an authorized local attacker to bypass a security feature.
Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in Windows Remote Desktop enables an authorized local attacker to elevate privileges by exploiting memory corruption.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in the Windows Win32K GRFX component allows an authorized local attacker to execute arbitrary code.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A non-updateable component in Windows Secure Boot allows a local authorized attacker to bypass a critical security feature, compromising the integrity of the boot process.
CWE-1329 - Reliance on Component That is Not UpdateableAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in Windows TCP/IP allows an unauthorized attacker on an adjacent network to cause a denial of service condition.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in Windows TCP/IP stack allows an unauthorized local attacker to cause a denial of service by crashing the system.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in Windows TCP/IP allows an unauthorized attacker on an adjacent network to cause a denial of service condition.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in the Windows Kernel enables an authorized local attacker to elevate privileges by exploiting memory corruption.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A stack-based buffer overflow vulnerability in Windows Netlogon enables unauthorized remote code execution over a network.
9.8 (Critical)
Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use after free vulnerability in Data Deduplication allows an authorized local attacker to elevate privileges by exploiting improper memory management.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in the Windows Kernel enables an authorized local attacker to elevate privileges by exploiting memory corruption.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges by externally controlling file names or paths.
CWE-73 - External Control of File Name or PathAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in Windows Hyper-V allows an unauthorized local attacker to elevate privileges within the affected system.
9.3 (Critical)
Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Win32K ICOMP component enables an authorized local attacker to elevate privileges.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in the Windows Storport Miniport Driver enables unauthorized attackers to cause a denial of service over a network.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An out-of-bounds read vulnerability in the Windows DWM Core Library allows an authorized local attacker to disclose sensitive information by reading memory beyond intended boundaries.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in Windows TCP/IP allows an unauthorized attacker to cause a denial of service over a network.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in Microsoft Windows DNS allows unauthorized remote code execution over a network.
9.8 (Critical)
Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An integer overflow vulnerability in the Windows DWM Core Library allows an authorized local attacker to elevate privileges on affected systems.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in Windows Kernel-Mode Drivers allows an authorized attacker to remotely execute code over a network, posing significant security risks.
CWE-416 - Use After FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An untrusted pointer dereference vulnerability in the Windows Kernel enables an authorized attacker to locally elevate privileges by exploiting improper pointer validation.
CWE-822 - Untrusted Pointer DereferenceAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A missing authorization vulnerability in Windows Admin Center enables an authorized attacker to elevate privileges remotely over a network.
CWE-862 - Missing AuthorizationAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A double free vulnerability in Windows Rich Text Edit allows an authorized local attacker to elevate privileges by exploiting improper memory management.
CWE-415 - Double FreeAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An improper access control vulnerability in the Windows Event Logging Service allows an authorized local attacker to elevate their privileges.
Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition in the Windows Win32K GRFX component caused by improper synchronization of shared resources enables an authorized local attacker to elevate privileges.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in Windows Message Queuing enables unauthorized attackers to execute arbitrary code over an adjacent network.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An integer overflow or wraparound vulnerability in the Windows Win32K GRFX component allows an authorized local attacker to elevate privileges.
CWE-190 - Integer Overflow or WraparoundAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition in the Windows Win32K GRFX component caused by improper synchronization of shared resources allows an authorized local attacker to elevate privileges.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Win32K GRFX component allows an authorized local attacker to elevate privileges.
CWE-190 - Integer Overflow or WraparoundAffected products
Known affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Admin Center
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
References
66 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Microsoft heeft kwetsbaarheden verholpen in Windows.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Uitvoeren van willekeurige code (root/admin-rechten)\n- Uitvoeren van willekeurige code (gebruikersrechten)\n- Verkrijgen van verhoogde rechten\n- Omzeilen van een beveiligingsmaatregel\n- Toegang tot gevoelige gegevens\n\nDe ernstigste kwetsbaarheden hebben kenmerken CVE-2026-40402, CVE-2026-41089 en CVE-2026-41096 toegewezen gekregen en bevinden zich respectievelijk in Hyper-V, NETLOGON en de DNS Client. De kwetsbaarheid in Hyper-V stelt een geauthenticeerde kwaadwillende in staat om uit de Guest-VM te breken en toegang te krijgen tot geheugen van de host en mogelijk willekeurige code uit te voeren op de host. De kwetsbaarheden in NETLOGON en de DNS Client stellen een ongeauthenticeerde kwaadwillende op afstand in staat om willekeurige code uit te voeren op het kwetsbare systeem.\n\n**Met name Domain Controllers die toegankelijk zijn vanaf externe netwerken lopen een hoog risico voor actief misbruik van de kwetsbaarheid in NETLOGON.**\n\nHet verdient altijd aanbeveling om een systeem met de rol van Domain Controller niet publiek toegankelijk te hebben en, indien dit noodzakelijk is, additionele maatregelen te hebben genomen.\n\n```\nWindows Projected File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34340 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Application Identity (AppID) Subsystem: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34343 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nUndisclosed: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41095 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40398 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows DNS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41096 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34344 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34345 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35416 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-41088 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33841 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35420 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40369 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Secure Boot: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41097 | 6.70 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Native WiFi Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32161 | 7.50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Kernel-Mode Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40408 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34332 | 8.00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nTelnet Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35423 | 5.40 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Print Spooler Components: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34342 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows SMB Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40410 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Storage Spaces Controller: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35415 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Filtering Platform (WFP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32209 | 4.40 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Volume Manager Extension Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40380 | 6.20 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40377 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33839 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34330 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34331 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34333 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34347 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40403 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35438 | 8.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40402 | 9.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit Control: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32170 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Event Logging Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33834 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Internet Key Exchange (IKE) Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35424 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Netlogon: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41089 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Storport Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34350 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Common Log File System Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40407 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40397 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Cloud Files Mini Filter Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35418 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-33835 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34337 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - ICOMP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33840 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35417 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows GDI: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35421 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-21530 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows TCP/IP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34351 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35422 | 6.50 | Omzeilen van beveiligingsmaatregel | \n| CVE-2026-40399 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40405 | 7.50 | Denial-of-Service | \n| CVE-2026-40406 | 7.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-40414 | 7.40 | Denial-of-Service | \n| CVE-2026-40415 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2026-33837 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34334 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40401 | 6.20 | Denial-of-Service | \n| CVE-2026-40413 | 7.40 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows LDAP - Lightweight Directory Access Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34339 | 5.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-42825 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34338 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40382 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Message Queuing: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34329 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2026-33838 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35419 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-42896 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34336 | 7.80 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Link-Layer Discovery Protocol (LLDP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34341 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\n```",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Authentication Bypass Using an Alternate Path or Channel",
"title": "CWE-288"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "Reliance on Component That is Not Updateable",
"title": "CWE-1329"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheden verholpen in Microsoft Windows",
"tracking": {
"current_release_date": "2026-05-12T17:52:42.410761Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0141",
"initial_release_date": "2026-05-12T17:52:42.410761Z",
"revision_history": [
{
"date": "2026-05-12T17:52:42.410761Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-13"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-14"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-15"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-16"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-17"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 26H1 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-18"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 26H1 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-19"
}
}
],
"category": "product_name",
"name": "Windows 11 version 26H1 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-20"
}
}
],
"category": "product_name",
"name": "Windows Admin Center"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-21"
}
}
],
"category": "product_name",
"name": "Windows Server 2012"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-22"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-23"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-24"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-25"
}
}
],
"category": "product_name",
"name": "Windows Server 2016"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-26"
}
}
],
"category": "product_name",
"name": "Windows Server 2016 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-27"
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-28"
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-29"
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-30"
}
}
],
"category": "product_name",
"name": "Windows Server 2022 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-31"
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-32"
}
}
],
"category": "product_name",
"name": "Windows Server 2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-33"
}
}
],
"category": "product_name",
"name": "Windows Server 2025 (Server Core installation)"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34342",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in Windows Print Spooler Components caused by improper synchronization enables an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34342 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34342.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34342"
},
{
"cve": "CVE-2026-34343",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows Application Identity (AppID) Subsystem allows an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34343 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34343.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34343"
},
{
"cve": "CVE-2026-34344",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "description",
"text": "A type confusion vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34344 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34344.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34344"
},
{
"cve": "CVE-2026-34345",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges due to improper synchronization of shared resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34345 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34345.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34345"
},
{
"cve": "CVE-2026-34347",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Win32K GRFX component allows an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34347 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34347.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34347"
},
{
"cve": "CVE-2026-34351",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in Windows TCP/IP due to improper synchronization of shared resources allows authorized local attackers to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34351 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34351.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34351"
},
{
"cve": "CVE-2026-35415",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "An integer overflow vulnerability in the Windows Storage Spaces Controller allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35415 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35415.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35415"
},
{
"cve": "CVE-2026-35416",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35416 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35416.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35416"
},
{
"cve": "CVE-2026-35417",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "description",
"text": "A type confusion vulnerability in Windows Win32K - ICOMP allows an authorized local attacker to elevate privileges by accessing resources with incompatible types.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35417 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35417.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35417"
},
{
"cve": "CVE-2026-35418",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Cloud Files Mini Filter Driver allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35418 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35418.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35418"
},
{
"cve": "CVE-2026-35421",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows Graphics Device Interface (GDI) enables unauthorized local attackers to execute arbitrary code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35421 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35421.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35421"
},
{
"cve": "CVE-2026-35422",
"cwe": {
"id": "CWE-288",
"name": "Authentication Bypass Using an Alternate Path or Channel"
},
"notes": [
{
"category": "other",
"text": "Authentication Bypass Using an Alternate Path or Channel",
"title": "CWE-288"
},
{
"category": "description",
"text": "An authentication bypass vulnerability in Windows TCP/IP allows an authorized attacker to circumvent security features by exploiting an alternate path or channel over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35422 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35422.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35422"
},
{
"cve": "CVE-2026-35423",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in the Telnet Client allows unauthorized attackers to disclose sensitive information over a network, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35423 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35423.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35423"
},
{
"cve": "CVE-2026-35424",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "description",
"text": "A memory release flaw after the effective lifetime in the Windows Internet Key Exchange (IKE) Protocol allows unauthorized attackers to cause network denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35424 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35424.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35424"
},
{
"cve": "CVE-2026-40377",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Windows Cryptographic Services enables an authorized local attacker to elevate privileges by exploiting memory corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40377 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40377.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40377"
},
{
"cve": "CVE-2026-40380",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Volume Manager Extension Driver enables an authorized attacker with physical access to execute arbitrary code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40380 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40380.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40380"
},
{
"cve": "CVE-2026-40399",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability in Windows TCP/IP allows an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40399 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40399.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40399"
},
{
"cve": "CVE-2026-40406",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows TCP/IP stack allows unauthorized attackers to disclose sensitive information over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40406 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40406.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40406"
},
{
"cve": "CVE-2026-40407",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows Common Log File System Driver enables an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40407 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40407.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40407"
},
{
"cve": "CVE-2026-40408",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Windows Kernel-Mode Drivers allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40408 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40408.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40408"
},
{
"cve": "CVE-2026-40410",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use after free vulnerability in the Windows SMB Client allows an authorized attacker to locally elevate privileges by exploiting improper memory handling.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40410 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40410.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40410"
},
{
"cve": "CVE-2026-40415",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows TCP/IP stack allows unauthorized remote attackers to execute arbitrary code over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40415 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40415.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40415"
},
{
"cve": "CVE-2026-32161",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition vulnerability in the Windows Native WiFi Miniport Driver enables unauthorized code execution from an adjacent network, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-32161 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32161.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-32161"
},
{
"cve": "CVE-2026-32170",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "description",
"text": "A double free vulnerability in the Windows Rich Text Edit Control allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-32170 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32170.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-32170"
},
{
"cve": "CVE-2026-42825",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Telephony Service allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-42825 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-42825.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-42825"
},
{
"cve": "CVE-2026-33835",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Cloud Files Mini Filter Driver allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33835 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33835.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-33835"
},
{
"cve": "CVE-2026-33837",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Windows TCP/IP allows an authorized local attacker to elevate privileges by exploiting memory corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33837 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33837.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-33837"
},
{
"cve": "CVE-2026-33838",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "description",
"text": "A double free vulnerability in Windows Message Queuing allows an authorized local attacker to elevate privileges by exploiting improper memory management.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33838 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33838.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-33838"
},
{
"cve": "CVE-2026-34334",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in Windows TCP/IP due to improper synchronization of shared resources allows authorized local attackers to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34334 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34334.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34334"
},
{
"cve": "CVE-2026-34336",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "description",
"text": "A buffer over-read vulnerability in the Windows DWM Core Library allows an authorized local attacker to disclose sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34336 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34336.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34336"
},
{
"cve": "CVE-2026-34337",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Cloud Files Mini Filter Driver allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34337 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34337"
},
{
"cve": "CVE-2026-34338",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Telephony Service allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34338 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34338.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34338"
},
{
"cve": "CVE-2026-34339",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in Windows LDAP allows an authorized attacker to cause a local denial of service, impacting system availability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34339 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34339.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34339"
},
{
"cve": "CVE-2026-34340",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Projected File System allows an authorized local attacker to elevate privileges by exploiting improper memory handling.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34340 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34340.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34340"
},
{
"cve": "CVE-2026-34341",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "description",
"text": "A double free vulnerability in the Windows Link-Layer Discovery Protocol (LLDP) allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34341 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34341.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34341"
},
{
"cve": "CVE-2026-40382",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Telephony Service allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40382 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40382.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40382"
},
{
"cve": "CVE-2026-40397",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "description",
"text": "An integer underflow vulnerability in the Windows Common Log File System Driver allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40397 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40397.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40397"
},
{
"cve": "CVE-2026-32209",
"notes": [
{
"category": "description",
"text": "An improper access control vulnerability in the Windows Filtering Platform (WFP) allows an authorized local attacker to bypass a security feature.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-32209 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-32209.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-32209"
},
{
"cve": "CVE-2026-40398",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Windows Remote Desktop enables an authorized local attacker to elevate privileges by exploiting memory corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40398 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40398.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40398"
},
{
"cve": "CVE-2026-40403",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows Win32K GRFX component allows an authorized local attacker to execute arbitrary code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40403 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40403.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40403"
},
{
"cve": "CVE-2026-41097",
"cwe": {
"id": "CWE-1329",
"name": "Reliance on Component That is Not Updateable"
},
"notes": [
{
"category": "other",
"text": "Reliance on Component That is Not Updateable",
"title": "CWE-1329"
},
{
"category": "description",
"text": "A non-updateable component in Windows Secure Boot allows a local authorized attacker to bypass a critical security feature, compromising the integrity of the boot process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-41097 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-41097.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-41097"
},
{
"cve": "CVE-2026-40414",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in Windows TCP/IP allows an unauthorized attacker on an adjacent network to cause a denial of service condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40414 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40414.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40414"
},
{
"cve": "CVE-2026-40401",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in Windows TCP/IP stack allows an unauthorized local attacker to cause a denial of service by crashing the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40401 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40401.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40401"
},
{
"cve": "CVE-2026-40413",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in Windows TCP/IP allows an unauthorized attacker on an adjacent network to cause a denial of service condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40413 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40413.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40413"
},
{
"cve": "CVE-2026-35420",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows Kernel enables an authorized local attacker to elevate privileges by exploiting memory corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35420 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35420.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35420"
},
{
"cve": "CVE-2026-41089",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability in Windows Netlogon enables unauthorized remote code execution over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-41089 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-41089.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-41089"
},
{
"cve": "CVE-2026-41095",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use after free vulnerability in Data Deduplication allows an authorized local attacker to elevate privileges by exploiting improper memory management.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-41095 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-41095.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-41095"
},
{
"cve": "CVE-2026-33841",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows Kernel enables an authorized local attacker to elevate privileges by exploiting memory corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33841 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33841.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-33841"
},
{
"cve": "CVE-2026-41088",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "description",
"text": "A vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges by externally controlling file names or paths.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-41088 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-41088.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-41088"
},
{
"cve": "CVE-2026-40402",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Windows Hyper-V allows an unauthorized local attacker to elevate privileges within the affected system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40402 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40402.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40402"
},
{
"cve": "CVE-2026-33840",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Win32K ICOMP component enables an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33840 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33840.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-33840"
},
{
"cve": "CVE-2026-34350",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in the Windows Storport Miniport Driver enables unauthorized attackers to cause a denial of service over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34350 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34350.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34350"
},
{
"cve": "CVE-2026-35419",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in the Windows DWM Core Library allows an authorized local attacker to disclose sensitive information by reading memory beyond intended boundaries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35419 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35419.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35419"
},
{
"cve": "CVE-2026-40405",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in Windows TCP/IP allows an unauthorized attacker to cause a denial of service over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40405 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40405.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40405"
},
{
"cve": "CVE-2026-41096",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Microsoft Windows DNS allows unauthorized remote code execution over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-41096 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-41096.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-41096"
},
{
"cve": "CVE-2026-42896",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "An integer overflow vulnerability in the Windows DWM Core Library allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-42896 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-42896.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-42896"
},
{
"cve": "CVE-2026-34332",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Windows Kernel-Mode Drivers allows an authorized attacker to remotely execute code over a network, posing significant security risks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34332 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34332.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34332"
},
{
"cve": "CVE-2026-40369",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "description",
"text": "An untrusted pointer dereference vulnerability in the Windows Kernel enables an authorized attacker to locally elevate privileges by exploiting improper pointer validation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-40369 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-40369.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-40369"
},
{
"cve": "CVE-2026-35438",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "description",
"text": "A missing authorization vulnerability in Windows Admin Center enables an authorized attacker to elevate privileges remotely over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-35438 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-35438.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-35438"
},
{
"cve": "CVE-2026-21530",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "description",
"text": "A double free vulnerability in Windows Rich Text Edit allows an authorized local attacker to elevate privileges by exploiting improper memory management.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21530 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21530.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-21530"
},
{
"cve": "CVE-2026-33834",
"notes": [
{
"category": "description",
"text": "An improper access control vulnerability in the Windows Event Logging Service allows an authorized local attacker to elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33834 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33834.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-33834"
},
{
"cve": "CVE-2026-33839",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in the Windows Win32K GRFX component caused by improper synchronization of shared resources enables an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33839 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33839.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-33839"
},
{
"cve": "CVE-2026-34329",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Windows Message Queuing enables unauthorized attackers to execute arbitrary code over an adjacent network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34329 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34329.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34329"
},
{
"cve": "CVE-2026-34330",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "An integer overflow or wraparound vulnerability in the Windows Win32K GRFX component allows an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34330 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34330.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34330"
},
{
"cve": "CVE-2026-34331",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition in the Windows Win32K GRFX component caused by improper synchronization of shared resources allows an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34331 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34331.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34331"
},
{
"cve": "CVE-2026-34333",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Win32K GRFX component allows an authorized local attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34333 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34333.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33"
]
}
],
"title": "CVE-2026-34333"
}
]
}
CERTFR-2026-AVI-0585
Vulnerability from certfr_avis - Published: 2026-05-13 - Updated: 2026-05-13
De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Windows Server 2012 R2 versions antérieures à 6.3.9600.23181 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.7291 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.7291 | ||
| Microsoft | N/A | Windows Admin Center in Azure Portal versions antérieures à 2.6.7 | ||
| Microsoft | N/A | Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.8390 | ||
| Microsoft | N/A | Windows Admin Center versions antérieures à 2.6.5.16 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.7079 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.9140 | ||
| Microsoft | N/A | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.8755 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.7291 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.7291 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.9140 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.7291 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.7291 | ||
| Microsoft | N/A | Windows 11 Version 26H1 pour systèmes x64 versions antérieures à 10.0.28000.2113 | ||
| Microsoft | N/A | Windows Server 2016 versions antérieures à 10.0.14393.9140 | ||
| Microsoft | N/A | Windows Server 2019 versions antérieures à 10.0.17763.8755 | ||
| Microsoft | N/A | Windows 11 Version 25H2 pour systèmes ARM64 versions antérieures à 10.0.26200.8457 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.7079 | ||
| Microsoft | N/A | Windows 11 Version 26H1 pour systèmes ARM64 versions antérieures à 10.0.28000.2113 | ||
| Microsoft | N/A | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.5139 | ||
| Microsoft | N/A | Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.2330 | ||
| Microsoft | N/A | Windows Server 2022 versions antérieures à 10.0.20348.5139 | ||
| Microsoft | N/A | Windows Server 2025 versions antérieures à 10.0.26100.32860 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.8755 | ||
| Microsoft | N/A | Windows 11 Version 25H2 pour systèmes x64 versions antérieures à 10.0.26200.8457 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.8755 | ||
| Microsoft | N/A | Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.8390 | ||
| Microsoft | N/A | Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.32860 | ||
| Microsoft | N/A | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.9140 | ||
| Microsoft | N/A | Windows Server 2012 versions antérieures à 6.2.9200.26079 | ||
| Microsoft | N/A | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.23181 | ||
| Microsoft | N/A | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.26079 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.23181",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.7291",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.7291",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Admin Center in Azure Portal versions ant\u00e9rieures \u00e0 2.6.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.8390",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Admin Center versions ant\u00e9rieures \u00e0 2.6.5.16",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.7079",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.9140",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.8755",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.7291",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.7291",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.9140",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.7291",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.7291",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 26H1 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.28000.2113",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.9140",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.8755",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26200.8457",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.7079",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 26H1 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.28000.2113",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.5139",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.2330",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.5139",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.32860",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.8755",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26200.8457",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.8755",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.8390",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.32860",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.9140",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.26079",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.23181",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.26079",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-34342",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34342"
},
{
"name": "CVE-2026-32209",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32209"
},
{
"name": "CVE-2026-40397",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40397"
},
{
"name": "CVE-2026-35419",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35419"
},
{
"name": "CVE-2026-41089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41089"
},
{
"name": "CVE-2026-40401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40401"
},
{
"name": "CVE-2026-35438",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35438"
},
{
"name": "CVE-2026-40377",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40377"
},
{
"name": "CVE-2026-40380",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40380"
},
{
"name": "CVE-2026-40402",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40402"
},
{
"name": "CVE-2026-34345",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34345"
},
{
"name": "CVE-2026-33837",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33837"
},
{
"name": "CVE-2026-32175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32175"
},
{
"name": "CVE-2026-40405",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40405"
},
{
"name": "CVE-2026-34338",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34338"
},
{
"name": "CVE-2026-34331",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34331"
},
{
"name": "CVE-2026-34343",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34343"
},
{
"name": "CVE-2026-40369",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40369"
},
{
"name": "CVE-2026-35420",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35420"
},
{
"name": "CVE-2026-34337",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34337"
},
{
"name": "CVE-2026-35433",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35433"
},
{
"name": "CVE-2026-32170",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32170"
},
{
"name": "CVE-2026-34341",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34341"
},
{
"name": "CVE-2026-34351",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34351"
},
{
"name": "CVE-2026-34340",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34340"
},
{
"name": "CVE-2026-34344",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34344"
},
{
"name": "CVE-2026-35424",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35424"
},
{
"name": "CVE-2026-34329",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34329"
},
{
"name": "CVE-2026-40382",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40382"
},
{
"name": "CVE-2026-40408",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40408"
},
{
"name": "CVE-2026-42896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42896"
},
{
"name": "CVE-2026-35422",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35422"
},
{
"name": "CVE-2026-40415",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40415"
},
{
"name": "CVE-2026-35418",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35418"
},
{
"name": "CVE-2026-35423",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35423"
},
{
"name": "CVE-2026-42899",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42899"
},
{
"name": "CVE-2026-41097",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41097"
},
{
"name": "CVE-2026-35417",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35417"
},
{
"name": "CVE-2026-41086",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41086"
},
{
"name": "CVE-2026-34330",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34330"
},
{
"name": "CVE-2026-32177",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32177"
},
{
"name": "CVE-2026-40407",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40407"
},
{
"name": "CVE-2026-32161",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32161"
},
{
"name": "CVE-2026-34334",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34334"
},
{
"name": "CVE-2026-33834",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33834"
},
{
"name": "CVE-2026-34332",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34332"
},
{
"name": "CVE-2026-40413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40413"
},
{
"name": "CVE-2026-41096",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41096"
},
{
"name": "CVE-2025-54518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54518"
},
{
"name": "CVE-2026-34333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34333"
},
{
"name": "CVE-2026-21530",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21530"
},
{
"name": "CVE-2026-33838",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33838"
},
{
"name": "CVE-2026-34347",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34347"
},
{
"name": "CVE-2026-34339",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34339"
},
{
"name": "CVE-2026-42825",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42825"
},
{
"name": "CVE-2026-40398",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40398"
},
{
"name": "CVE-2026-35415",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35415"
},
{
"name": "CVE-2026-33840",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33840"
},
{
"name": "CVE-2026-41088",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41088"
},
{
"name": "CVE-2026-40410",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40410"
},
{
"name": "CVE-2026-35421",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35421"
},
{
"name": "CVE-2026-40406",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40406"
},
{
"name": "CVE-2026-33841",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33841"
},
{
"name": "CVE-2026-33835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33835"
},
{
"name": "CVE-2026-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40403"
},
{
"name": "CVE-2026-40399",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40399"
},
{
"name": "CVE-2026-34350",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34350"
},
{
"name": "CVE-2026-40414",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40414"
},
{
"name": "CVE-2026-41095",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41095"
},
{
"name": "CVE-2026-33839",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33839"
},
{
"name": "CVE-2026-35416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35416"
},
{
"name": "CVE-2026-34336",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34336"
}
],
"initial_release_date": "2026-05-13T00:00:00",
"last_revision_date": "2026-05-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0585",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40407",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40407"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35418",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35418"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34345",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34345"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-32209",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32209"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35422",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35422"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34330",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34330"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-32170",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32170"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34350",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34350"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40401",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40401"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35415",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35415"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40415",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40415"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40397",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40397"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34333",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34333"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40406",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40406"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34339",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34339"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34334",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34334"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-41088",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41088"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35419",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35419"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34332",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34332"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34351",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34351"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34329",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34329"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42896",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42896"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2025-54518",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54518"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40398",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40398"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35438",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35438"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35421",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35421"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-33834",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33834"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35416",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35416"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-41086",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41086"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40382",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40382"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40410",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40410"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35433",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35433"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34338",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34338"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34342",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34342"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-32177",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32177"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35420",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35420"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-33838",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33838"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-41089",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-33840",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33840"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40408",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40408"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35423",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35423"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-32161",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32161"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34343",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34343"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40402",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40402"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34336",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34336"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35424",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35424"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40405",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40405"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42899",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42899"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40377",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40377"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-33835",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33835"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40399",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40399"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34337",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34337"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40380",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40380"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-35417",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-35417"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34340",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34340"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40414",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40414"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-33839",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33839"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-41095",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41095"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-41097",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41097"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34331",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34331"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-32175",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32175"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-33841",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33841"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40369",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40369"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40403",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40403"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-41096",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34347",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34347"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-40413",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40413"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-42825",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42825"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-33837",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33837"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34341",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34341"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-34344",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34344"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-21530",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21530"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…